This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Amir_Ayalon
Employee
Employee
‎2026-01-06 10:29 AM

Quantum Spark R82.00.10 has been released!

We are happy to announce Check Point Quantum Spark R82.00.10 has been released!

This Release extend R82 support for Pro appliance, includes more R82 features, alongside a suite of other features and enhancements for both locally and centrally managed gateways.

The Release also adds support for the upcoming 2550 5G and 2570 5G Appliances.

 

Key Version Highlights:

  • R82 Alignment: Now providing comprehensive support for the 15x5 Pro appliance models, as well as the 1600, 1800, 1900, and 2000 series.

 

 

R82 features

  • QUIC inspection - Deep‑packet inspection of QUIC traffic (UDP/443) to maintain visibility even when apps shift away from TLS over TCP
  • DNS security - Blocks malicious domains and prevents data exfiltration via DNS tunnelling and other abuses
  • HTTPS inspection enhancements/bypass under load - Smarter SSL inspection with adaptive bypass to protect critical flows when appliances hit resource thresholds
  • ZeroPhishing (Video)- Real‑time page scoring to stop   credential harvesting and spoofed login pages before users submit data
  • IOC feeds - Allow you to configure a stream of malicious indicators (IPs, domains, file hashes) used to detect and block threats.
  • Network feeds - real-time integration of external threat intelligence (IPs, domains, file hashes) for automatic detection and blocking – now in EA
  • Quantum encryption - Quantum-safe cryptography using PQC algorithms (e.g., Kyber, Dilithium) to resist future quantum attacks.

 

Networking Enhancements

  • WiFi Band steering (Video) - steers clients via probe/association control to 2.4/5/6 GHz based on RSSI, capability, and airtime load, available on 2530/2550/2560/2570
  • BGP grouping - multiple BGP peers with identical routing policies into a single peer group to simplify configuration and improve efficiency.
  • Cluster L2 - Locally Managed Spark appliances configured with bridge can be deployed as a cluster
  • DHCP cluster enhancement – having one DHCP server active at a time and sharing the lease info.
  • Allow cloned MAC on LAN-Bond

 

SDWAN Enhancements

  • CGNAT Cluster - Support for SD-WAN VPN peers behind CGNAT without DAIP configuration (must use Smart-1 Cloud if the Management Server must connect to the SD-WAN Gateway through a CGNAT interface)
  • Route Based Overlay with ECMP - Support SD-WAN Overlay to operation on top of Route-based VPN. In ECMP mode, SD-WAN selects both the best peer, and the best path to reach the peer.

 

IPV6 enhancements

  • IPv6 Flexiport support
  • IPv6 static route probing
  • Multiple IPv6 Internet connections
  • IPv6 GRE  (6 in 4, 6 in 6, and 4 in 6) 

 

New Hardware

  • Support for the new 2550 WIFI 7 5G appliance – now in EA, GA is planned during Q1 2026
  • Support for the new 2570 WIFI 7 5G appliance – now in EA, GA is planned during Q1 2026
  • Support for the new 2590 high performance 1U appliance with 4x10GB SFP + 8x1GB SFP ports – now in EA

              

For additional information and release notes, please refer to: sk184357

Click here to see the general playlist of feature videos

 

78 Replies
sx8n20394
Contributor
‎2026-03-12 12:50 PM
In response to Milo2323_

Not sure if it is related but build 2110 apparently has an issue and they are going to be releasing build 1660. Not sure if this is a roll back type of situation but I would open a TAC case.

 

0 Kudos
Amir_Ayalon
Employee
Employee
‎2026-03-12 03:07 PM
In response to sx8n20394

Hi,

Let me explain.

Build 2110 is completely safe to use for protecting your gateway against recent CRL issues, though it is a targeted fix rather than a comprehensive update. We plan to release a fully unified public firmware update in roughly two weeks that will replace it.

To give you the full picture, Build 2110 is based on R82.00.10 GA and focuses specifically on resolving the CRL problem, It does not include the broader resolutions currently found in our ongoing Jumbo Hotfix (JHF), which we provide exclusively to CFG customers to address their unique environments. We are currently finalizing our QA and performance testing on this broader JHF, and it will soon be released to the public to replace 2110.

If your system is running smoothly and you have never been instructed by TAC or CFG to install custom firmware, you can confidently use Build 2110 right now. However, if you rely on custom firmware provided by our teams for past issues, Build 2110 lacks those specific fixes. In that scenario, you should request the CFG Jumbo instead to ensure all your previous issues remain resolved while we finish testing the upcoming unified release.

 

0 Kudos
sx8n20394
Contributor
‎2026-03-12 03:27 PM
In response to Amir_Ayalon

Ok thanks for the message. I was told by my TAC engineer that 2110 has an issue and to not upgrade to it. They then gave me build 1660.

J_admin12
Participant
‎2026-03-13 03:55 AM
In response to sx8n20394

My personal experience with build 2110 on a 1535 appliance, is that the stability issues were not fixed on this build. After around 24 hours of initial stability, we experienced multiple crashes within a few hours which took the cluster entirely offline each time.

0 Kudos
ohadp
Employee
Employee
‎2026-03-13 04:27 AM
In response to J_admin12

Hi @J_admin12 

Please contact me directly and share your SR number.

I would like to review the case and provide a solution for the freeze and crash issues.

ohadp@checkpoint.com

Ohad

0 Kudos
genisis__
MVP Silver
MVP Silver
‎2026-03-13 09:20 AM
In response to ohadp

Ohad,
We are running 2000 appliances running the latest build,  now I don't know if this is issue or not, but we've had to reboot the firewalls twices now for FQDN objects to work.
First time round dns lookups just stopped (this was in all fairness on the last build), we had to reboot to get this working again.
Now we have had a strange issue where resolution seemed to be out of sync between the client and the firewall even though they are both using the same DNS, again rebooted the firewall and everything worked.  I'm suspecting this cleared the cache.

Is there a way to clear the DNS cache without rebooting the firewalls?  So I can confirm this behavior is actually related to DNS caching?

0 Kudos
ohadp
Employee
Employee
‎2026-03-14 02:22 AM
In response to genisis__

Hi,

You can check this DNS article for R82.00.X:
Quantum Spark R82.00.X – Configuring DNS Settings

In R82, DNS servers can be configured directly from CLI or WebUI, and you can define up to three DNS servers (primary, secondary, tertiary) for the gateway.

However, I need to understand your issue in more detail. Please share SR with all relevant information:

  • Firmware build you are using

  • Network topology

  • Management type (Locally managed / Cloud / Centrally managed)

Also, for troubleshooting purposes, please test with global DNS servers, such as:

  • 8.8.8.8

  • 1.1.1.1

and let me know if the issue persists.

Ohad

0 Kudos
genisis__
MVP Silver
MVP Silver
‎2026-03-14 07:56 AM
In response to ohadp

Hi Ohad,

We have three DNS entries, all public.   This was working fine with client testing. The latest symptom we have seen is activate GW can resolve queries, standby device could not, and the end client was unable to access, which I believe is due to a mismatch in IPs resolved.

Its not something that happens all the time so its hard to pinpoint that this stage.  I don't have an SR open at this point as we are still testing.  If it happens again I will raise, run a Dr Spark, and cpinfo from both devices, then raise a S/R, and try to keep the GWs in the same state.

We are running R82.00.10 build 2110.



Only change we did was to reboot both GWs and it all started to work.

0 Kudos
sigal
Employee
Employee
‎2026-03-14 11:18 PM
In response to genisis__

Hi,
When the setup is working fine and DNS resolved correctly, do you also see problems with Standby member access to the Internet?

Thanks.

0 Kudos
genisis__
MVP Silver
MVP Silver
‎2026-03-15 03:50 AM
In response to sigal

When its working fine, I can do nslookup from both GWs in the cluster, when its not I cannot do an nslookup from the standby device.

Additionally I've ensured the GWs can ping the upstream internet router.

0 Kudos
sigal
Employee
Employee
‎2026-03-15 11:02 AM
In response to genisis__

Thanks for your reply.
The next time you see this issue, in addition to opening SR and collecting the relevant data, I will appreciate it if you can clear the connections table on both cluster members by running:

fw tab -t connections -x -y

and see if it makes any difference.

0 Kudos
genisis__
MVP Silver
MVP Silver
‎2026-03-15 01:57 PM
In response to sigal

Will do, to be fair it it happens again I will need to raise a TAC case.

0 Kudos
genisis__
MVP Silver
MVP Silver
‎2026-03-16 07:50 AM
In response to sigal

We just got the problem again, after clearing the connections table it worked.

0 Kudos
ohadp
Employee
Employee
‎2026-03-13 04:30 AM
In response to sx8n20394

Hi @sx8n20394 

Build 2110 is the official GA version, which includes the CRL fix:
https://support.checkpoint.com/results/sk/sk184357

Build 1660 is a hotfix build.

The appropriate build depends on the specific gateway issue and whether R&D provided a targeted fix.

There are no known issues with build 2110.

Ohad

0 Kudos
sx8n20394
Contributor
‎2026-03-13 09:15 AM
In response to ohadp

Ok, we were told by support that there was an issue with 2110 which is why I posted my original reply.

0 Kudos
Amir_Ayalon
Employee
Employee
3 weeks ago

Hi everyone.
Please note that we recently released Build 998002133, which integrates several fixes previously available in separate builds.
This consolidated release resolves the rare freeze issue under heavy load, includes multiple CFG fixes, and incorporates the CRL fix (the same one detailed in the CRL SK).

 

0 Kudos
genisis__
MVP Silver
MVP Silver
3 weeks ago
In response to Amir_Ayalon

Is this also applicable to 2000 appliances?

0 Kudos
Amir_Ayalon
Employee
Employee
3 weeks ago
In response to genisis__

Yes

https://support.checkpoint.com/results/sk/sk184357

0 Kudos
genisis__
MVP Silver
MVP Silver
2 weeks ago
In response to Amir_Ayalon

I should have checked on the support site first!

I've upgraded a couple of devices we have and updated the various TAC cases.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events