Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
HeikoAnkenbrand
Champion Champion
Champion
Jump to solution

R80.20 Early Availability Program?

Is there an EA R80.20 program for partners and customers?

 

Regards

Heiko

➜ CCSM Elite, CCME, CCTE
1 Solution

Accepted Solutions
HeikoAnkenbrand
Champion Champion
Champion

I once sent an email to the EA team to find out how it works.

 

The right way is:

To register to the EA program, please fill the R80.20 questionnaire and I will get back to you after reviewing it.

 

Thanks to Or Giat EA Engineer and Jozko.

 

Regards

Heiko

➜ CCSM Elite, CCME, CCTE

View solution in original post

12 Replies
AlekseiShelepov
Advisor

Yes, there is.

HeikoAnkenbrand
Champion Champion
Champion

Do you have a link to the Check Point R80.20 EA page?

I found nothing in the partner portal.

Regards

Heiko

➜ CCSM Elite, CCME, CCTE
HeikoAnkenbrand
Champion Champion
Champion

Okay, I'll write an e-mail:

EA_SUPPORT@checkpoint.com

Regards

Heiko

➜ CCSM Elite, CCME, CCTE
AlekseiShelepov
Advisor

It doesn't show me anything on Early Availability Programs page too. I am not involved into this EA program. so the best option is to write to ea_support email as you did

There is this Article on Habrahabr (in Russian mostly) from a partner, which explicitly says that there is an EA program.

There is an EA program for the new kernel version, which should be included in new software release, as far as I know.

There is this thread - https://community.checkpoint.com/people/npoul9ab1752a-c2b8-463d-b0d8-1cb5d8f2e500/blog/2017/11/23/do...  

  • R80.20 EA
  • Dates - Starting from mid-December 2017

I heard from Check Point employees some time ago that an EA program has started.

There is some "evidence" Smiley Happy in this comment of Dameon Welch Abernathy, and you can see a list of planned features for EA there that I posted.

Dameon Welch Abernathy on 13-Mar-2018 17:51

There will be an EA program for R80.20 for sure.

I would recommend contacting your Check Point SE for details.

There is a planned event  June TechTalk: R80.20 Demo 

PhoneBoy
Admin
Admin

The public EA page only lists EAs that are public.

The EAs we have so far related to R80.20 are private ones.

JozkoMrkvicka
Mentor
Mentor

Really ? I found only "CPEA-EVAL-E80.82", which is not Gaia R80.20.

EDIT: Found something, but this is just survey.

Kind regards,
Jozko Mrkvicka
HeikoAnkenbrand
Champion Champion
Champion

This is the new VPN Client and not the firewall R80.20.

I am need GAIA R80.20 EA Gateway, Management and Win10 DashBoard.

THX

➜ CCSM Elite, CCME, CCTE
RickLin
Advisor
Advisor

Right now still at private EA stage , not public EA stage.

When public EA stage coming(depends on RD), you can see it in the EA program page.

HeikoAnkenbrand
Champion Champion
Champion

I once sent an email to the EA team to find out how it works.

 

The right way is:

To register to the EA program, please fill the R80.20 questionnaire and I will get back to you after reviewing it.

 

Thanks to Or Giat EA Engineer and Jozko.

 

Regards

Heiko

➜ CCSM Elite, CCME, CCTE
JozkoMrkvicka
Mentor
Mentor

Hi guys,

Just found that there is Check Point R80.20 - Public Early Availability Program available for testing !

What’s New in R80.20

 Acceleration

 

·         With Falcon Acceleration Cards:

·         NGFW/NGTP/NGTX - supports higher throughput with maximum security by implementing Deep Inspection acceleration

·         HTTPS Inspection acceleration - supports higher throughput of HTTPS traffic

·         Firewall only acceleration - low-latency for Firewall only traffic, high packet and session rates

·         VSX and QoS support

 

·         Additional software enhancements:

·         HTTPS Inspection performance improvements

·         Session rate improvements on high-end appliances (including 2012 appliances and 13000 and above appliances)

·         Acceleration is enabled during policy installation

 Threat Prevention

·         Threat Prevention Indicators (IoC) API

o    Management API support for Threat Prevention Indicators (IoC)

o    Add, delete, and view indicators through the management API

·         Threat Prevention Layers

o    Support layer sharing within Threat Prevention policy

o    Support setting different administrator permissions per Threat Prevention layer

·         MTA (Mail Transfer Agent)

o    MTA monitoring:

§  E-mails history views and statistics, current e-mails queue status and actions performed on e-mails in queue

·         MTA configuration enhancements:

§  Setting a next-hop server by domain name

§  Stripping or neutralizing malicious links from e-mails

§  Adding a customized text to a malicious e-mail's body or subject

§  Malicious e-mail tagging using an X-header

§  Sending a copy of the malicious e-mail

·         ICAP

·         ICAP server support on a Security Gateway to consult with Threat Emulation and Anti-Virus Deep Scan whether a file is malicious

·         Threat Emulation

o    SmartConsole support for multiple Threat Emulation Private Cloud Appliances

o    SmartConsole support for Blocking files types in archives

 Identity Awareness

·         Identity Tags support the use of tags defined by an external source to enforce users, groups or machines in Access Roles matching

·         Identity Collector support for Syslog Messages - ability to extract identities from syslog notifications

·         Identity Collector support for NetIQ eDirectory LDAP Servers

·         Improved Transparent Kerberos SSO Authentication for Identity Agent

·         Two Factor Authentication for Browser-Based Authentication (support for RADIUS challenge/response in Captive Portal and RSA SecurID next Token/Next PIN mode)

·         New configuration container for Terminal Servers Identity Agents

·         Ability to use an Identity Awareness Security Gateway as a proxy to connect to the Active Directory environment, if SmartConsole has no connectivity to the Active Directory environment and the gateway does

·         Active Directory cross-forest trust support for Identity Agent

·         Identity Agent automatic reconnection to prioritized PDP gateways

·         Additional filter options for identity collector - "FilterperSecurity Gateway" and "Filter by domain"

·         Improvements and stability fixes related to Identity Collector and Web-API

Mirror and Decrypt

·         Decryption and clone of HTTP and HTTPS traffic

·         Forwarding traffic to a designated interface for mirroring purposes

Hardware Security Module (HSM)

·         Enhancement of outbound HTTPS Inspection with a Gemalto SafeNet HSM Appliance

·         SSL keys are stored when using HTTPS Inspection

 

Clustering

 

·         Sync redundancy support (over bond interface)

·         Automatic CCP mode (either Unicast, Multicast or Broadcast mode)

·         Unicast CCP mode

·         Enhanced state and failover monitoring capabilities

·         OSPFv3 (IPv6) clustering support

·         New cluster commands in Gaia Clish

 Advanced Routing

·         Allow AS-in-count

·         IPv6 MD5 for BGP

·         IPv6 Dynamic Routing in ClusterXL

·         IPv4 and IPv6 OSPF multiple instances

·         Bidirectional Forwarding Detection (BFD) for gateways and VSX, including IP Reachability detection and BFD Multihop

Access Policy

·         New Wildcard Network object supported in Access Control policy

·         Simplified management of Network objects in a security policy

·         HTTPS Inspection now works in conjunction with HTTPS web sites categorization. HTTPS traffic that is bypassed will be categorized.

·         Rule Base performance improvements, for enhanced rule base navigation and scrolling

·         Global VPN Communities. Previously supported in R77.30. 

Security Management

·         Upgraded Linux kernel (3.10)

·         Additional support for Open Servers hardware

·         New file system (xfs)

o    More than 2TB support per a single storage device

o    Enlarged systems storage (up to 48T tested)

·         I/O related performance improvements

·         Support of new system tools for debugging, monitoring and configuring the system

o    iotop (provides I/O runtime stats

o    lsusb (provides information about all devices connected to USB)

o    lshw (provides detailed information about all HW)

o    lsscsi (provides information about storage)

o    ps (new version, more counters)

o    top (new version, more counters)

o    iostat (new version, more counters)

·         Multiple simultaneous sessions in SmartConsole - One administrator can publish or discard several SmartConsole private sessions, independently of the other sessions.

·         Integration with a Syslog server (previously supported in R77.30) - A Syslog server object can be configured in SmartConsole to send logs to a Syslog server.

 

SmartProvisioning

 

·         Integration with SmartProvisioning (previously supported in R77.30)

·         Support for the 1400 series appliances

·         Administrators can now use SmartProvisioning in parallel with SmartConsole

vSEC Controller Enhancements

·         Integration with Google Cloud Platform

·         Integration with Cisco ISE

·         Automatic license management with the vSEC Central Licensing utility

·         Monitoring capabilities integrated into SmartView

·         vSEC Controller support for 41000, 44000, 61000, and 64000 Scalable Platforms

Endpoint Security Server

Managing features that are included in R77.30.03:

·         Management of new blades:

o    SandBlast Agent Anti-Bot

o    SandBlast Agent Threat Emulation and Anti-Exploit

o    SandBlast Agent Forensics and Anti-Ransomware

o    Capsule Docs

·         New features in existing blades:

o    Full Disk Encryption

§  Offline Mode

§  Self Help Portal

§   XTS-AES Encryption

§  New options for the Trusted Platform Module (TPM)

§  New options for managing Pre-Boot Users

·         Media Encryption and Port Protection

§  New options to configure encrypted container

§  Optical Media Scan

·         Anti-Malware

§   Web Protection

§   Advanced Disinfection

Additional Enhancements

·         HTTPS Inspection support for IPv6 traffic

·         Additional cipher suites support for HTTPS inspection

·         Improvements in policy installation performance on R80.10 and higher gateways with IPS

·         Network defined by routes - gateway's topology is automatically configured based on routing

·         IPS Domain Purge on Security Management Server - IPS update packages are saved for 30 days, older packages are purged.

·         SmartConsole Extensions – an open API platform for extending Smart Console with third-party and in-house tools and features.

·         Compressed snapshots - reduced system snapshot size.

Kind regards,
Jozko Mrkvicka
PhoneBoy
Admin
Admin

I announced that here: Check Point R80.20 Production and Public EA

Also, my version of the feature table is more complete and should be a bit easier to read Smiley Happy

_Val_
Admin
Admin
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events