cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question
Admin
Admin

Managing Unsupported Gateways with Check Point R80.10

You may have noticed when creating a new gateway object on an R80.10 management console that you can create a gateway going back to version R70:

This seems to contradict the R80.10 Release Notes:

Does managing older gateways work? Turns out, it should, with a couple of caveats:

  • If this is a fresh installation of R80.10, or if you've upgraded your Internal CA to a SHA-256 key, the oldest version of Security Gateway that you can manage is R71. This is because older gateway versions do not support SHA-256 certificates for the Internal CA (ICA). Refer to: SHA-1 and SHA-256 certificates in Check Point Internal CA (ICA) 
  • While it may technically work, managing gateway versions prior to R75.20 is still unsupported.

At a future date, options for managing these unsupported products will be removed.

Labels (1)
5 Replies

Re: Managing Unsupported Gateways with Check Point R80.10

IMHO, Check Point should push non-supported older versions out much more aggressively. Considering all versions below R77.30 are now out of support, only only makes sense to cut off old and obsolete R75 and downwards. people on the field had almost a decade to upgrade, or even more than that, in case of R70

0 Kudos
Admin
Admin

Re: Managing Unsupported Gateways with Check Point R80.10

R70 came out in 2009, so not quite 10 years Smiley Happy

As noted, the plan is to completely remove support for these older gateways in the future.

0 Kudos

Re: Managing Unsupported Gateways with Check Point R80.10

Right. This changes everything 🙂

Admin
Admin

Re: Managing Unsupported Gateways with Check Point R80.10

Think of it as windows XP that even though Microsoft decided justifiably to end support there are still millions who didn't upgrade (we say it in wannacry;)

0 Kudos

Re: Managing Unsupported Gateways with Check Point R80.10

microsoft never pushed customers to upgrade with maintenance plans and software subscriptions. CP does it actively. Unsupported GWs are just that, unsupported. There is no justifiable case to have a 10 year old security device, unless you live in a cave

0 Kudos