Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 

R80.20 Security Gateway with new Gaia based on kernel 3.10 is GA for CloudGuard and HP Gen10 !

Alexander_Kim
Employee Alumnus
Employee Alumnus
10 33 16.4K

Hi, all.

 

Great news for our Cloud Guard and Open Servers customers : R80.20 Security Gateway with new Gaia based on kernel 3.10 is a GO !

 

We have completed the certification of public cloud (AWS and Azure) and new HP Gen10 Open Servers platforms.

 

The image will be available in Azure and AWS in a few days.

 

Performance improvement on kernel 3.10 based CloudGuard environments is ~300% comparing to current CloudGuard numbers !

 

We now support latest Gen10 HP servers as R80.20 gateways – and we will be adding more open servers soon.

 

The SK for R80.20 kernel 3.10 gateway with all the information and list of limitations is ready here - sk141173.

 

Thanks,

Kim

33 Comments
_Val_
Admin
Admin

What about regular appliances and open servers already supported with 2.6 kernel?

18568
Collaborator

Performance improvement on kernel 3.10 based CloudGuard environments is ~300% comparing to current CloudGuard numbers !

That's impressive! Thought it is a bit vague, could you please let us know improvement in what exactly (bandwidth, connection/s, other)?

Also, can we expect the same improvement on CloudGuard IaaS when the new kernel is GA for this?

Vladimir
Champion
Champion

WoW!

How about OpenServers on ESXi?

Martin_Valenta
Advisor

CloudGuard IaaS is part of this GA already.

Alexander_Kim
Employee Alumnus
Employee Alumnus

All other plarforms will also be supported (CP appliances, legacy open servers, more new open servers and private cloud). 

It's a matter of certification in QA, and it takes time (few months at least). 

There is no technical reason not to support CP appliances, they are blocked intentionally in the iso until the end if certification. 

If there are business opportuninties with customers who need the new kernel on unsupported platforms we can dicsuss it offline without waiting for certification.

Alexander_Kim
Employee Alumnus
Employee Alumnus

Not yet. As the headline says - this GA is for public cloud (AWS/Azure) and new open servers. Rest of the platforms will be added later (or can be discussed if there is an opportunity)

Alexander_Kim
Employee Alumnus
Employee Alumnus

Official performance numbers of CloudGuard will be published once the image will be uploaded to AWS/Azure (few days from now)

18568
Collaborator

Checkpoint branding is always so confusing Smiley Happy But I guess the full name of what I meant is "CloudGuard Private IaaS VE", basically a gateway on ESXi ...

Don_Paterson
Advisor
Advisor

Thank you. 

Gaia open server Hardware and VM Compatibility List (HCL) showing G10 servers but also shows a last updated date of 5th August 2018.

Compatible Hardware Archive | Check Point Software 

Alexander_Kim
Employee Alumnus
Employee Alumnus

We had the option of 3.10 kernel for mgmt servers. Now we are adding the gateway too.

I will check the HCL site to make sure everything is stated as it should be

Bob_Delinsky
Contributor

For current upgrades from R77.30 to R80.20 on Appliances, as of today you are saying that the 3.10 kernel is not yet available and if a fresh install is done it will still be on 2.6 kernel? Do you know when the release for gateway appliances will be for the 3.10 kernel? This would be useful for planning purposes. Thank you

Alexander_Kim
Employee Alumnus
Employee Alumnus

Bob,

We are working to certify all platforms including CP appliances and additional open servers during 2019. BTW, just so I could better understand the motivation - what feature/functionality is missing in legacy kernel Gaia (2.6.18) on CP appliances ?

Thanks...

PhoneBoy
Admin
Admin

Just to be clear, this is a specific release for:

  • Specific Open Servers that require the new kernel
  • CloudGuard IaaS (which didn't previously have an R80.20 gateway version)

It may work in other contexts, but it hasn't been certified yet.

It should also be noted that this release has a few limitations, namely no support for VSX and IPv6 (among others).

We do plan to address these limitations and certify Check Point appliances on this newer kernel in the near term.

Borut
Collaborator
Collaborator

No IPv6 support? In 2019?

We bought Gen10 HP servers anticipating the 3.10 release. Did not expect missing IPv6 support.

Any ETA on IPv6 suport?

Alexander_Kim
Employee Alumnus
Employee Alumnus

Hi, Borut.

IPv6 support is planned in a few months. 

Alexander_Kim
Employee Alumnus
Employee Alumnus

A short video about 3.10 kernel Gaia - Introduction to GAiA 3.10 - YouTube 

Brian_Deutmeyer
Collaborator

When is Gaia 3.10 with VSX support planned?  This is a major hang up and we (like others) are ready to deploy G10s, but need to support VSX.

PhoneBoy
Admin
Admin

This quarter, to the best of my knowledge.

Since R80.30 is planned for this quarter (see: When will R80.30 GA be available?‌, and also: R80.30 Early Availability Program is started!), it would make sense that we would launch it with that release. 

Don_Paterson
Advisor
Advisor

Thanks AK,

I just got around to checking and I see the updates on the HCL page.

Interesting to see the Release Notes speech bubble and link that pops up when pointing to the major release text. It isn't obvious until moving the mouse cursor over the text but nice to know its there.

Link:

Compatible Hardware Archive | Check Point Software  

Screenshot:

Don

RickLin
Advisor
Advisor

Does anybody know this special version can support normal R80.20 Jumbo hotfix(Take 33 +) ?

Alexander_Kim
Employee Alumnus
Employee Alumnus

There will be a JHF for this release aligned to R80.20 JHF - we will announce it here among other places once we release it

Maarten_Sjouw
Champion
Champion

@Alexander Kim,

What is the current status on Appliance compatibility?

Will 12x00 and 13x00 appliances be supported?

How about the new 6x00 range?

When will the 5x00 series support the new kernel?

PhoneBoy
Admin
Admin

Technically it should work with other appliances, but full QA was not done yet.

Stay tuned Smiley Happy

Linor_Leshem
Employee Alumnus
Employee Alumnus

Hi all,

More good news- 2 additional platforms were added to the HCL:

  • Dell PowerEdge R740/R740 XD
  • Dell PowerEdge R640

The link with the new ISO which supports these new additional platforms is available in the same sk- sk141173

Martin_Valenta
Advisor

Any ETA when appliancies will be rubber stamped with 3.10 kernel?

Martin_Valenta
Advisor

Any update on VSX support for r80.20 with 3.10 kernel on dell r740 servers? @Alexander_Kim @Linor_Leshem 

Linor_Leshem
Employee Alumnus
Employee Alumnus

Hi, Martin.

VSX support with 3.10 kernel for Dell R740 servers should be ready during ~May.

This release will be based R80.30 (and not R80.20).

Linor_Leshem
Employee Alumnus
Employee Alumnus

Martin,

Regarding your other question on 3.10 kernel for CP appliances - this should be available during 2019.

Aidan_Luby
Collaborator

Does the new 3.10 kernel support AES-NI on CheckPoint appliances? Apparently the new 6000 series appliances are showing AES-NI disabled in the kernel even though those CPUs support it.

Linor_Leshem
Employee Alumnus
Employee Alumnus

Hi @Aidan_Luby ,

Kernel 3.10 support for 6000 series appliances, should be ready during 2019.
When it will be available, AES-NI will be supported. 

Right now we don't have 3.10 kernel support for 6000 series appliances.

 

 

 

Peter_Janum_Sod
Participant

Hello CheckMates.

 

I just visited a customer who is running an R77.30 standalone installation on "old" HP hardware. They have bought HP DL360 Gen10 to replace the old hardware (without checking the HCL).

Can anyone share an ETA for supporting R80.20/R80.30 Standalone on HP Gen10? Are we talking weeks or months?

 

Thanks in advance,

Peter

_Val_
Admin
Admin

@Alexander_Kim , @kerenni, can you advise please?

Linor_Leshem
Employee Alumnus
Employee Alumnus

Hi @_Val_  @Peter_Janum_Sod ,

R80.20/R80.30 will not support Standalone for Gen10.

R80.40 will have this support for Gen10.

Labels