This article is suitable for Check Point 600 / 700 / 1100 / 1200R / 1400 Small and Medium Business (SMB) Appliances

Table of Contents

• What's New in Check Point R77.20.51 for SMB Appliances
• Resolved Issues
• Downloads
• Known Limitations
• Documentation    

For more information, see the Check Point 600, Check Point 700, Check Point 1100, Check Point 1200R and Check Point 1400 Appliance Product Pages.
You can also visit our 2012 Models Security Appliances forum, Small and Medium Business Appliances forum or any other Check Point discussion forum to ask questions and get answers from technical peers and Support experts.

 

What's New in Check Point R77.20.51 for SMB Appliances Appliances

• SandBlast Zero-day Protection Threat Emulation  
  
  
  • Support Threat Emulation blade for 700 / 1400 / 1200R Appliances
  • For Locally Managed Appliances, files are emulated in Check Point Threat Cloud
  • For Centrally Managed appliances, files are emulated in Check Point Threat Cloud or in a remote SandBlast appliance
  • Support for Centrally managed Appliances in R77.30 Security Management Server requires HotFix (refer to sk117113), and is available on R80.10 Security Management Server
    Note: Threat Emulation Blade requires additional license (refer to the Products DataSheets or Product Catalog for SKU details)
  
  
  
• VPN Dead Peer Detection
  
  Dead Peer Detection (DPD) is an additional keepalive mechanism supported by the Check Point Security Gateway to test if VPN tunnels are active.
  
  
• Split DNS (On Centrally Managed)  
  
  Support configuration of two (or more) zones for the same domain. Each zone can be resolved by a separate DNS server. 
  
  
• Exclude Specific Networks from DNS proxy
  
  
• View and Disconnect Users Connected via Hotspot

• MAC override for local network interfaces on 700/1400 appliances 
  
  
• SSL Network Extender connection requires an Extender upgrade to support TLS 1.2. See sk115854 for instruction 

R77.20.51 for SMB Appliances Resolved Issues

For the list of issues resolved in R77.20.51, refer to Check Point R77.20.51 for SMB Appliances Resolved Issues.

 

R77.20.51 for SMB Appliances Downloads

Important: check the MD5 string before installing the downloaded file.

Download Package	700 Appliance	1400 Appliance	600 Appliance	1100 Appliance	1200R Appliance
R77.20.51 Image	(IMG)	(IMG)	(IMG)	(IMG)	(IMG)
R77.20.51 package for SmartUpdate	-	For R77.30 SmartUpdate (TGZ)	-	(TGZ)	(TGZ)
		For R80 SmartUpdate (TGZ)

Note: To download these packages you will need to have a Software Subscription or Active Support plan.

R77.20.51 for SMB Appliances Known Limitations

ID	Symptoms
Threat Emulation
02407978	In locally managed appliances, it is not possible to create a Threat Prevention exception rule that applies only to the Threat Emulation blade.
02431813	When running the tecli show statistics command, under "Last Day", the data is from the beginning of the day and not the last 24 hours in a rotating calculation.
02421870	Threat Emulation is included in the Threat Prevention profile. However, the Threat Emulation engine results are not affected by the confidence level settings. If you set the tracking options for the confidence level to inactive, this does not affect the Threat Emulation logs.
02410874	In Small and Mediurm Business Appliances, the configuration of "fail close" behavior when the emulation fails cannot be applied when the engine settings are set to "background" mode, as the file already passed during the emulation attempt.
02417673	Use Threat Emulation only if your device internet connection has enough bandwidth to upload files to the SandBlast emulation in the cloud. We do not recommend you use Threat Emulation if your internet connection has slow upload speeds such as those found in 3G modems.
02444614	The options for the CLISH command "tecli a" are not supported.
02397066	Small Office appliances send archived files in full to the cloud, where they are unzipped to test their content. Logs for archived files will not detail the content of the archive.
02397042	Local emulation mode is not supported in Small Office appliances. See sk106210 for specific Check Point appliances that are recommended for local emulation.
02397047	In Centrally managed appliances, the MTA configuration is not available. Therefore, when the device is set to prevent, emails over SMTP traffic might not be blocked when passing for the first time, as there is a very limited amount of time the connection can be held until the cloud provides an answer post-emulation. If a device passes for the second time, there's local cache on both the gateway side the cloud side who gains data from files passed to it from around the world.
02414088	The maximum file size that can be inspected by the Threat Emulation blade in 770/790/1470/1490 appliances is 15M. The maximum file size that can be inspected by the Threat Emulation blade in 1200R/730/750/1430/1450 appliances is 10M.
02452918	If you perform simultaneous emulation on multiple files, you may exceed the available space. This results in emulation failure with the log "failed to process a file." This is less likely to occur on the more powerful 770/790/1470/1490 appliances due to the larger file storage size.
VPN Remote Access
02427882	The default VPN Remote Access cryptography protocol is TLSv1.2. You cannot use Check Point VPN clients prior to EPS E80.62 unless the configuration is altered manually. See sk115775 for information on how to change the default protocol.

 

R77.20.51 for SMB Appliances Documentation

Release Notes

Check Point R77.20.51 Release Notes

Administration Guides

Check Point R77.20.51 600/700 Administration Guide

Check Point R77.20.51 1100/1200R/1400 Locally Managed Administration Guide

Check Point R77.20.51 1100/1200R/1400 Centrally Managed Administration Guide

Check Point R77.20.51 600/700/1100/1200R/1400 CLI and Advanced Routing Guide

Japanese R77.20.51 600/700 Administration Guide

Related Solutions

sk97766 - Check Point 600 / 1100 / 1200R /700 / 1400 Appliances Releases

sk105380 - Check Point R77.20 for 600 / 700 /1100 / 1200R / 1400 Appliance Known Limitations