This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
PhoneBoy
Admin
Admin
‎2025-12-10 09:08 AM

What's New In R82.10 December 2025: Video, Slides, and Q&A

Q&A and slides below the video.

When will R82.10 be released as GA?

Released on 29 December 2025 via https://support.checkpoint.com/results/sk/sk183506 

We run SecureXL in kernel mode on R81.20. How does that relate to “R82.10 release features an upgraded OS based on LINUX 5.14 and runs exclusively in UPPAK mode” to add on to this, when will DoS, QoS and all other features be ported to UPPAK?

PPAK (a.k.a. Performance Pack) is another name for SecureXL. Historically, this has run in kernel mode (KPPAK), though we started implementing this in userspace (UPPAK). In R82.10, UPPAK will be the only mode supported. All features not supported in UPPAK on earlier releases are expected to be supported in R82.10.

If we are running Legacy VSX and use virtual Switches, has throughput improved which the new kernel version update?

This issue should be addressed in R82 JHF and is expected to be in R82.10.

The new 39xx Appliance are ARM based and already come with R82.10. Will there still be separate installer for x86 and ARM based appliances or will everything be unified?

Separate installers, yes, however the underlying code is exactly the same. 

What is the false positive rate for Anti-Phishing?

There are very few FP in Zero Phishing, mainly because it’s not only uses reputation feeds to determine website’s maliciousness, but doing live rendering and emulation of the website as well, in addition to using Check Point’s multiple URLX prevention engines.

Does the antiphishing inspection without HTTPS confined to the email only, or any other communication channels, such as Slack and WhatsApp?

Zero Phishing blade works in the gateway for website browsing.
email anti phishing is done in HEC (Harmony Email and Collaboration)

SNI is not a reliable information, or?

We take additional steps to verify the SNI, as described in sk163594.

Isn't SNI dead? I thought more and more websites were no longer supporting it over privacy concerns.

SNI is still widely used. That said, we're are working on other methods that will not even need SNI.

Can you not use the same SNI inspection method to understand the APPs inspection?

We use multiple ways to fingerprint an application. SNI, DNS, known IPs, caching and many more. When we introduced SD-WAN we enahced application detection to be on the first SYN packet.

We have an environment running without https inspection. Is there an idiots guide on how to get https inspection up and running on R82?

Yes, under R82 Admin guide, there is a section for “Getting Started with HTTPS Inspection”
https://sc1.checkpoint.com/documents/R82/WebAdminGuides/EN/CP_R82_SecurityManagement_AdminGuide/Cont...

See also our Deep Dive session on HTTPS Inspection: https://community.checkpoint.com/t5/CheckMates-Events/Americas-Deep-Dive-HTTPS-Inspection-Best-Pract... 

How about using JA4 fingerprinting to see if its malicious traffic ?

We are exploring multiple ways to detect malicious traffic without decrypting the content.

Does IPS insights require Infinity connectivity ? or just SmartConsole?

To activate it does require infinity services, however the day to day operation is via SmartConsole.

How is "anti-phishing" with SNI different to the existing SNI based https categorisation (which has a phishing category already)?

HTTPS Categorization uses the URL Filtering database, which is less threat focused. Anti-Phising using ThreatCloud AI as the backend.

What about ERM evidence? You can apply remediation directly or you need integration with Veriti?

ERM recommendations will appear in Threat Prevention Insights. Admins can chose to accept the recommendation. It will not be applied automatically.

Is VSNext with ElasticXL in the new 82.10 release for the new Check Point 3920 ARM?

Yes, VSnext and ElasticXL are supported on 3900 models with this release.

How policy insights will work for autonomous threat prevention?

As of now, Threat Prevention Insight is relevant for the traditional TP configuration, not for autonomous.

Will Policy Insights work when Mgmt is on r82.10 and gateways not at r82.10?

Threat Prevention Insight will work with MGMT on R82.10 and on all GW releases (that can be mangaed byR82.10 MGMT), there are some insights that are version depdent but most are relevant for all.

For TP insights- ERM tab: The customer needs to purchase Check Point ERM, correct?

Yes, that is correct

How do you know where the asset is exposed with the ERM integration (whitch firewall)?

The firewall is aware of the ERM scans and communicates back to the ERM system. We added special tagging to identify which firewall was the one protecting the asset that was scanned

Do you need an ERM license in order to integrate with R82.10 dashaboard?

Yes

How will adaptive IPS changes be audited?

Two main options, part of TP Insight or a dedicated dashboard created for Adaptive IPS.

What is the difference between adaptive IPS & bypass on load?

Adaptive IPS is per signature and also considers the actual traffic and policy. The bypass under load is more blunt -- it disables IPS all together on any signature.

Does DNS over TLS need HTTPS Inspection?

Yes, it requires HTTPS Inspection.

Will you be able to inspect prompts to copilot inline since copilot use websocket?

We are able to inspect Web Socket Secure with Gen AI Protect.

Regarding AI protection with JavaScript browser injection: Does it work only with browsers, or will it work with applications?

It will work with applications as well.

With Content Awareness with AI tools are protection too?

AI tools used via MCP are now being presented. We are adding visibility and control in R82.10

Will GenAI Protect for Quantum support genai desktop apps also?

Yes, we plan to support desktop applications as well?

Will GenAI Protect work with isolated browsers like Island.io?

Not for the Browser plug-in, but for GenAI protect on the gateway.

What about the visibility of GenAI Protect on Quantum gateways? We had good visibility on harmony browse- will we have similar views in SmartEvent?

Yes, we plan to have the same visibility when using GenAI Protect in Quantum as well.

I assume its UserCheck to generate the onscreen prompts that can be tailored?

If you are refering to GenAI Protect, yes it is via usercheck.

Will SD-WAN and ISP Redundancy co-exist in R82.10?

ISPR and SD-WAN ultimately do the same thing (steer traffic) and are not designed to operate together.

Do Identity scaling capabilities require only on PDP on R82.10 or also on the PEP GWs?

You can change PDP only

License requirements for mentioned features?

Topic

Notes

GenAI Protect for Quantum & CloudGuard Network

JHF in 2026  (Sign up / Questions via EA alias)

DL-Quantum-Gen-AI-EA-Program@checkpoint.com

Infinity Identity

Requires ‘Premium’ Package Security Management License

Threat Prevention Insights

Requires ‘Complete’ Package Security Management License

Phishing Protection without HTTPS Inspection

Requires SandBlast license (SNBT/NGTX software package)

Unified Internet Access Policy for SASE & Firewalls

Currently in EA
https://support.checkpoint.com/results/sk/sk183058
Preview file
3812 KB
(2)
9 Replies
the_rock
MVP Diamond
MVP Diamond
‎2025-12-10 09:40 AM

Excellent session.

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos
the_rock
MVP Diamond
MVP Diamond
‎2025-12-10 12:24 PM

By the way, pdf file you attached also shows virus scan in progress, cant open it : - (

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos
PhoneBoy
Admin
Admin
‎2025-12-10 03:16 PM
In response to the_rock

This is a problem with all newly uploaded attachments on the community at current...should be fixed soon.

(1)
the_rock
MVP Diamond
MVP Diamond
‎2025-12-10 03:18 PM
In response to PhoneBoy

I thought it was me the other day, but then I saw others having same issue.

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos
the_rock
MVP Diamond
MVP Diamond
‎2025-12-10 04:21 PM
In response to PhoneBoy

woohoo, looks like all fixed now! 

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos
Alex-
MVP Silver
MVP Silver
‎2025-12-10 09:51 PM

Great session, lots of enthusiasm and energy. @PhoneBoy keeps looking younger at each webinar. 😉

(1)
the_rock
MVP Diamond
MVP Diamond
‎2025-12-11 03:27 AM
In response to Alex-

Amazing webinar, lots of super useful info!

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos
PhoneBoy
Admin
Admin
‎2025-12-11 01:42 PM
In response to Alex-

I've always been young at heart. 😜

(1)
the_rock
MVP Diamond
MVP Diamond
‎2025-12-11 01:56 PM
In response to PhoneBoy

Truth be told, thats what MATTERS 🙂

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events