For more information on R70.20, see the R70.20 Release Notes, R70.20 Known Limitations and R70.20 Resolved Issues.
Note: a valid support account is needed in order to access theses solutions.
Table of Contents
What's New in R70.20
The following features have been added or enhanced in R70.20:
Event Correlation & IPS Event Analysis Software Blades Update
New Real Time Views & Simplified Events Processing
- Timeline View - See real-time information, trends, and anomalies at a glance with security events displayed graphically to clearly represent the number, time, and severity of events.
- Charts View - View event statistics in a variety of charts, including bar and pie charts.
- Maps View - Geolocate an event source or destination IP on a world map. Maps can be color coded to highlight relevant countries and can be expanded.
- Export Event Data - Export sorted, filtered and grouped event data to a comma-delimited text file for further analysis using external applications, such as a spreadsheet or text editor.
- Eventia ClientInfo - Provides comprehensive information about a Windows machine's configuration, including hardware and Operating System details, processes, services, software intalled, and Microsoft Security Patches installed. Helps you determine whether an attack related to Microsoft software is likely to affect the target machine.
Real-Time Analysis & Action
- Group By - Focus on the most important events and compact the event list by grouping events based on event name, source, destination, or any other field.
- New Event Search - New search field allows you to enter any text that can appear in any event field, and displays only matching events.
- Forensics - Drill down from the ?big picture? to events, then use advanced filtering / search / group / sort to go deeper, and finally go to raw logs / packet capture to understand exactly what happened.
- Ticketing - Use ticketing workflow to assign events to administrators.
- Improved Overview Page - New dashboard interface with IPS critical information.
- Detailed hourly, weekly and monthly reports focusing on IPS events.
- Share IPS Event & Packet Capture with Check Point Security Research Team.
Reporting Blade Updates
- Numerous new Standard and Express reports for easy compliance with ISO 17799, COBIT, PCI-DSS, SOX, and HIPAA standards.
- URL Filtering activity report analyzes Web filtering activity by user, URL category, source, and more.
- Improved Endpoint Security reports.
IPS Software Blade Update
- Geo Protection - New protection category that allows you to control traffic based on the source or destination country. You can define a policy for specific countries, and a policy that applies to all other countries.
- Improved Source IP Information - Logs now include the original IP addresses of proxied connections.
- Automatic packet capture on the first instance of any protection to help administrators analyze IPS events.
- Improved confidence level for many protections, primarily for DCE-RPC - Allows you to ignore the noise and focus on the real threats.
- Logs now include information about types of Web browsers and server.
Logging & Status Software Blade Update
- Identity Logging - Inserts user and computer names into Check Point logs by retrieving the information from Active Directory Domain Controllers. No special configuration or agent installation is required on the Domain Controllers themselves.
- R70.20 allows you to install a software license for the number of cores you plan to use, rather than the number of physical cores on the open server.
Note: In order to download some of the packages you will need to have a Software Subscription or Active Support plan.
This solution is about products that are no longer supported and it will not be updated