Important: For information about the Check Point default version widely recommended for all deployments, refer to sk95746.

Table of Contents:

1. Introduction
2. New 3.10 Kernel Capabilities
3. What's New
4. Supported Platforms
5. Availability
6. Released Hotfixes
7. Known Limitations
8. Documentation
9. Advanced Configuration for SMB v2/3
10. Frequently Asked Questions
11. Revision History

[1] Introduction

R80.20, part of the Check Point Infinity architecture, delivers the most innovative and effective security, keeping our customers protected against large-scale, fifth-generation cyber threats. For more information about Check Point R80.20, refer to sk122585.

This release introduces the new 3.10 kernel for Security Gateways. It extends support for new platforms and offers a significant performance improvement in cloud environments.

Check Point R80.30 with Gaia 3.10 is now available. For more information, refer to sk152652. 

For Security Management Server, the new 3.10 kernel is already part of Check Point Main-Train release starting from R80.20, and is supported on all Security Management platforms (see R80.20 Release Notes).

[2] New 3.10 Kernel Capabilities

• Upgraded Linux kernel (based on RHEL 7.x kernel 3.10)
• New partitioning system (gpt)
  • Supports more than 2 TB physical/logical drivers
• New, faster file system (XFS, see sk141432)
• Supporting larger system storage (up to 48 TB tested)
• I/O related performance improvements
• SMB v2/3 mount support in Mobile Access blade (see details below)
• Added NFSv4 (client) support (NFS v4.2 is the default NFS version used)
• Support of new system tools for debugging, monitoring and configuring the system:
  • iotop (provides I/O runtime stats)
  • lshw (provides detailed information about all HW)
  • lsusb (provides information about all devices connected to USB)
  • lsscsi (provides information about storage)
  • ps (new version, more counters)
  • psmisc (new version, more counters)
  • top (new version, more counters)
  • iostat (new version, more counters
• New glibc: glibc-2.17-157
• New ethtool: ethtool-4.8-7
• New Bash: bash-4.2.46-29
• lbzip2 support (free, multi-threaded compression utility)
• xz support (compression utility)
• rsync support

[3] What's New

Take #	What's New
Take 12	Additional support for: Open Servers: Dell PowerEdge R330
Take 11	Additional support for: Open Servers: HP DL380 Gen9, HP DL360 Gen9
Take 8	1. Additional support for: CloudGuard: Google Cloud Platform Open Servers: Dell PowerEdge R740/R740 XD, Dell PowerEdge R640 2. Support installation on storage with capacity of exact multiplies of 2TiB (2TiB, 4TiB, 6TiB, 8TiB, etc). 3. Performance enhancement: prevent Intel processors from entering sleep states. 4. Upgrade of hwdata package from 0.252-8.6 to 0.252-9.1 5. Upgrade of gdisk package from 0.8.6-5 to 0.8.10-2
Take 5	1. First release of Check Point R80.20 with Gaia 3.10 2. Support for: CloudGuard: AWS, Azure Open Servers: HP DL380 Gen10, HP DL360 Gen10

[4] Supported Platforms

Product	Details
CloudGuard	AWS Azure Google Cloud Platform
Open Servers	Refer to the Hardware Compatibility List

[5] Availability

Take #	Date	Link
Take 12	12 June 2019

Important Notes:

• This R80.20 3.10 gateway version is not part of Check Point Main Train Release R80.20 (sk122485 - Check Point R80.20), and is supported on Open Servers and Cloud-based environments. Check Point Main Train Appliances are not supported in this release. 
• Each take is an accumulation of the previous Take's content.
• For more information, refer to the FAQs section below.

[6] Released Hotfixes

Released Hotfixes

sk146212 - Jumbo Hotfix Accumulator for R80.20 3.10

[7] Known Limitations

ID	Description
GAIA-3369	IPv6 is not supported.
GAIA-3295	VSX is not supported.
GAIA-3372	This version only supports the Security Gateway. Security Management and Standalone are not supported.
GAIA-415	Loopback is not supported. As a result, the following features are limited: BGP Peering to loopback IPs will not be supported in SGW mode (at any rate, clustering mode does not work). Redistribution of networks using loopback will not be supported.  OSPF No support for loopback IPs. Redistribution of networks using loopback will not be supported. RIP No support for loopback IPs. Redistribution of networks using loopback will not be supported.
GAIA-3380	The 'raid_diagnostic' utility does not work for open servers.
GAIA-3085	'Emergendisk' is not supported.
GAIA-2619	VRRP is not supported.
GAIA-2649	On CloudGuard for AWS, the 'ethtool -G' command is not supported.
GAIA-2648	On CloudGuard for Azure, the 'ethtool -G' command is not supported.
GAIA-3431	The number of FW instances is reported incorrectly in the output of 'fw ctl affinity -l' (but correctly in the output of 'fw ctl affinity -l -r').
GAIA-2650	On CloudGuard for AWS, speed and duplex information is not available when using the ethtool.
GAIA-3427	The bond interface is always up after reboot. You can disable the bond interface permanently by disabling its interfaces.
GAIA-3366	Process affinity cannot be modified.
GAIA-3316	'cpmq get -v' is missing output.
GAIA-3205	Cannot change interface link speed to 1000MB after it is changed to 100MB.
GAIA-3179	When the slave bridge interface is brought down, the state of the bridge in Gaia remains up.
GAIA-3345	Changing the MTU on the directly connected switches may cause drops of fragmented traffic due to a MTU mismatch.
GAIA-3058	PBR is supported, but the feature that supports 'PBR route lookup' in topologies with a loop is not supported.
ACCL-417	The following were removed: CPView Network -> Top-Protocols and Network -> Top-Connections tabs.
VSECC-784	An R80.20 Security Gateway based on Check Point OS Kernel 3.10 does not support Data Center Objects. In R80.10, this issue was resolved in Jumbo Hotfix Accumulator Take_177 installed on the Security Management Server. In R80.20, this issue was resolved in Jumbo Hotfix Accumulator Take_33 installed on the Security Management Server.
GAIA-1795	The machine may freeze when deleting the Bridge/Bond/VLAN interface under traffic. As a workaround: Bring the Bridge/Bond/VLAN interface to the DOWN state, save the configuration, reboot, remove the interface, and save the configuration.
GAIA-3463	In-place upgrades between takes and versions is not supported. To upgrade between takes and versions, you will need to do a clean install. As per sk107042, Connectivity Upgrade is supported.

[8] Related Documentation