Support Center > Search Results > SecureKnowledge Details
Check Point R80.30 Technical Level
Solution
Click Here to Show the Entire Article

Important: Check Point Default version widely recommended for all deployment is R80.30 Take 200 with Jumbo Hotfix Accumulator latest GA Take.
For more info on all Check Point releases, refer to Release map and Release Terminology articles.

Introduction | What's New | Documentation | Downloads | Released Hotfixes | Additional Downloads and Products | Revision History

Introduction

R80.30, part of the Check Point Infinity architecture, delivers the most innovative and effective security that keeps our customers protected against large scale, fifth generation cyber threats.

The release contains innovations and significant improvements such as:

  • Practical Prevention against Advanced Threats: The Industry's 1st Threat Extraction for Web. Protect users from malicious web downloads using real-time Threat Extraction technology with a seamless user experience.

  • State-of-the-Art HTTPS Inspection: New SSL Inspection Patent Pending Technologies. Delivering the power to inspect SSL-encrypted network traffic with secure SNI verification improvements. Next Generation Bypass: TLS inspection based on Verified Subject Name.
    Full control over TLS 1.2 traffic with new utility tools to manage cipher suites.

  • Superior Management & Visibility: New Performance & Operational Techniques: Central Deployment Tool (CDT) now embedded for simple and automatic deployments of software packages. Enhanced Logging & Monitoring, Cyber Attack Dashboard. Increased productivity using SmartConsole Extensions.

R80.30 was released on May 7, 2019. Starting Sep 24th 2019, R80.30 Take 200 with Jumbo Hotfix Accumulator Take_50 (see sk153152) is considered as Check Point's default version (widely recommended for all deployments). 

For R80.30 with Gaia 3.10, a dedicated image is available. For more information, refer to sk152652.

What's New in R80.30

  Threat Prevention

    SandBlast Threat Extraction for web-downloaded documents

    • Simple to use, easily enabled for an existing Security Gateway, and does not require any changes to your configuration on the network or client side
    • Extends Threat Extraction, Check Point's File Sanitization capabilities, to web-downloaded documents. Supported file types: Microsoft Word, Excel, PowerPoint and PDF formats
    • Threat Extraction prevents zero-day and known attacks by proactively removing active malware, embedded content and other potentially-malicious parts from a file. Promptly delivers sanitized content to users, maintaining business flow
    • Allows access to the original file, if it is determined to be safe

    Endpoint Security Threat Extraction for web-downloaded documents

    • Endpoint and Network compatibility includes a new mechanism that inspects files just once, either by the Security Gateway or the Endpoint client

    Advanced Threat Prevention

    • Advanced forensics details for Threat Prevention logs
    • Ability to import Cyber Intelligence Feeds to the Security Gateway using custom CSV and Structured Threat Information Expression (STIX)
    • FTP protocol inspection with Anti-Virus and SandBlast Threat Emulation
    • Stability and performance improvements for SandBlast Threat Prevention components
    • Consolidated Threat Prevention dashboard provides full threat visibility across networks, mobile devices and endpoints

    Enhanced visibility to "Malware DNA" analysis for Threat Emulation

    Improved understanding for security personnel of how malware analysis is performed and the reasons a file is flagged as malicious. The Threat Detail report now includes the Malware DNA - a deeper exploration into features determined to be similar to those in known malware families. The enhanced analysis of similarities includes:
    • Behavior
    • Code structure
    • File similarities
    • Patterns of attempted connections to malicious websites and C&C servers

    Complete facelift for the Threat Emulation Findings Summary Report

    • Redesigned Threat Emulation findings report for a more modern look
    • The report also includes a dynamic map view of malware family appearances around the globe over time
    • For more details, as well as information about the availability, refer to sk120357

    Threat Prevention APIs enhancements

    • Added ability to send files via APIs to be scanned by Anti-Virus on local Check Point appliances. This capability is supported for both Security Gateways and dedicated Threat Emulation appliances
      For more information, refer to the Threat Prevention API Reference Guide.

    New and Improved Machine-Learning Engines for Threat Emulation

    • Added new machine-learning engines focused on malware detection inside document files to achieve an optimum catch rate

    Enhanced Control of MTA actions and Threat Emulation behavior in case of failure

    • Added ability for administrators to granularly configure Threat Emulation policy and decide whether to allow a file transfer based on the error type
    • When configuring the MTA gateway to block emails if a scan fails (fail-block), administrators can granularly configure MTA to deliver emails to the users for specific failure types
    • For more details and configuration instructions, refer to sk132492 and sk145552

    Enhanced Anti-Virus support

    • Anti-Virus protections are now applied by default on files received through the MTA gateway. These protections include signatures, hashes and link reputation checks for attachments, link reputation checks for the email body, and granular enforcement based on the file type

    Enhanced Import of additional IOCs

    Gateways configured as MTA can now be enriched with custom Anti-Virus IOCs from external sources.

    • IOCs can be manually imported via the User Interface

    • Links to external feeds for automatic ongoing IOC importing can be added via a configuration change

    • For more information and setup instructions, refer to sk132193 and R80.30 Threat Prevention Administration Guide

    Enhanced support for non-default SMTP ports

    • Added the ability to configure the MTA gateway to send and receive emails on non-default SMTP ports (ports other than 25). For more details and configuration instructions, see sk142932.

    Enhanced management of the MTA

    • Failure to inspect the attachments or links inside an email is now immediately treated as a failure.
    • Previously, inspection failure resulted in adding the email to the MTA queue and retrying the action. As the majority of inspection retries fail as well, this change reduces the size of the queue and improves MTA performance

      Security Gateway
    Management Data Plane Separation
    • Allows a Security Gateway to separate the resources and routing for Management and Data networks. For more information, see sk138672.
    SSL Inspection
    • Server Name Indications (SNI)
      • Next Generation Bypass - TLS inspection based on Verified Subject Name
      • Improved TLS implementation for TLS Inspection and categorization

    • TLS 1.2 support for additional cipher suites:
      • TLS_RSA_WITH_AES_256_GCM_SHA384
      • TLS_RSA_WITH_AES_256_CBC_SHA256
      • TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
      • TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
      • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
      • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
      • TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
      • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
      • X25519 Elliptic Curve
      • P-521 Elliptic Curve
      • Full ECDSA support
      • Improved fail open/close mechanism
      • Improved logging for validations
      • For the complete list of supported cipher suites, see sk104562

    IPsec VPN

    • Redundancy for Multiple Entry Points configuration using Dead Peer Detection (DPD) with third party VPN peers
    • Improved troubleshooting capabilities allows disabling acceleration only for VPN and per VPN peer. For more information, see sk151114

    Advanced Routing

    • Multihop Ping and Multiple ISPs in Policy-Based Routing
    • Multihop Ping in Static Routes
    • BFD in Static Routes
    • VSX VSID in Netflow

    ClusterXL

    • Support for Cluster Control Protocol (CCP) encryption provides better security for cluster synchronization networks.

      Security Management

    Central Deployment Tool (CDT)

    • Starting from this release, CDT version 1.6.1 is embedded in Gaia. For more information, see sk111158.

    SmartConsole extensions

    • Expand and customize Check Point's SmartConsole for your needs by integrating the tools you work with into SmartConsole or add third-party tools as panels and views inside SmartConsole. For more information, see the SmartConsole Extensions Developer Guide.

    Endpoint Security

    • Endpoint and Network compatibility including a new mechanism that inspects files just once, either by the Security Gateway or by the Endpoint Client, eliminating redundancy.
    • Get email alerts when an Endpoint Policy Server is out of sync.
    • CPUSE upgrade for Endpoint Policy Servers.

    Full Disk Encryption

    • The number of preboot users using the same client computer increased to 1000.


    All R80.20.M2 new features are integrated into this release:

    CloudGuard Controller

    • Support Data Center Objects for VMware vCenter Tags.
    • Support Data Center Objects for VMware NSX Universal Security Groups.

      CPView

      • CPView support for Multi-Domain Security Management.
      • Use SNMP for CPView metrics.

      SmartConsole

      • Operational Efficiency - Add and remove an object from groups within the object editor.
      • Logging and Monitoring - Improved, simpler and faster user experience for exporting logs to Splunk.

      Advanced Threat Prevention

      • Consolidated Threat Prevention dashboard provides full threat visibility across networks, mobile and endpoints.


      Documentation


      R80.30 Release Notes

      Administration Guides

      Resolved Issues

      Known Limitations


      Downloads

      SmartConsole

      Security Gateway / Standalone

      Security Management

         
         

      Effective January 13th, 2020, R80.30 CPUSE Upgrade package has been replaced. See sk162632 for further details.

      Release map | Upgrade map | Backward Compatibility map | Releases plan


      Released Hotfixes


      Released Hotfixes
      sk153152 - Jumbo Hotfix Accumulator for R80.30 (Check Point recommends to always install the latest Jumbo Hotfix GA Take)
      For the latest Blink image (GA Take including Jumbo HF Take), see sk153152 - Jumbo Hotfix Accumulator for R80.30
      Effective March 11th 2020, SmartConsole package has been updated (Build 62). See sk153153.
      Effective January 14th 2020, R80.30 Security Gateway image has been updated. For further details see sk162632 

      Note: R80.30 Security Gateway can now be managed by R80.20 Jumbo HotFix Take 91 and above, or R80.10 Jumbo HotFix Take 225 and above.

       


      Additional Downloads and Products


      Product Download
      SmartConsole  Check Point R80.x Cloud Demo (sk103431)
       Portable SmartConsole for R80.x (sk116158)
      Blink - Gaia Fast Deployment  For Gaia Security Gateway and Management, see sk120193 
      R80.30 Management Server
      Migration Tool
       All Gaia versions and SecurePlatform versions above R75.40 (TGZ) 
       All Windows versions (TGZ)
      R80.30 Upgrade Verification and Environment Simulation service  See sk110267 
      CloudGuard  See sk158292 
      ISOMorphic Tool
       For Gaia, SecurePlatform and Linux, see sk65205
      DLP Exchange Server  For Windows (TGZ)
      R80.30 with Gaia 3.10  See sk152652
      Smart-1 625  See sk157153

       




      Check Point CheckMates Community

      Upgrade/Download Wizard

      Revision History

      Show / Hide

      Date Description
      11 Mar 2020 Updated the SmartConsole package to Build 62. See sk153153
      10 Feb 2020 Take 140 of R80.30 Jumbo Hotfix Accumulator is now in General Availability
      05 Jan 2020 Updated the SmartConsole package to Build 42. See sk153153
      03 Dec 2019 Take 111 of R80.30 Jumbo Hotfix Accumulator is now in General Availability
      20 Nov 2019  Updated the SmartConsole package to Build 36. See sk153153
      06 Oct 2019 Updated the SmartConsole package to Build 20. See sk153153
      24 Sep 2019 Take 50 of R80.30 Jumbo Hotfix Accumulator is now in General Availability
      15 Sep 2019 Added an Important Note at the top of this article
      28 Aug 2019 Added R80.30 Upgrade Verification and Environment Simulation service
      19 Aug 2019 Updated Upgrade Tools package for Management Feature Release 
      14 Aug 2019 Updated the SmartConsole package to Build 08. See sk153153
      11 Aug 2019 Added note to the Released Hotfixes section
      06 Aug 2019 Take 19 of R80.30 Jumbo Hotfix Accumulator was defined as the default version
      04 Aug 2019 Added link to sk153152 - Jumbo Hotfix Accumulator for R80.30
      25 July 2019 Added link to sk158292 - CloudGuard for Private Cloud images
      15 July 2019 Link to Release map was replaced
      08 July 2019 Added link to R80.30 with Gaia 3.10 article
      06 June 2019 Added Blink image for R80.30
      14 May 2019 Added R80.30 Documentation Package
      07 May 2019 First release of this document

      Give us Feedback
      Please rate this document
      [1=Worst,5=Best]
      Comment