Check Point Quantum R82 has been released !

Great news!

We’ll probably be doing some R82 events in the near future…stay tuned!

@PhoneBoy Im specially interested in https inspection, so many new cool features.

Andy

Great news !!!!!

Time to test and advance our ccc script for R82:
ccc - Common Check Point Commands - Check Point CheckMates

Awesome, the R82 is a game changer for Check Point firewalls. Hopefully the SMB series get the firmware update sooner than later, they're stuck with R81.10.

@sarshar We do plan to release an R82-based version of the SMB firmware.
I don't believe the timeline has been finalized, though.

@Danny Will test it as soon as I build R82 standalone. I had distributed lab before, but had to do some PAN and Fortinet labs, so had to be wiped out : - (

Andy

Been waiting for a long time, guess its time to make a few new videos 🙂

@Magnus-Holmberg Yes sir!

Just something to keep in mind. I saw in my lab I had old smart console for R82 (from EA days) and it was build 850 and when trying to open the logs, it would show smartlog is not active, though smartlog_settings file looked exactly like in R81.20, just R82 code. So I decided to uninstall R82 EA console, install new one from web UI and all worked fine. Btw @Hen_Hertz , any clue when first jumbo hotfix might be available?

Best,

Andy

Hi @the_rock,

Thank you for your feedbacks ! very appreciated.  
About first jumbo hotfix - we still don't have ETA, we'll keep you posted. 

Best Regards,

Hen. 

@Hen_Hertz Thank you!

Andy

Wonderful news! Any ETA on the CloudGuard for Private Cloud images? sk158292.

EDIT: These have been released now and are available within sk158292.

EDIT2:

I just deployed the VMware ESXi R82 OVA images from sk158292.

The OVA images now use VMware Paravirtual Controller (PVSCSI), yet the documentation acts like this is not supported by saying "VMware specific controllers, like the VMware Paravirtualised (Paravirtual) SCSI Controller are not supported or seen by the Gaia operating system.". ref sk104848.

sk104848 also claims us to use "RedHat Enterprise Linux version 7 (64-bit)" when deploying on VMware ESXi. The images from sk158292 are also using RedHat Enterprise Linux version 7 (64-bit). But according to Red Hat, the only version using 4.18 kernel is RedHat Enterprise Linux version 8 (64-bit). The correct version to choose should be RedHat Enterprise Linux version 8(64-bit), and not RedHat Enterprise Linux version 7 (64-bit)?

UEFI is working, but still no word if this is considered "supported" by Check Point. ISOmorphic even has an option for using UEFI when deploying on appliances. Can't see why UEFI wouldn't be supported on virtual machines running on VMware ESXi or Windows Hyper-V.

I suspect this is simply the documentation being out-of-date?

Im glad to see this is now default bypass rule, as other vendors have had this for a long time, because it makes total sense these things should be exempted from ssl inspection.

Andy

According to Support Life Cycle Policy, there is no R82 release mentioned and none of devices support R82.

Also wondering if Check Point is going to make a statement regarding UEFI support on vSEC/VEN/CloudGuard Network for Private Cloud? This worked perfectly fine with R81.20, but none of the SKs regarding VMware mentions support for UEFI. The SK regarding Hyper-V still mentions Gen.2 as "unsupported" even though this is also working just fine since R81.20 as the only thing that made Gen.2 impossible was the UEFI requirement, but as UEFI is working since R81.20, you are now able to utilise Gen.2 on Hyper-V perfectly fine.

Will Check Point re-evaluate and re-update all these various vSEC/VEN/CloudGuard Network for Private Cloud documentations? VMware Paravirtual Controller (PVSCSI) has also been working for some time now. Yet the documentation for VMware optimisation still claims "Paravirtual Controller are not supported or seen by the operating system.".

With the release of R82, I hope all of this can get re-evaluated and updated. I cant see any reason why Check Point should keep recommending the user of LSI Parallel over VMware PVSCSI, when PVSCSI is working. Same with recommending Gen.1 on Hyper-V over Gen.2, when Gen.2 is working. Judging by how the documentation still claims the use of VMware Paravirtual Controller will result in the disk not being viewable by the operating system, and how this is simply false and out-of-date information, it looks like the information being provided is simply out-of-date, and not basing the information provided on R81.20/R82?

One thing I also find really impressive is time it takes to install the policy...Ok, I know its just my lab and I only have about 15 rules, but still, 10 seconds is blazing fast 🙂

Andy

Hi @JozkoMrkvicka 

R82 will be supported for 4 years. The Support life cycle SK will be updated during next week with all relevant info.

Thanks

Merav Alon

I just checked the HCL and there are no Open Servers that are supported for R82.

Same for Virtual Machines.

What is the plan for those, including Public Cloud (Azure, AWS and GCP)?

https://www.checkpoint.com/support-services/hcl/

[EDIT]

CloudGuard images uploaded last night. 

https://aws.amazon.com/marketplace/pp/prodview-eqq52wje3qy5e

[END]

Thanks,

Don

Do we know when Smart-1 Cloud will be updated, especially hoping the limitation of only a single Smartconsole application session from a single IP is resolved, big issue from my view.

It has no issue when you stream Smartconsole b.t.w.

If R82 will be supported for 4 years, can we expect to see certification of R82 extended for the same period as that would make a huge difference to companies and individuals that need certifications.

Hi @Don_Paterson 

Regarding the HCL - thank you or pointing this. 

I've sent this to the relevant owners. 

@the_rock  Ahh that was my Smartlog issue. I was troubleshooting but could not find the issue until I spotted your post. Forgot I also had the EA version of Smartconsole installed. Good to know!

Thanks.

@tjoll Glad we can help mate.

Andy

Hi @genisis__ 

Regarding upgrading Smart-1 Cloud to R82: it's work in progress. This is a gradual process and we will complete upgrading all tenants in the upcoming weeks 🙂

Regarding the single SmartConsole - this is actually not related to a specific version, currently I don't have ETA for that and hopefully we will be able to address it in the future. I do want to emphasize, however, that it's possible to make many types of changes (but not all) to the policy and objects directly from the browser within the Smart-1 Cloud application (under the Security Policy tabs). This feature actually embeds the web SmartConsole into the Portal, which gives a slick, fast and cool experience. Another option is to use the "Streamed SmartConsole" (can be found under the Settings tab).

Thanks for the update Eran,  things can only get better!

Hello,

are there any plans you could share about an updated VSX Specialist R82 (CCVS) including VSNext?

I will need to do some additional certification to renew my old ones in Q2/2025 and figured it might be worth waiting for this.

Kind regards, Arne

Hi @Arne_Boettger 

In April I asked the Training and Education department about CCVS because of the significant changes in VSX (and also the R81.10 EOS date of July 2025. The current CCVS is based on R81.10).

They are prioritising the CCVS R82 course development.

Normally CCSA and CCSE are the highest priority and the first courses to be updated after a new major release goes GA.

That is the same case here but CCVS R82 is scheduled to be updated at the same time, with more or less the same priority by the sounds of it.

So it is a priority this time. And it should be a good one.

I think that Q2 2025 is a good time frame for that exam (I would say toward the end of Q2 (is my guess)).

Q1 would be worrying because you never know about course development time and also exams are always released after the courses are released. At least a couple of weeks but can be up to 2 months in some cases.

I know that there has already been a lot of work put into the R82 CCSA and CCSE development before the R82 GA date came around.

Keep an eye out for announcements in early 2025 (again, my guess).

You can subscribe to here: https://community.checkpoint.com/t5/Training-and-Certification/bd-p/training-and-certification and it will all probably be announced there.

As always you can check here: https://training-certifications.checkpoint.com/#/

and here: https://www.pearsonvue.com/us/en/checkpoint.html 

for the latest courses, exams, news and specials.

If you are looking for another extension Specialist exam (learning experience), and it is relevant, then I would highly recommend the CTPS course and exam (Threat Prevention Specialist R81.20 (CTPS)).

https://training-certifications.checkpoint.com/#/courses/Threat%20Prevention%20Specialist%20R81.20%2...

Regards,

Don