Create a Post
Showing results for 
Search instead for 
Did you mean: 

Checkpoint and the Linux kernel

Hello all,

I was wondering if someone can point me to some article about the way Checkpoint uses the Linux kernel. Kernel 3.10 is presented as something new, however it was released in june 2013 and declared EOL in 2017, no patches for security vulnerabilities are created anymore by the kernel community. I expect Checkpoint modifies the code heavily, but still, vulnerabilities are detected all the time, and how do they keep up with reality?


3 Replies

The kernel we use in Gaia comes with different versions of Red Hat Enterprise Linux.

  • The 2.6.18 kernel comes with RHEL 5 and is still receiving extended support from Red Hat.
  • The 3.10 kernel comes with RHEL 7 and is in production support from Red Hat.

This is obviously a different level of support from the what the Linux kernel team delivers.

Bottom line: the kernels, while older, are fully supported.

It's a lot easier to keep up with potential security vulnerabilities on a stripped-down, hardened OS.

Most of the modifications we make to the kernel and userspace packages are with this in mind.

At this time the following kernel available for Open Server:

3.10 kernel for HP DL 360/380 G10 >>>  At this time only G10 server suppots kernel 3.10 for gateways. As I understood it, more Open Servers should follow with R80.20 in the near future.

2.6.18 kernel for all other Open Server in HCL 

More see here: 




It should also be noted that the new Smart-1 525, 5050, and 5150 boxes require the use of the 3.10 kernel due to their hardware.  However if you still want to run R80.10 on them there is a special backported version of R80.10 that uses the 3.10 kernel here:

sk120453: Smart-1 525 , 5050 and 5150


CheckMates Break Out Sessions Speaker

CPX 2019 Las Vegas & Vienna - Tuesday@13:30

New 2021 IPS/AV/ABOT Immersion Self-Guided Video Series
now available at