The web management and enforcement engine of CloudGuard Connect are delivered over the cloud. New features are added dynamically and provided to all customers.

Additional Resources:

• Advanced Threat Prevention Engine Updates
• IPS Newsletter
• Share feedback at the Secure Access Service Edge section of Check Point's cybersecurity community.

What's New

December 30, 2020

Policy

• New URL List object HTTPS Inspection - Recommended Bypass is now part of the default exclusion list at the HTTPS Inspection Policy. An additional URL List object HTTPS Inspection – Optional Bypass is available for selection. Both objects are automatically periodically updated. Contents of the objects are available at sk163595.

Global Settings

• Navigate to Global Settings - Users and assign the new Support Contact Point role for one or more administrators that should be contacted over email in case of emergency, proactive support, planned or unplanned service maintenance. In case none of the administrators at your Infinity Portal account have the Support Contact Point role, all administrators will be contacted. This is a service-specific role for CloudGuard Connect.

November 10, 2020

Settings

• Added support for PingID as Identity Provider.

November 5, 2020

Sites

• New options for creating sites with branch device type set to Aryaka, Nuage, Oracle (Talari), Versa and Asavie. Available at the Sites page and at the REST API.

Logs

• The new Cloud Applications tab provides an overview of cloud applications and file sharing use for your connected users.
• The Logs tab has reordered columns, emphasizing users going to applications.
• Search for Login and Logout operation logs and find your connected users.

Settings

• Added support for OneLogin as Identity Provider.

 

September 11, 2020

Global Settings

• Visibility for your contract is now available. Navigate to Global Settings > Contracts, associate your User Center account, and your CloudGuard Connect SKUs will be associated to your Infinity Portal account, impacting the expiration date, threat prevention package and number of seats.

Sites

• After enabling CloudGuard Connect, the creation time of the first site has been reduced to 25 minutes. Creation of other sites is now between 5 to 18 minutes.

 

July 2, 2020

Sites

• New automatic integration with Microsoft Azure Virtual WAN. Check Point automatically creates sites and secures traffic for each resource marked as secured at your Azure portal. See this CheckMates topic for detailed steps.

 

May 26, 2020

Sites

• New cloud service locations in Italy and South Africa.

 

May 14, 2020

Global Settings

• The new Partner Settings page allows partners and MSSPs to create child-accounts for their customers and manage them centrally.

  Partner Mode allows customers to become a partner in either one of two modes:

  • Distributor/Reseller Partner - can create child accounts, but cannot access their security
  • MSSP Partner - can create child accounts, log into the accounts and manage their security

  Enable Partner Mode by navigating to Global Settings -> Account Settings.

 

April 26, 2020

Sites

• Sites with dynamic IP addresses and multiple ISP's are now supported. You can now create Sites, assign them with a pair of FQDN and pre-shared key for every network interface, and set up tunnels between each of your dynamic network interfaces to the two destination endpoints provided by Check Point's CloudGuard Connect

 

February 24, 2020

Policy

• DLP is now available!
  • Enable it from the Access Control policy by clicking the column headers and selecting the new Content column.
  • You can now allow or block traffic based on file types, such as source control files, or contents, such as certificates or insurance records. Combined with application-aware rules you can create more granular access rules.

Sites

• Stability improvements when creating large number of sites, for example when using CloudGuard Connect API.

 

January 23, 2020

Settings

• Identity Awareness is now available! Connect your identity provider with CloudGuard Connect in order to have user names shown up at the logs.

Other Improvements

• Silver Peak, a leading SD-WAN vendor, now has a Check Point CloudGuard Connect page, allowing you to get Check Point security as a service without leaving the SD-WAN management dashboard. See this CheckMates topic for detailed steps.

 

January 6, 2020

Sites

• You can now create sites with a dynamic IP address.
• New cloud service locations in France, Sweden, Hong Kong and Bahrain.

Policy

• Stability improvements for Full HTTPS Inspection.

Logs

• Additional fields at threat prevention log cards: referrer URL, user agent, HTTP method.
• Improved readability of logs for HTTPS traffic.

Other Improvements

• CloudGuard Connect API is now publicly available.
• Automatic emails are now sent to each customer, explaining the next steps, at the events of: CloudGuard Connect dashboard is ready; the first site was created successfully; and traffic was passed through the first site.
• CloudGuard Connect Admin Guide and integration guide with Cisco SD-WAN are now publicly available.

 

November 21, 2019

Other Improvements

• Customers that have more than one Infinity Portal account can switch between their accounts at the top-level navigation.

 

November 10, 2019

Global Settings

• Administrators can now have a read-only or read-write role.

 

November 6, 2019

Policies

• Review your changes before installing them with a new changes panel.
• Undo and redo each change.

Settings

• View which changes are currently in-progress by other administrators and which changes were previously installed with a new Revisions page.
  • Note: The new change management features refer to changes made at the Policy: access control and HTTPS Inspection rules and objects. These changes need to be installed after you make them. Changes made to Sites or Global Settings don’t require a policy install and are activated right away. For a full list of all changes across Infinity Portal, refer to Global Settings > Audits

Sites

• We added new optional fields, Estimated Number of Users and Device Type, in order to operate our cloud service towards specific usage patterns.

 

November 6, 2019

Policies

• Review your changes before installing them with a new changes panel.
• Undo and redo each change.

Settings

• View which changes are currently in-progress by other administrators and which changes were previously installed with a new Revisions page.
  • Note: The new change management features refer to changes made at the Policy: access control and HTTPS Inspection rules and objects. These changes need to be installed after you make them. Changes made to Sites or Global Settings don’t require a policy install and are activated right away. For a full list of all changes across Infinity Portal, refer to Global Settings > Audits

Sites

• We added new optional fields, Estimated Number of Users and Device Type, in order to operate our cloud service towards specific usage patterns.

 

August 29, 2019

Settings

• The new SmartConsole page lets you choose to manage your security policy from SmartConsole. For more, see sk156632.

 

August 27, 2019

Policies

• Introducing rule and object locks.
  • Previously, any change made by one person was immediately visible for editing by another.
  • From now on, objects and rules that are modified by one administrator appear as locked for editing to other administrators.
  • Only after the administrator completes an Install, other administrators can edit the newly-changed rules and objects.
• You can now discard changes that you made but that were not yet installed.

Global Settings

• Improved user experience for the global settings pages: Administrators, Audits, API Keys, Account Settings, as well as the product menu.

 

August 12, 2019

Sites

• We added support for ISP Redundancy. You can now create Sites with multiple external IPs, and set up tunnels between each of your external IPs to the two destination endpoints provided by Check Point's CloudGuard Connect.

 

July 18, 2019

Logs

• Administrators can receive a weekly Security Report by email. Unsubscribe by visiting Settings > Reports & Logs.

Other Improvements

• Fixed an issue where in some circumstances, end users browsing to a malicious website receive a browser error instead of the page blocked by company policy page.
• All configuration changes are logged at the Audits page.

 

June 26, 2019

Policy

• You can now receive policy installation alerts from the new notification menu. Test Check Point's advanced threat prevention immediately after receiving the Policy Installation Completed alert.

Other Improvements

• The new API Keys page, available in Global Settings, lets users automate creation of sites. Contact us if you are interested in the API for CloudGuard Connect.

 

June 13, 2019

Improvements

• Fixed issues occurring when administrators upload their organization's certificate in order to have Full HTTPS Inspection.

• Stability improvements with policy installation process.

 

May 27, 2019 

Logs

• Improved our Security Report, showing prevented attacks as well as application visibility in a format available for PDF Export. 

Other Improvements

• Stability improvements when adding sites.

 

May 15, 2019

Full HTTPS Inspection is now available

• Not inspecting HTTPS traffic exposes you to 70% of the Internet and the majority of cyberattacks.

• Use the web management to switch from Basic HTTPS Inspection to Full HTTPS Inspection and manage the exceptions. The regulatory-dependent categories are excluded by default.

Sites

• Onboarding is now easier. Newly-created sites now appear with the status waiting for traffic. Only after a Site receives packets from the branch does the status of the Site change to active.

• We added official instructions for connecting with CloudGenix.

Logs

• We improved our Cyber-Attack View, highlighting prevented attacks that relate to Internet traffic.

Other improvements

• Japanese user interface is now available.

• Fixed issues with browser compatibility for Safari on Mac.

 

April 24, 2019

Sites

• We added official instructions for connecting with Citrix SD-WAN, Aruba, and Check Point Gateways. We fixed the instructions for VeloCloud. Email us for information about about integration with other vendors. 

• In addition to managing your sites in Card Mode and Table Mode, you can now manage them over a world map.

Logs

• Traffic logs now show the name of the application for accepted traffic.

 

Updates from before April of 2019 are available upon request.

This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.