Congratulations to our cyber heroes for 2024:
Here are our raffle winners:
- Sean Boggess from United States
- Yuniet Diaz from Canada
- Monique Grünrock from Germany
- Antoine Perrault from France
- Detlef Mletzkofrom Germany
- Conrad Kodecki from Canada
- Paul Drake from United States
- Oscar Andersson from Sweden
- Zarir Irani from United States
Are there any plans to integrate SDWAN policies in On Prem SMS / SmartConsole?
SD-WAN configuration / visibility and orchestration is implemented in the cloud, it is fully in sych with On Prem/Cloud SMS to utilized shared constructs. We plan to further simplify configuration and operation experience.
Is there any road map for Enterprise Browser security part of SASE technology?
We will have more to say about this topic during CPX 2025.
Any plans to bring R81.20 or R82 to SMB gateways the next time?
Yes, Spark gateways will run R82 later this year, for which we have already started private EA testing for.
How we can defend from phishing and ransomware attack?
From the network side, our SNBT (sandblast) package provides everything you need to be protected from these vectors. Other products of Check Point, who are connected to ThreatCloud AI, such as Harmony SASE, Endpoint, Browse, Email and more, will provide similar level of security for ransomware and phishing.
I use XDR and I love it so much. What are some of the next things in the roadmap for it?
There are many new things we work on for XDR/XPR. Some of them we've released in last two weeks such as the 'Prevention Center' providing overall view of the XDR/XPR prevention value, 'Assets' view showing all devices and Identities that are visible to the XDR, and a 'Threat Topology Map' which provide visibility into connections between the different incidents, IOCs and artifacts. there are more but I'm limited in the size of this reply 😉
Do you have plans to implement a fully dlp solution within infinity like dlp agent within sase or a dspm which can replace the existing legacy dlp solutions?
This is being done with Harmony Endpoint today, either as a separate add on or as part of the Harmony Endpoint Elite package.
Will Playblocks allow you to create user defined automated reponses in the future?
Yes, coming this year! Will be shown in CPX
The expansion of Web SmartConsole is great. When, exactly, will we see full feature parity with the fat client?
It's hard to commit to full feature parity, because there are a lot of old features that very few customers are using. However, we are planning to expand our investment in Web SmartConsole in 2025 and hope to have really good coverage by the end of the year!
Is there any plan for integrating more API calls or commands for capturing more information to ease more operational work?
As new features and functionality are added to the product, we also add the relevant APIs to work with it. In addition, we are working to add API support for features that do not currently have it.
Are there any plans to unify the Gaia maintrain and the Gaia embedded OS where we have one Check Point OS across all appliances?
Yes, we’re definitely looking into it.
Are there still plans to develop a tool for a seamless migration from ClusterXL clusters to R82 ElasticXL clusters? This is going to drive the customer adoption of ElasticXL and migrations to R82.
Yes, the migration tools for VS Next and EXL are coming soon
What upcoming integrations or features are planned for Maestro Hyperscale Network Security and Virtual System Extension (VSX) to improve scalability, performance, and ease of management in complex, multi-tenant environments?
VSNext released in R82 significantly improve scalability and ease of management of Virtual Systems environment
In addition Maestro upgrade was improved in R82.
I saw ElasticXL in R82, however, I’d like to know if, over time, ClusterXL will disappear?
Over time we believe that most customers will move to ElasticXL but we do not plan to move customers automatically to EXL in the near future, so customers will still be able to use ClusterXL.
How about IP exceptions for Playblocks? We have that requirement on several rules.
Playblocks already supports a list of excluded IPs that will be "protected" from being blocked by Playblocks security automations. This is useful for legitimate servers that might have false positives, or just critical servers that you want to make sure won't be blocked.
Will the playbooks be integrated with existing SOAR solutions directly to their marketplaces?
Playblocks is fully "API first", so you can invoke automations or specific actions. We don't have out-of-the-box integration into SOAR marketplaces, but we know of multiple customers that have already integrated it via APIs.
What are the best practices for optimizing the performance of Check Point gateways in high-traffic environments without compromising security?
There is a lot of information and presentations about tuning the performance of the gateway without compromising the security on Checkmates Just check this one : https://community.checkpoint.com/t5/General-Topics/High-Performance-Gateways-and-Tuning/td-p/33076
Is there an SDWAN equivalent solution that Check Point offers?
Sure! Check out https://www.checkpoint.com/quantum/sd-wan/
How have R81.20 and R82 improved unified management for large-scale deployments, and what are the key differences in managing on-premises and cloud environments?
We've continuously scaled up the number of gateways that can be managed by a single Management. Right now with latest JHF on R81.20 or R82, that stands at 500. These numbers are valid for Smart-1 Cloud and for on-prem management deployments.
With multi-domain, you can scale it up even further.
Beyond the scale support, we've improved UX and various flows such as deploying JHF or upgrading many gateways in bulk, more APIs, ...
Managing CloudGuard Network Security gateways are very similar to on-prem gateways. They have the extra feature of auto-scaling with the CME (which is really cool).
Smart-1 Cloud is very similar to on-prem and runs the same versions. One difference for large scale, is that Smart-1 Cloud does not support multi-domain.
How do R81.20 and R82 enhance advanced threat prevention capabilities, such as sandboxing, anti-phishing, and anti-ransomware?
R81.20 and R82 enhance advanced threat prevention capabilities—like sandboxing, anti-phishing, and anti-ransomware—through AI-powered technologies from ThreatCloud AI. In 2024, we introduced 6 new AI engines, increasing the total to 55 AI engines (95 including traditional ones). These engines provide seamless integration and deliver unmatched protection against evolving threats.
What new API functionalities are introduced in R81.20 and R82?
There's actually a long list 🙂
The easiest way is to look at the API change log:
https://sc1.checkpoint.com/documents/latest/APIs/#cli/changelog~v2%20
What advancements in SSL/TLS inspection are included in R81.20 and R82?
Performance and also usability significantly improved in R82
You can watch the checkmates R82 TLS Inspection Enhancements here
https://community.checkpoint.com/t5/Management/Deep-Dive-on-the-latest-R82-TLS-Inspection-Enhancemen...
