Is there an EA R80.20 program for partners and customers?
I once sent an email to the EA team to find out how it works.
The right way is:
To register to the EA program, please fill the R80.20 questionnaire and I will get back to you after reviewing it.
Thanks to Or Giat EA Engineer and Jozko.
Yes, there is.
Do you have a link to the Check Point R80.20 EA page?
I found nothing in the partner portal.
Okay, I'll write an e-mail:
It doesn't show me anything on Early Availability Programs page too. I am not involved into this EA program. so the best option is to write to ea_support email as you did
There is this Article on Habrahabr (in Russian mostly) from a partner, which explicitly says that there is an EA program.
There is an EA program for the new kernel version, which should be included in new software release, as far as I know.
There is this thread - Do you know the Check Point Early Availability Program?
R80.20 EADates - Starting from mid-December 2017
I heard from Check Point employees some time ago that an EA program has started.
There is some "evidence" in this comment of Dameon Welch Abernathy, and you can see a list of planned features for EA there that I posted.
Dameon Welch Abernathy on 13-Mar-2018 17:51There will be an EA program for R80.20 for sure.I would recommend contacting your Check Point SE for details.
Dameon Welch Abernathy on 13-Mar-2018 17:51
There will be an EA program for R80.20 for sure.
I would recommend contacting your Check Point SE for details.
There is a planned event TechTalk: R80.20 Demo
The public EA page only lists EAs that are public.
The EAs we have so far related to R80.20 are private ones.
Really ? I found only "CPEA-EVAL-E80.82", which is not Gaia R80.20.
EDIT: Found something, but this is just survey.
This is the new VPN Client and not the firewall R80.20.
I am need GAIA R80.20 EA Gateway, Management and Win10 DashBoard.
Right now still at private EA stage , not public EA stage.
When public EA stage coming(depends on RD), you can see it in the EA program page.
Just found that there is Check Point R80.20 - Public Early Availability Program available for testing !
What’s New in R80.20
· With Falcon Acceleration Cards:
· NGFW/NGTP/NGTX - supports higher throughput with maximum security by implementing Deep Inspection acceleration
· HTTPS Inspection acceleration - supports higher throughput of HTTPS traffic
· Firewall only acceleration - low-latency for Firewall only traffic, high packet and session rates
· VSX and QoS support
· Additional software enhancements:
· HTTPS Inspection performance improvements
· Session rate improvements on high-end appliances (including 2012 appliances and 13000 and above appliances)
· Acceleration is enabled during policy installation
· Threat Prevention Indicators (IoC) API
o Management API support for Threat Prevention Indicators (IoC)
o Add, delete, and view indicators through the management API
· Threat Prevention Layers
o Support layer sharing within Threat Prevention policy
o Support setting different administrator permissions per Threat Prevention layer
· MTA (Mail Transfer Agent)
o MTA monitoring:
§ E-mails history views and statistics, current e-mails queue status and actions performed on e-mails in queue
· MTA configuration enhancements:
§ Setting a next-hop server by domain name
§ Stripping or neutralizing malicious links from e-mails
§ Adding a customized text to a malicious e-mail's body or subject
§ Malicious e-mail tagging using an X-header
§ Sending a copy of the malicious e-mail
· ICAP server support on a Security Gateway to consult with Threat Emulation and Anti-Virus Deep Scan whether a file is malicious
· Threat Emulation
o SmartConsole support for multiple Threat Emulation Private Cloud Appliances
o SmartConsole support for Blocking files types in archives
· Identity Tags support the use of tags defined by an external source to enforce users, groups or machines in Access Roles matching
· Identity Collector support for Syslog Messages - ability to extract identities from syslog notifications
· Identity Collector support for NetIQ eDirectory LDAP Servers
· Improved Transparent Kerberos SSO Authentication for Identity Agent
· Two Factor Authentication for Browser-Based Authentication (support for RADIUS challenge/response in Captive Portal and RSA SecurID next Token/Next PIN mode)
· New configuration container for Terminal Servers Identity Agents
· Ability to use an Identity Awareness Security Gateway as a proxy to connect to the Active Directory environment, if SmartConsole has no connectivity to the Active Directory environment and the gateway does
· Active Directory cross-forest trust support for Identity Agent
· Identity Agent automatic reconnection to prioritized PDP gateways
· Additional filter options for identity collector - "FilterperSecurity Gateway" and "Filter by domain"
· Improvements and stability fixes related to Identity Collector and Web-API
Mirror and Decrypt
· Decryption and clone of HTTP and HTTPS traffic
· Forwarding traffic to a designated interface for mirroring purposes
Hardware Security Module (HSM)
· Enhancement of outbound HTTPS Inspection with a Gemalto SafeNet HSM Appliance
· SSL keys are stored when using HTTPS Inspection
· Sync redundancy support (over bond interface)
· Automatic CCP mode (either Unicast, Multicast or Broadcast mode)
· Unicast CCP mode
· Enhanced state and failover monitoring capabilities
· OSPFv3 (IPv6) clustering support
· New cluster commands in Gaia Clish
· Allow AS-in-count
· IPv6 MD5 for BGP
· IPv6 Dynamic Routing in ClusterXL
· IPv4 and IPv6 OSPF multiple instances
· Bidirectional Forwarding Detection (BFD) for gateways and VSX, including IP Reachability detection and BFD Multihop
· New Wildcard Network object supported in Access Control policy
· Simplified management of Network objects in a security policy
· HTTPS Inspection now works in conjunction with HTTPS web sites categorization. HTTPS traffic that is bypassed will be categorized.
· Rule Base performance improvements, for enhanced rule base navigation and scrolling
· Global VPN Communities. Previously supported in R77.30.
· Upgraded Linux kernel (3.10)
· Additional support for Open Servers hardware
· New file system (xfs)
o More than 2TB support per a single storage device
o Enlarged systems storage (up to 48T tested)
· I/O related performance improvements
· Support of new system tools for debugging, monitoring and configuring the system
o iotop (provides I/O runtime stats
o lsusb (provides information about all devices connected to USB)
o lshw (provides detailed information about all HW)
o lsscsi (provides information about storage)
o ps (new version, more counters)
o top (new version, more counters)
o iostat (new version, more counters)
· Multiple simultaneous sessions in SmartConsole - One administrator can publish or discard several SmartConsole private sessions, independently of the other sessions.
· Integration with a Syslog server (previously supported in R77.30) - A Syslog server object can be configured in SmartConsole to send logs to a Syslog server.
· Integration with SmartProvisioning (previously supported in R77.30)
· Support for the 1400 series appliances
· Administrators can now use SmartProvisioning in parallel with SmartConsole
vSEC Controller Enhancements
· Integration with Google Cloud Platform
· Integration with Cisco ISE
· Automatic license management with the vSEC Central Licensing utility
· Monitoring capabilities integrated into SmartView
· vSEC Controller support for 41000, 44000, 61000, and 64000 Scalable Platforms
Endpoint Security Server
Managing features that are included in R77.30.03:
· Management of new blades:
o SandBlast Agent Anti-Bot
o SandBlast Agent Threat Emulation and Anti-Exploit
o SandBlast Agent Forensics and Anti-Ransomware
o Capsule Docs
· New features in existing blades:
o Full Disk Encryption
§ Offline Mode
§ Self Help Portal
§ XTS-AES Encryption
§ New options for the Trusted Platform Module (TPM)
§ New options for managing Pre-Boot Users
· Media Encryption and Port Protection
§ New options to configure encrypted container
§ Optical Media Scan
§ Web Protection
§ Advanced Disinfection
· HTTPS Inspection support for IPv6 traffic
· Additional cipher suites support for HTTPS inspection
· Improvements in policy installation performance on R80.10 and higher gateways with IPS
· Network defined by routes - gateway's topology is automatically configured based on routing
· IPS Domain Purge on Security Management Server - IPS update packages are saved for 30 days, older packages are purged.
· SmartConsole Extensions – an open API platform for extending Smart Console with third-party and in-house tools and features.
· Compressed snapshots - reduced system snapshot size.
I announced that here: Check Point R80.20 Production and Public EA
Also, my version of the feature table is more complete and should be a bit easier to read
Just in case you are interested: Want to join R80.20 EA activities?
Retrieving data ...