Check Point further enhances its Security Management with new features, stability fixes and more frequent releases. These enhancements are delivered using a new release path called "Management Feature Release". The first such release is R80.20.M1. 

Management Feature Releases are recommended for customers who want to use the latest available Security management capabilities. 
Customers using this release should be prepared to frequently upgrade their management environment when a new release becomes available.

When the next Major release is available (such as R80.20), you can upgrade to it from the Management Feature Release. The next major release will include new features and enhancements for the Security Gateway and additional enhancements and features for the Security Management Server.  

Key Differences from Major Release

	Management Feature Release	Major Release
Release Frequency	Frequent releases	According to Major Release Schedule
Supported Products	Security Management of all deployment types,SmartConsole GUI application, Security Management Server, Multi-Domain Management Server, Multi-Domain Log Server SmartEvent and SmartLog	Security Gateway of all deployment types, SmartConsole GUI application, Security Management Server, Multi-Domain Management Server, Standalone deployment
Jumbo Hotfix Accumulator and fixes methodology	Updates are shipped within the next Management Feature Release	Jumbo Hotfixes will continue to be released on regular basis
Managed Gateways	Management Feature Release can manage all supported Security Gateway GA versions available at the time of R80.20.Mx release. See the FAQ section below for more information	Manages Security gateways of this release as well as previous ones

Threat Prevention

• Threat Prevention Indicators (IoC) API
  • Management API support for Threat Prevention Indicators (IoC)
  • Add, delete, and view indicators through the Management API
• Threat Prevention Layers
  • Support layer sharing within Threat Prevention policy
  • Support setting different administrator permissions per Threat Prevention layer

Gaia OS

• Upgraded Linux kernel (3.10)
• New file system (xfs)
  • More than 2TB support per a single storage device
  • Enlarged systems storage (up to 48T tested)
• I/O related performance improvements
• Support of new system tools for debugging, monitoring and configuring the system
  • iotop (provides I/O runtime stats)
  • lsusb (provides information about all devices connected to USB)
  • lshw (provides detailed information about all hardware)
  • lsscsi (provides information about storage)
  • ps (new version, more counters)
  • top (new version, more counters)
  • iostat (new version, more counters)
• Compressed snapshots - reduced system snapshot size

Access Policy

• Rule Base performance improvements, for enhanced Rule Base navigation and scrolling
• Global VPN Communities (previously supported in R77.30)
• Access Control visibility for NAT46 and NAT64
• Identify Tags: Access Role objects can manage identities that originated from Cisco ISE Security Groups or Check Point Identity Awareness API

Logging and Monitoring

• SmartView (web) enhancements:
  • Auto-refresh views
  • Improved log-viewer with cards, profiles, statistics and filters
  • Export logs with custom or all fields
• Keyboard-navigation
• Ability to define an external Syslog server object and configure Security Gateway to send all its logs to it (previously supported in R77.30)
• Log Exporter - an easy and secure method to export Check Point logs over syslog that utilizes standard protocols and formats

SmartProvisioning

• Integration with SmartProvisioning (previously supported in R77.30)
• Support for the 1400 series appliances
• Administrators can now use SmartProvisioning in parallel with SmartConsole

SmartConsole

• Multiple simultaneous sessions in SmartConsole. One administrator can publish or discard several SmartConsole private sessions, independently of the other sessions

CloudGuard IaaS Enhancements

• Integration with Google Cloud Platform
• Integration with Cisco ISE
• Integration with Nuage Networks
• Automatic license management with the CloudGuard IaaS Central Licensing utility
• Monitoring capabilities integrated into SmartView
• CloudGuard IaaS support for 41000, 44000, 61000, and 64000 Scalable Platforms

Endpoint Security Server

Managing features that are included in R77.30.03:

• Management of new Software Blades:

• SandBlast Agent Anti-Bot
• SandBlast Agent Threat Emulation and Anti-Exploit
• SandBlast Agent Forensics and Anti-Ransomware
• Capsule Docs

• New features in existing blades:

• Full Disk Encryption
  • Offline Mode
  • Self Help Portal
  • XTS-AES Encryption
  • New options for the Trusted Platform Module (TPM).
  • New options for managing Pre-Boot Users
• Media Encryption and Port Protection
  • New options to configure encrypted container
  • Optical Media Scan
• Anti-Malware
  • Web Protection
  • Advanced Disinfection

Additional Enhancements

• Improvements in policy installation performance on R80.10 and higher gateways with IPS
• Compliance:
  • User can create custom best practices based on scripts
  • Support for 35 regulations including General Data Protection Regulation (GDPR)