cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post

Product Announcements

Employee+
Employee+

Hi all,

We recently released SandBlast Agent E81.20.

E81.20 introduces new features, stability and quality improvements.

A complete list of improvements can be found on the release Secure Knowledge sk158912

 

New Cloud based Zero Phishing

Phishing is still one of the major attack vector and a common initial attack vector in multi-vector attacks campaign.

Zero Day phishing protection is part of SandBlast offering and until now was based on local analysis on the agent.

We are happy to introduce a major enhancement to the Zero-Phishing protection which now powered by Check Point Cloud and enhanced by new Machine Learning algorithm.  

Phishing detection is based on:

  • Static analysis – URL reputation check against Check Point’s cloud threat intelligence to see if the URL is known to be malicious or not.
  • Dynamic analysis – Cloud Machine Learning based inspection analyze the page in real-time using multiple indicators (domain, Geo location, text, images, favorite icon, and many others indicators) to confirm the authenticity of the website.

The new enhancements will improve the detection rate and reduce the fault positive of new zero day phishing sites

 

Malicious scripts protection before execution

Behavioral Guard engine detect and prevent complex file-less attacks and malicious scrips.

E81.20 introduces enhancements to the Behavioral Guard engine. This version blocks malicious scripts like PowerShell, prior to the execution (In earlier releases, Behavioral Guard detected and terminated the scripts after their execution).

 

Performance improvements

Performance improvements is an on-going effort with numerous enhancements introduced in previous SW releases.   

E81.20 includes some major performance improvement, overall performance improved in average of 30%.

 

New VPN capabilities

  • Ability to match the VPN user to the logged-in Windows user and display it in the username field of the connect dialog.
  • Ability to disable implicit SDL when SDL is enabled.
  • Ability to choose a customized Display Name when creating a site from a link.
  • Ability to enable the Connect button before any response is written.

 

 

Read more
0 0 95
Employee+
Employee+

Hi,

 R80.30 Jumbo HF Take #19 is now our GA take.

This take will be available for download to all via CPUSE (as recommended) and via sk153152

Release Highlight:

  • 1st Jumbo supported for R80.30 Main train release
  • Fix for TCP SACKK security Alert
  • Important Note:
    • This Jumbo does not support 16K and 26K appliances series (Linux 3.10)
    • The next Jumbo that will be released in the upcoming weeks will add support to these appliances as well.

 

Additional information can be found in sk153152

Thanks,

RLM Group

Read more
0 5 695
Employee+
Employee+

Hi,

R80.20 Jumbo HF Take #87 is now our GA take (replacing take 47).

 

Important content that was added on top R80.20 Jumbo HF Take #47.

  1. R80.20  new image  take 117 alignment (See sk151513 for more details about the new image)
  2. Added ability to FW Monitor to support monitoring of accelerated traffic by default.

This take will be available for download to all via CPUSE (as recommended) and via sk137592.

Read more...

Read more
0 4 1,481
Employee
Employee

Hi all,

Great news!

 

R80.30 Security Gateway with 3.10 kernel for CloudGuard & Open Servers is now GA.

 

Supported platforms in this release:

  • Check Point 16000 and 26000 series
  • CloudGuard (private cloud):
    • VMWare
    • KVM
    • Hyper-V
    • AHV
  • Open Servers:
    • HP DL380 Gen10
    • HP DL360 Gen10
    • HP DL380 Gen9
    • HP DL360 Gen9
    • Dell PowerEdge R740/R740 XD
    • Dell PowerEdge R640
    • Dell PowerEdge R330

 

For more information you can check:

 

Notes

  • Upgrade from R80.20 3.10 is fully supported
  • Support for public cloud (GCP, Azure, AWS) & additional Open Servers, will be released by the end of this month

 

Thanks,

Linor (linorl@checkpoint.com)

Read more
4 18 4,308
Employee+
Employee+

A new Ongoing Jumbo Hotfix Accumulator take for R80.20 (take 87) is available. Please refer to sk137592.

  • The new releases will not be published via CPUSE as a recommended version.
  • Availability:
    • Will be provided by customer support
    • Available for download via CPUSE by using package identifier

Impotent Note:

  • If you have Jumbo Hotfix Accumulator Take 73 installed on your machines, it must be uninstalled manually before Take 87 installation. 
    For other Jumbo Takes, this is not necessary. 

 

Read more
2 13 3,688
Employee+
Employee+

HI All, 
 

A new On-going Jumbo Hotfix Accumulator take for R80.10 (take 214) is available. Please refer to sk116380

  • The new releases is mentioned in the JHF sk11638
  • The new releases will not be published via CPUSE as a recommended version.
  • Availability:
    • Will be provided by customer support
    • Available for download via CPUSE by using package identifier.

Thanks, 

Release Management group 

Read more
0 0 713
Employee
Employee

R80.30, part of the Check Point Infinity architecture, delivers the most innovative and effective security that keeps our customers protected against large scale, fifth generation cyber threats.

The release contains innovations and significant improvements such as:

  • Practical Prevention against Advanced Threats: The Industry’s 1st Threat Extraction for Web.
  • State-of-the-Art HTTPS Inspection: New SSL Inspection Patent Pending Technologies.
  • Superior Management & Visibility: New Performance & Operational Techniques.

And much more

This release is initially recommended for customers who are interested in implementing the new features. We will make it the default version after significant adoption. It will then be available in the 'Showing Recommended Packages' section in the CPUSE tab in Gaia portal. Until then the Check Point's default version is R80.20.

For “What’s New”, Release Notes and more information, please refer to R80.30 Homepage [sk144293].

*Check Point also offers an Early Availability program for the new 3.10 kernel based on the R80.30 release, which offers support for additional Security Gateways and appliances. For more details, contact ea_support@checkpoint.com.

  • For public EA path login to https://usercenter.checkpoint.com and go to Try Our Products -> Early Availability Programs. Then register to CPEA-EVAL-R80.30-3.10 public EA program.
  • Release notes for this EA program are available here

Read more
16 25 10.9K
Admin
Admin

R80.30 3.10 for Security Gateway and VSX, part of the Check Point Infinity architecture, delivers the most innovative and effective security that keeps our customers protected against large scale, fifth generation cyber threats. 

What's New:

  • Improved firewall resiliency.
  • Support for IPv6 (Resolving a R80.20 3.10 limitation).
  • Clustering and VSX capabilities:
    • Unicast support for Cluster Control Protocol eliminating the need for CCP using Broadcast or Multicast modes).
    • MAC magic configuration is no longer needed.
  • New kernel capabilities:
    • Upgraded Linux kernel
    • New partitioning system (gpt):
      • Supports more than 2TB physical/logical drives
    • Faster file system (xfs)
    • Supporting larger system storage (up to 48TB tested)
    • I/O related performance improvements
    • Multi-Queue:
      • Full Gaia Clish support for Multi-Queue commands
      • Automatic "on by default" configuration
    • SMB v2/3 mount support in Mobile Access blade
    • Added NFSv4 (client) support (NFS v4.2 is the default NFS version used)
    • Support of new system tools for debugging, monitoring and configuring the system:
      • iotop (provides I/O runtime stats)
      • lshw (provides detailed information about all HW)
      • lsusb (provides information about all devices connected to USB)
      • lsscsi (provides information about storage)
      • ps (new version, more counters)
      • psmisc (new version, more counters)
      • top (new version, more counters)
      • iostat (new version, more counters
    • New glibc: glibc-2.17-157
    • New ethtool: ethtool-4.8-7
    • New Bash: bash-4.2.46-29
    • lbzip2 support (free, multi-threaded compression utility)
    • xz support
    • rsync support

Not Supported in Public EA

    • Netflow
    • DCHP Relay

Supported Platforms

Production EA

  • We are looking for Production environment and customers that would like to work directly with R&D
  • Existing working environments in R80.30 / R80.20 3.10 / R80.20 / R80.10 / R77.30
  • Contact us: EA_SUPPORT@checkpoint.com

Public EA Registration

For lab/non-production use, you are welcome to register via UserCenter/PartnerMap. 

UserCenter:

  • Register to the Public EA release via - usercenter.checkpoint.com -> TRY OUR PRODUCTS -> Early Availability Programs -> CPEA-EVAL-R80.30-3.10

PartnerMAP:

  • Register to the Public EA release via - usercenter.checkpoint.com -> LEARN -> Early Availability Programs -> CPEA-EVAL-R80.30-3.10

Contact us: public_ea@checkpoint.com

 

Read more
3 0 529
Employee+
Employee+

We are glad to announce that a GCP High Availability solution is now generally available via the GCP marketplace:

Read more...

Read more
0 0 412