Support Center > Search Results > SecureKnowledge Details
R80.20 Management Feature Release Technical Level
Solution
 Click Here to Show the Entire Article


Important: Check Point Default version widely recommended for all deployment is R80.40 Take 294 with the latest Jumbo Hotfix Accumulator GA Take.
For more info on all Check Point releases, refer to Release map and Release Terminology articles.
If you still need to obtain the R80.20 Management Feature Release, contact Check Point Support.

Introduction | What's New | FAQ | Documentation | Downloads | Revision History

Introduction

R80.20 Management Feature Release is a new release train that offers frequent, faster delivery of Security Management capabilities. 
The Management Feature Release train was created to enable customers to use the latest Management features, by leveraging shorter release cycles.

As we are targeting for higher frequency of the main versions that include our most updated Management features, the Management Releases are currently suspended (unless specific need raises). 


What's New in R80.20 Management Feature Release

 

  New Release Methodology   Show / Hide the Details
Check Point further enhances its Security Management with new features, stability fixes and more frequent releases. These enhancements are delivered using a new release path called "Management Feature Release." 

Management Feature Releases are designed for customers who want to access and use the latest available Security Management capabilities. 
Ongoing performance and stability fixes will be provided via future R80.20.Mx versions. As these versions will be released frequently, Check Point does not plan to release dedicated Jumbo Hotfixes for R80.20.Mx. Customers should install the latest R80.20.Mx release and be prepared to frequently upgrade their management environment to the latest version.

Upgrading to this version is supported from all previous versions.
Upgrading from Management Feature Release to future Major releases will be supported.


Key Differences from Major Release

  Management Feature Release Major Release
Release Frequency Frequent releases According to Major Release Schedule
Supported Products

Security Management of all deployment types,SmartConsole GUI application, Security Management Server, Multi-Domain Management Server, Multi-Domain Log Server SmartEvent and SmartLog 

Security Gateway of all deployment types, SmartConsole GUI application, Security Management Server, Multi-Domain Management Server, Standalone deployment
Jumbo Hotfix Accumulator and fixes methodology Updates are shipped within the next Management Feature Release  Jumbo Hotfixes will continue to be released on regular basis
Managed Gateways Starting from R80.20 GA and R80.20.M2, it is possible to manage R80.20 and below Security Gateways.  Manages Security gateways of this release as well as previous ones
  R80.20 Management Feature Release M2   Show / Hide the Details
CloudGuard Controller
  • Support Data Center objects for VMware vCenter Tags
  • Support Data Center Objects for VMware NSX Universal Security Groups
CPView
  • CPView support for Multi-Domain Security Management
  • SNMP support for CPView metrics
SmartConsole
  • Operational Efficiency - add and remove an object from groups within the object editor
  • Logging and Monitoring - improved, simpler and faster user experience for exporting logs to Splunk
  • R80.20.M2 SmartConsole can be installed on the same client machine together with R80.20 SmartConsole
Advanced Threat Prevention
  • Consolidated Threat Prevention dashboard providing full threat visibility across networks, mobile and endpoints
  R80.20 GA   Show / Hide the Details
The below list shows the R80.20 GA newest Security Management features and enhancements


R80.20 GA Security Management Features

Threat Prevention

  • Enhanced configuration and monitor abilities for Mail Transfer Agent (MTA) in SmartConsole for handling malicious mails
  • Configuration of ICAP Server with Threat Emulation and Anti-Virus Deep Scan in SmartConsole
  • Automatic download of IPS updates by the Security Gateway
  • SmartConsole support for multiple Threat Emulation Private Cloud Appliances
  • SmartConsole support for blocking archives containing prohibited file types

CloudGuard IaaS Enhancements

  • Automated Security Transit VPC in Amazon Web Services (AWS) - Automatically deploy and maintain secured scalable architecture in Amazon Web Services

Access Policy

  • Updatable Objects – a new type of network objects that represent an external service such as Office 365, Amazon Web Services, Azure GEO locations and more, and can be used in the Source and Destination columns of an Access Control policy. These objects are dynamically updated and kept up-to-date by the Security Gateway without the need to install a policy
  • Wildcard network object in Access Control that represents a series of IP addresses that are not sequential
  • Only for Multi-Domain Server: Support for scheduled policy installation with cross-Domain installation targets (Security Gateways or Policy Packages)
  • Security Management Server can securely connect to Active Directory via a Security Gateway if the Security Management Server has no connectivity to the Active Directory environment and the Security Gateway does

SmartConsole

  • SmartConsole Accessibility features
    • Keyboard navigation - ability to use the keyboard alone to navigate between the different SmartConsole fields
    • Improved experience for the visually impaired, color invert for all SmartConsole windows
    • Required fields are highlighted

Logging and Monitoring

  • Log Exporter - an easy and secure method to export Check Point logs over Syslog to any SIEM vendor using standard protocols and formats
  • Unified logs for Security Gateway, SandBlast Agent and SandBlast Mobile for simplified log investigation
  • Enhanced SmartView in browser:
    • Relative time frame support
    • I18N support for 6 languages (English, French, Spanish, Japanese, Chinese, Russian)

    Mobile Access

    • Support for reCaptcha, keep abusive automated software activities from interfering with regular portal operations
    • Support for One Time Password (OTP) without any hardware tokens
      R80.20 Management Feature Release M1   Show / Hide the Details

    Threat Prevention

    • Threat Prevention Indicators (IoC) API
      • Management API support for Threat Prevention Indicators (IoC)
      • Add, delete, and view indicators through the Management API
    • Threat Prevention Layers
      • Support layer sharing within Threat Prevention policy
      • Support setting different administrator permissions per Threat Prevention layer

    Gaia OS

    • Upgraded Linux kernel (3.10)
    • New file system (xfs)
      • More than 2TB support per a single storage device
      • Enlarged systems storage (up to 48T tested)
    • I/O related performance improvements
    • Support of new system tools for debugging, monitoring and configuring the system
      • iotop (provides I/O runtime stats)
      • lsusb (provides information about all devices connected to USB)
      • lshw (provides detailed information about all hardware)
      • lsscsi (provides information about storage)
      • ps (new version, more counters)
      • top (new version, more counters)
      • iostat (new version, more counters)
    • Compressed snapshots - reduced system snapshot size

    Access Policy

    • Rule Base performance improvements, for enhanced Rule Base navigation and scrolling
    • Global VPN Communities (previously supported in R77.30)
    • Access Control visibility for NAT46 and NAT64
    • Identify Tags: Access Role objects can manage identities that originated from Cisco ISE Security Groups or Check Point Identity Awareness API

    Logging and Monitoring

    • SmartView (web) enhancements:
      • Auto-refresh views
      • Improved log-viewer with cards, profiles, statistics and filters
      • Export logs with custom or all fields
    • Keyboard-navigation
    • Ability to define an external Syslog server object and configure Security Gateway to send all its logs to it (previously supported in R77.30)
    • Log Exporter - an easy and secure method to export Check Point logs over syslog that utilizes standard protocols and formats

    SmartProvisioning

    • Integration with SmartProvisioning (previously supported in R77.30)
    • Support for the 1400 series appliances
    • Administrators can now use SmartProvisioning in parallel with SmartConsole

    SmartConsole

    • Multiple simultaneous sessions in SmartConsole. One administrator can publish or discard several SmartConsole private sessions, independently of the other sessions

    CloudGuard IaaS Enhancements

    • Integration with Google Cloud Platform
    • Integration with Cisco ISE
    • Integration with Nuage Networks
    • Automatic license management with the CloudGuard IaaS Central Licensing utility
    • Monitoring capabilities integrated into SmartView
    • CloudGuard IaaS support for 41000, 44000, 61000, and 64000 Scalable Platforms

    Endpoint Security Server

    Managing features that are included in R77.30.03:

    • Management of new Software Blades:
    • SandBlast Agent Anti-Bot
    • SandBlast Agent Threat Emulation and Anti-Exploit
    • SandBlast Agent Forensics and Anti-Ransomware
    • Capsule Docs
    • New features in existing blades:
    • Full Disk Encryption
      • Offline Mode
      • Self Help Portal
      • XTS-AES Encryption
      • New options for the Trusted Platform Module (TPM).
      • New options for managing Pre-Boot Users
    • Media Encryption and Port Protection
      • New options to configure encrypted container
      • Optical Media Scan
    • Anti-Malware
      • Web Protection
      • Advanced Disinfection

    Additional Enhancements

    • Improvements in policy installation performance on R80.10 and higher gateways with IPS
    • Compliance:
      • User can create custom best practices based on scripts
      • Support for 35 regulations including General Data Protection Regulation (GDPR)

    FAQ


      R80.20 Management Feature Release Documentation

       


      R80.20.M2 Release Notes

      Administration Guides

      Resolved Issues

      Known Limitations


      R80.20 Management Feature Release Downloads

      To obtain download packages of M1 and M2, contact Check Point Support.

      R80.20.M2 File Revision History | Release map | Upgrade map | Backward Compatibility map | Releases plan




      Check Point CheckMates Community

      Upgrade/Download Wizard

      Revision History

      Show / Hide

      Date Description
      30 Jun 2020 R80.40 Take 294 with Jumbo Hotfix Accumulator Take 48 is our Default version widely recommended for all deployments 
      15 July 2019  Link to Release map was replaced 
      30 Apr 2019  CPUSE Upgrade package for Security Management and Security Gateway / Standalone has been updated
      23 Dec 2018  Released Management Feature Release M2 (R80.20.M2)
       04 Oct 2018  Added information about R80.20 GA release
      19 July 2018   Management Server Migration Tools were updated
      27 June 2018  First release of this document.

      Give us Feedback
      Please rate this document
      [1=Worst,5=Best]
      Comment