Reposting an answer from one of my colleagues:
Check Point Gaia is a hardened OS and intended for access by qualified and trained administrators only using strong authentication methods. They should also be installed in physically secure locations that are accessible only to trusted and authorized employees (R82 adds 2FA in Gaia)
Additionally all Check Point management traffic is strongly secured by SIC, providing confidentiality, integrity and MUTUAL authentication to management protocols over the network.
Assuming that these mitigating controls have been followed, the likelihood of malicious tampering is all but eliminated. This makes technical controls, like disk encryption, risky as such technologies could make things like RMA, troubleshooting, etc. much more difficult and time-consuming.