Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
PhoneBoy
Admin
Admin

Check Point Roadmap Session November 2021

Q&A available below

Are the Product Demo videos shown during the session available separately?

They are posted in the community. See the direct links below:

Do you have SSO for SmartConsole on road map?

Planned for R81.20 (more precisely, SAML authentication)

Do you have any SD-WAN Solution?

SD-WAN is on our roadmap for next year. We also have many partnerships with leading vendors such as VMware, Cisco, Versa, HPE, and more ...

Is there a single SmartConsole app that supports logging in to endpoint portal, smartcenter portal, and physical on premise installations?

Endpoint is moving to be managed by browser in the latest releases and if its cloud management, then its from Infinity Portal (the same portal for Smart-1 Cloud). The on premise connects to this cloud by sharing objects and data with our Onfinity applications in the cloud even though its fully managed locally).

What is the official roadmap for NDR?

We are looking at integrating our NDR platform into a future XDR platform. For customers who use our NDR solution today, it is officially supported by Check Point

Can we export logs from Harmony Email portal to on prem management? We can't do it from R81 onwards.

We will very soon enable log forwarding from Harmony Email to any SIEM, and from the on-prem management into Infinity.

Is CloudGuard Fedramp certified?

We are working on it but not yet

What about microsegmentation?

It's part of the Ininity NEXT management and can be done with nano agent or thru managing solutions like Calico.

Are there DDOS protections in AppSec?

AppSec sits close to the web servers, it is not best practice to do it there, nor will it work for large volumes of traffic. We do have rate limiting on the roadmap, early next year. Check Point Quantum DDoS Protector series that can provide DDoS. It is available as a VM, Appliance or cloud service.

Does CloudGuard offer container vulnerability scanning?

Yes

Will there be SmartConsole for Linux and Mac OS?

We have SmartConsole web from R81, which will continue to be improved and serve the Linux/MacOS use cases.

Will the SD-WAN Functionality be supported on existing gateways?

It will be supported by gateways capable of running R81.10. Later in 2022 we plan to have it supported also on the Quantum Spark gateways.

CloudGuard NDR will do the same protection for webserver, yes?

NDR identifies and detects related threats, allowing investigation and response. For webservers, NDR detects abnormal server network traffic activities and let you response through IOC management.

Shift-Left, WAF etc are these available in private cloud or only public cloud?

Cloudguard Appsec is supported in Public & Private and On Prem

For MDS Management is there a plan to bring back the cross domain search?

R81 has this feature.

Are we getting SmartWorkflow on R81.10? Any Roadmap?

The main missing feature from SmartWorkflow (four eyes review) is planned for R81.20. We do have a customer release on an earlier release. Please reach out to your local office for more details.

How does Check Point compete with other firewall brands?

We offer a public comparison for customers and you can reach out to your local office for more details. Check Point partners have access to more detailed information via CheckMates for Partners. 

How is Check Point managing the chip shortage? Many vendors have 6 months or more in delivery times right now.

We have been monitoring the global chip supplies for the past year. We currently have been able to maintain our supply and we continue to monitor our requirements through our diverse supply chain.

Does Maestro support ClusterXL?

Maestro clustering is somewhat similar, but more advanced than classic ClusterXL.

Will the SD-WAN features be limited to Check Point appliances only or does it work for CloudGuard / Open Servers?

It will be supported on CloudGuard and Open Servers as well that are able to run R81.10.

When will we see R81 on SMB?

Planned for H1 2022, and it will likely be a sub-version (e.g. R81.10).

Quantum SD-WAN Orchestrator will have options for both On-Premises and On-Cloud?

The SD-WAN orchestrator will be delivered as a cloud service as part of the Check Point Infinity Portal. An entirely on-premise solution is not on the short-term roadmap.

What about licensing for the SD-WAN offering?

Details are not finalized, but it is likely to be an add-on license for existing gateways.

With making SD-WAN available, what happens to the "ISP Redundancy" feature?

ISP Redundancy feature will still be there for customers that want to migrate to SD-WAN in phases.

Does SD-WAN make path decisions at the packet level or the connection/flow level?

For local breakout (direct connection to the internet) it will be done at a connection level. For overlay (VPN) it will be per packet.

Is the SD-WAN orchestration available in on-premise SmartConsole?

The orchestration will be available from the Infinity Portal. However, there will also be a very simple and easy way to link the on-prem SmartConsole to Infinity Portal.

How does IoT Protect differ from current IoT offerings?

Check Point's current IoT offering is based on partnerships with expert companies. The new IOT Protect provides an end-to-end solution by Check Point. The Quantum Security Gateway will discover your enterprise IOT devices and enforce autonomous zero-trust policies, to protect IOT devices from Threats. Both offerings will remain available.

Can I get involved in the SD-WAN EA?

Yes, reach out to Ad Attias.

Is it on the roadmap to have an entirely on-premise SD-WAN orchestrator?

I couldn't see any references to the DDOS Protector in Check Point website, "Products" section.

They're still on the website and we are still selling them.

Can we do QoS based on applications such as Teams. I think now it is irrelevant as we are getting SD-WAN based on applications.

Check Point SD-WAN will do application based steering, SLA based steering and later in 2022 also QoS on the steered connections.

Will there be any new features added to Harmony Connect Internet Access?

We plan for next year to add additional cloud locations, forward proxy support, enhanced DLP and much more granular policy management for access and threat prevention - to name a few.

Does Harmony Remote Access have recording session?

Yes, we have an option to attach a video recording of both SSH and RDP user sessions, that are attached to the log.

Does Harmony Connect clientless support SAP solutions?

The clientless solution supports the web interface. We will release the full L3 connectivity soon, which will provide remote access for any client software (via Harmony Conect cloud service).

Can you confirm is the remote access clienteless works only for web based resources?

SSH, RDP, and SQL access are also supported as well in a clientless fashion.

Are there plans to unify Gaia Embedded/Gaia OS software to avoid limitations from one or the other?

Merging the code is not possible, considering different platforms and especially HW limitations on SMB appliances. However, we are working towards feature parity.

How can existing HE&O customers move to the Avanan offering?

We'll move existing HEO customers to the full feature set of Avanan. Stay tunes for news and timelines.

What improvements are on the roadmap for Smart-1 Cloud?

One key improvement is to support more use cases. For example eliminating the need to modify .def files.

Will DLP rules integrate to Azure Information Protection?

This is planned for next year

This unified DLP will be for prevent on all the vectors? Can we integrate with data classifier?

We plan it as a unified DLP policy to govern all our products. We will start from Harmony Connect. Data classifier integration - it depends which classifier you use.

When does MDR go live?

We have customers already using our MDR offering and are happy to onboard more. Please reach out to your local office for more details. We are in the process of transitioning to an XDR offering.

3 Replies
PJ_Kotze
Explorer

Is it possible to have a copy of the presentation?

0 Kudos
_Val_
Admin
Admin

As a matter of policy, we do not share the slides of roadmap presentations. However, the video recording is available above.

mgades
Contributor

Not a single mention of IPv6 *sigh*

We still lack IPv6 support on Remote Access VPN for the mobile workforce (both accessing the gateway via IPv6 but also accessing internal IPv6 resources via VPN).

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events