Table of Contents
Important Note: This may not be the latest firmware release. To see the latest firmware release, refer to
sk165734.
Introduction
The next family of our Small and Medium Business appliances is based on R80 code.
Check Point's R80.20 release for Small and Medium Business Appliances is supported only on the new 1500 Series Security Gateways. For more information about the 1500 Series, refer to sk157412: 1500 Series Security Gateways.
Check Point is committed to providing the best and most up-to-date security for all deployments including small businesses, medium businesses, and branch offices. The existing 700, 900, 1200R, and 1400 appliance lines will continue to be supported with our R77.20.xx code base.
What's New in R80.20 for SMB Appliances
SMB Next Generation Appliances are R80 code aligned, increasing performance and bringing cutting-edge enterprise grade security to your small and medium size business.
Centrally and locally managed enhancements
- Application Control and Threat Prevention blades use security packages aligned to enterprise grade appliances to enable comprehensive security.
- Automatic Device recognition and discovery.
- Multicore VPN and VPN hardware enabled acceleration.
- Additional ciphers support for HTTPS Inspection (see sk104562).
- WatchTower application enhanced features.
Centrally managed enhancements (will be available in the R80.30 Jumbo Hotfix Accumulator and R80.40 Security Management Server releases)
- Policy layers and sub-policy support for centrally managed mode.
- Unified access policy support for centrally managed mode (Firewall, Application Control, and URL Filtering).
- Unified Threat Prevention policy (IPS, Anti-Virus, Anti-Bot, and Threat Emulation Software Blade policies).
- Acceleration of Domain Objects, Dynamic Objects, and Time Objects for centrally managed mode.
- Wildcard network object in Access Control that represents a series of IP addresses that are not sequential.
Locally managed enhancements
- New Threat Prevention blade control: Unified Threat Prevention policy, easy and intuitive to set and control.
- New SSL inspection enforcement: Simultaneously support light SSL and Full SSL inspection.
- Improved High Availability mechanism.
- WiFi Monitoring - wireless active devices: Track connected devices, signal strength, channel used, and more.
- WiFi Monitoring - Access point: Monitor your WiFi environment to identify congested channels, frequency used, and signal strength.
- Audit logs - Log Admin Activities was added to System logs.
Downloads
Note: To download this package you will need to have a Software Subscription or Active Support plan.
Known Limitations
The following R77.20.87 features are not yet supported:
- IMAPS
- Private Threat Emulation
- MAC filtering, ARP spoofing, and 802.1x based authentication
- FTP is not inspected by Anti-Virus.
- IPv6 - see sk174348.
- VoIP H323 is partially supported. For more information, refer to SMB-10136 in sk159772.
- Centrally managed support (will be supported in R80.30 Jumbo Hotfix Accumulator and R80.40 Security Management Server releases).
- LSM support (will be supported in R80.30 Jumbo Hotfix Accumulator and R80.40 Security Management Server release).
The following R77.20.87 Known Limitations still apply to R80.20:
Unsupported features:
- Mobile Access Web Portal
- Monitoring
- Data Loss Prevention (DLP)
- Threat Extraction
- Mail Transfer Agent (MTA)
- Anti-Virus (scans the files only in their compressed form)
- Content Awareness
- Cluster: only HA is supported (load sharing is not supported)
R80.20 Known Limitations (gaps between Gaia Embedded and Gaia):
See sk159772: Check Point R80.20.xx for 1550 / 1590 Appliance Features and Known Limitations
Documentation
Revision History