So it would appear that the version of the Gaia kernel was updated in R81.20 to 3.10.0-1160.15.2cpx86_64 from the older 3.10.0-957.21.3cpx86_64 which maps from RHEL 7.6 to RHEL 7.9.
Were there specific reasons Check Point decided to update the kernel in this release beyond getting the latest package updates (most of which are stripped out by Check Point anyway as part of Gaia hardening), some stronger Gaia ciphers, and support for the latest hardware (storage controllers, NICs, etc)?
One area of interest in the RHEL release notes: it appears the NIC driver versions for igb/ixgbe/i40/mlx_core have all been updated. While this is generally a good thing (and I know that NIC drivers are sometimes updated in Jumbo HFAs) this has been an area of concern in the past in regards to performance & stability and sometimes even behavioral changes. An example of the latter is sudden RX-DRPs appearing when Gaia 3.10 was first deployed due to unknown EtherTypes detailed in sk166424: Number of RX packet drops on interfaces increases on a Security Gateway R80.30 and higher ...
I looked through the RHEL 7.7-7.9 release notes and didn't see any new interesting capabilities or commands directly relevant to how Gaia is used to run Check Point software, does R&D care to share any tips or tricks present in this kernel update? Tagging @PhoneBoy
New 2-day Live "Max Power" Series Course Now Available:
"Gateway Performance Optimization R81.20" at maxpowerfirewalls.com