Hello everyone,

I'm running a full scale Checkpoint Sandblast Threat Emulation environment, the environemnt Is running on-prem.
The environment bestands of,

2x Security Gateways, standard cluster functionality with Active/Passive.
Blades active --> Anti-Virus & Threat Emulation

2x Sandblast Threat Emulation Appliances (setup as Multi Private Cloud)
Blades active --> Threat Emulation

1x Management Server

The Security Gateways intercepts API traffic from internal applications, I'm using the Threat Prevention API to send in files for either Anti-Virus or Threat Emulation. Depends on the file size. 

The Security Gateways Is either analyzing files through "static analysis" or sends them for "remote" emulation against the Threat Emulation Appliances. This Is not configurable, ML involved here with the choice.

The environment runs,
R81.20
JFH Take 120

Now to my question. According to sk173494.
The Threat Emulation Appliances Is now R82 ready! 

Is there anyone else that sits on a similiar setup and have enrolled R82 in their environment?
Any news related to Threat Emulation or the Threat Prevention API?

Read some about the new ElasticXL functionality. Is that something that maybe I can benefit from? Since I now have Active/Passive. The neighbour usually blows "air". And the cache tables are not even synced inbetween the Security Gateways.

Thankful for answers.

Thanks!