Support Center > Search Results > SecureKnowledge Details
R77.20.85 for Small and Medium Business Appliances
Solution

This article applies to Check Point 700 / 1400 / 910 Small and Medium Business (SMB) Appliances. 


Table of Contents

  • What's New in Check Point R77.20.85 for SMB Appliances
  • Supported Appliances
  • Enhancements
  • Resolved Issues
  • Downloads
  • Known Limitations
  • Documentation

For more information, refer to the following Product Pages: Check Point 700Check Point 1400 and Check Point 910.

Visit Check Point CheckMates Community to ask questions, start a discussion, and get expert assistance.

What's New in Check Point R77.20.85 for SMB Appliances

  • IPS, Anti-Virus and Threat Emulation inspection for IMAP and IMAPS e-mail protocols

  • Events View
    • Infected host in the network
    • Malicious file detected\prevented
    • Malicious email detected\prevented
    • Internet High Availability - Failover/Restore
    • License notifications – about to expire/expired/reactivated
    • Reboot
    • New device in the network
    • New firmware available

  • VPN Remote Access connected users view

  • New SD card files system
    • Support ext4 as a default SD-card file system to increase work reliability with SD card

R77.20.85 Supported Appliances

The supported appliances are:

  • 700
  • 910
  • 1400

Important: 600/1100/1200R appliances will continue to be supported with important bug and security fixes. Firmware for 600/1100/1200R appliances will be released as necessary.

R77.20.85 Enhancements

The table below lists R77.20.85 Enhancements:

ID Description
SMB-6608
New Advanced option to avoid packet drop of applications that have a low TTL value.
SMB-5377 In centrally managed appliances, security logs can be exported to an external syslog server.
SMB-5578 The 'show diag' command shows the secondary and default image name/version in addition to the current one.
SMB-5750 Added an option to monitor all internet connections with software watchdog. This option was previously available only with a USB based internet connection.

 

R77.20.85 Resolved Issues

The table below lists R77.20.85 Resolved Issues:

ID Description
General
SMB-6480 On locally managed SMB appliances, configuring a cluster with 2 or more VLANs and syncing the secondary member causes all interfaces to appear as "non HA."
SMB-6500
When working with multiple ISPs in High Availability mode and there is a static route for the host/service through a non-primary interface, when you enable HTTPS inspection, the route is ignored and all traffic passes through the primary interface.
SMB-6697

Timezone for users in Brazil is incorrect due to the changed start of Daylight Savings. 

SMB-6791
Access to HTTPS sites signed by specific trusted root CAs may fail when SSL inspection is enabled.
SMB-6597
High CPU load and excessive logs may occur when two PPP Internet connections are configured on a single DSL interface with QoS configured on both connections, and both connections have difficulties due to the DSL line quality.
SMB-7063 Editing a bridged internet connection in the Local Network tab deletes the internet connection.
CLI
SMB-6763
Attempting to add a bridge through the CLI using the command "> add bridge name br0" fails.
SMB-6808
In 1400 appliances: Adding a switch with high ports (ports LAN10-LAN16) via CLI creates the switch with the wrong pivot port.

 

R77.20.85 for SMB Appliances Downloads

Important: check the MD5 string before installing the downloaded file.

Download Package 700 Appliance 910 Appliance 1400 Appliance
R77.20.85 Image (IMG) (IMG) (IMG)
R77.20.85 package for SmartUpdate - - For R77.30 SmartUpdate and SmartProvisioing
 (TGZ)
For R80.x SmartUpdate
 (TGZ)

Note: To download these packages you will need to have a Software Subscription or Active Support plan.


R77.20.85 for SMB Appliances Known Limitations

The table below lists R77.20.85 Known Limitations:

ID Description
SMB-6961
When the IMAP or IMAPS service deletes malicious mail, an email notification is not sent to the client. Logs on the deleted mail can be seen on the Security Logs page
SMB-4401
IMAP/S:
  • Does not support Anti-Spam
  • Is not supported on centrally managed appliances
  • Is not supported for IPv6 traffic
  • Threat Prevention inspection requires SSL Inspection to be fully enabled.
  • Does not support STARTTLS
SMB-7029 Manually upgrading the embedded Gaia firmware from R77.20.80 and older versions to R77.20.85 and higher via the web portal may fail during the file upload phase due to timeout. Refer to sk143274.  
SMB-7085 When One Touch provisioning via the WebUI is completed, an error message shows and it is not possible to retry. This is not a real error, as the configuration was fetched. After refreshing the WebUI, the user can continue to manage the appliance.

 

R77.20.85 for SMB Appliances Documentation

Release Notes
Check Point R77.20.85 SMB Appliances Release Notes
Administration Guides
Check Point 700/900 Appliances R77.20.85 Administration Guide
Check Point 1400 Appliances Locally Managed R77.20.85 Administration Guide
Check Point 1400 Appliances Centrally Managed R77.20.85 Administration Guide
Check Point 700/900/1400 Appliances R77.20.85 Technical Reference Guide
Check Point 730/750 Appliance Locally Managed Getting Started Guide
Check Point 770/790 Appliance Locally Managed Getting Started Guide
Check Point 1430/1450 Appliance Centrally Managed Getting Started Guide
Check Point 1470/1490 Appliance Centrally Managed Getting Started Guide
Related Solutions
sk97766 - Check Point 600 / 1100 / 1200R / 700 / 1400 / 910 Appliances Releases
sk105380 - Check Point R77.20 for 600 / 700 /1100 / 1200R / 1400 / 910 Appliance Known Limitations

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment