We have x2 5800 CheckPoint Appliances running R77.30 in standalone HA mode. These appliances are running BGP with different ISPs in our data centre. We need to upgrade the version of these appliances to R80.10/20 due to the out of support of R77.30. Do you suggest we go to R80.20 directly?
I have many concerns such as:
- ISP Redundancy with multiple NATs. Sometimes we notice that on R80.10, ISP redundancy does not work as it should. Some traffic comes from a particular ISP and exits from another ISP.
- Management Performance Issues - Appliances have 16GB RAM. Running management on these devices I think will slow the management. Should we opt for Management split?
- Log indexing / Smart Event Performance
- 4 byte AS Number support for BGP (For R77.30 we had to install a specific hotfix to support 4 byte AS number). On r77.30 without this hotfix, the BGP AS numbers could only be up to 65535. From what I am seeing, this should have been solved on R80.10/20 (BGP 4-Byte AS and Local AS).
Thanks for your feedback in advance.