Support Center > Search Results > SecureKnowledge Details
Check Point R75.40 Technical Level

Table of Contents

  • What's New in R75.40
  • R75.40 Downloads
  • R75.40 Released Hotfixes
  • R75.40 Documentation


For more information on Check Point releases see: release map, upgrade map, backward compatibility map.
For more information on R75.40, see the R75.40 Release Notes, R75.40 Known Limitations and R75.40 Resolved Issues. You can also visit our Firewall and VPN Blades forum or any other Check Point discussion forum to ask questions and get answers from technical peers and Support experts.
Click here for upgrade wizard - find fresh install/upgrade software packages with just a few clicks.
See sk91060: Removing old Check Point packages and files after an upgrade.


What's New in R75.40

New Terms:

These product and technology names are changed.

Name in R75.20 Name in R75.40
SmartDirectory (LDAP) User Directory
Check Point Abra Check Point GO


Operating System - Gaia

Gaia is Check Point's next generation operating system for security applications. In Greek mythology, Gaia is the mother of all, representing closely integrated parts to form a single, efficient system. The Gaia Operating System supports the full portfolio of Check Point Software Blades, Gateway and Security Management products.
Gaia is a single, unified network security OS that combines the best of Check Point's SecurePlatform operating system, and IPSO, the operating system from the appliance security products. Gaia is available for all Check Point security appliances and open servers.

Designed from the ground up for modern high-end deployments, Gaia includes support for:

  • IPv4 and IPv6 - fully integrated into the Operating System.
  • High Connection Capacity - 64bit support.
  • Load Sharing - ClusterXL and Interface bonding.
  • High Availability - ClusterXL, VRRP, Interface bonding.
  • Dynamic and Multicast Routing - BGP, OSPF, RIP, and PIM-SM, PIM-DM, IGMP.
  • Easy to use Command Line Interface - Commands are structured using the same syntactic rules. An enhanced help system and auto-completion further simplifies user operation.
  • Role Based Administration- Enables Gaia administrators to create different roles. Administrators can allow users to access features by adding those functions to the user's role definition. Each role can include a combination of administrative (read/write) access to some features, monitoring (read-only) access to other features, and no access to other features.
  • Simple and Easy upgrade - from IPSO and SecurePlatform.

Gaia Software Updates

  • Get updates for licensed Check Point products directly through the Operating System.
  • Download and install the updates more quickly. Download automatically, manually, or periodically. Install manually or periodically.
  • Get email notifications for new available updates and for downloads and installations.
  • Easy rollback from new update.

Gaia Web User Interface

  • The Gaia Portal is an advanced, web-based interface for configuring Gaia platforms. Almost all system configuration tasks can be done through this Web-based interface.
  • Easy Access - Simply go to https://<Device_IP_Address>.
  • Browser Support - Internet Explorer, Firefox, Chrome and Safari.
  • Powerful Search Engine - makes it easy to find features or functionality to configure.
  • Easy Operation - two operating modes:
    1. Simplified mode shows only basic configuration options.
    2. Advanced mode shows all configuration options. You can easily change modes.
  • Web-Based Access to Command Line - Clientless access to the Gaia CLI directly from your browser.


R75.40 Gaia Feature Release (Gaia+)

The following features are available in R75.40 Gaia Feature Release (Gaia+) fresh install. They are not available when upgrading to R75.40 Gaia:

  1. Ability to configure 6in4 tunnels.
  2. Backup and restore, including scheduled backups.
  3. Policy Based Routing (PBR). See Gaia Advanced Routing R75.40 Administration Guide
  4. Support for PPPoE interfaces. See sk79880 for information about SecureXL known limitations with regards to PPPoE.
  5. SNMP Traps can be configured to be sent if RAID issues occur.
  6. TACACS+ authentication.
  7. e1000 driver has been updated to version 7.6.15.
  8. Monitor mode now works on 10GbE ports, effectively implementing sk73180. In addition, "one legged" bridge is created automatically, when enabling monitor mode, effectively implementing sk70900.
  9. 2012 appliances now have the ability to automatically fetch a license during the First Time Wizard.
  10. ISP Redundancy, See sk25129 (Supported platforms for ISP Redundancy).


New Appliances

New Check Point appliances support R75.40:

  • 21400 Appliance
  • 12000 Appliances
  • 4000 Appliances
  • 2200 Appliances

Note: all former Check Point appliance series (UTM-1/Smart-1/Power-1) are supported with R75.40, for further information please refer to R75.40 Release Notes.



Check Point Anti-Bot prevents damage and blocks bot communication between infected hosts and a remote operator.

The Anti-Bot Software Blade:

  • Uses the multi-layered ThreatSpect engine to analyze network traffic and identify bot infected machines in the organization.
  • The ThreatCloud repository receives updates and allows for classification of unidentified IP, URL, and DNS resources.
  • Uses different views and reports to provide threat visibility for the organization and help assess damages and decide on corrective actions.
  • Integrates with other Software Blades for a unique Anti-Bot and Anti-Malware solution on a Security Gateway.


New Anti-Virus

Check Point Anti-Virus provides superior Anti-Virus protection against modern malware multiple attack vectors and threats.

The Anti-Virus Software Blade:

  • Offers powerful security coverage by supporting millions of signatures.
  • Leverages the Check Point ThreatCloud repository to identify and block incoming malicious files (such as exe, doc, xls, pdf) from entering the organization.
  • Prevents web-based malware download from sites known to contain malware.
  • Uses different views and reports to provide threat visibility for the organization and help assess damages and decide on corrective actions.
  • Consolidated Anti-Bot and Anti-Virus approach for dealing with malware threats (including policy setting, event analysis, and malware reports).
  • Uses a separate policy installation (together with the Anti-Bot Software Blade) to minimize risk and operational impact.



  • Significant reduction (about 90%) of false positives of non-compliant HTTP and TCP-streaming protections and of redundant logs.
  • Increase pattern granularity - Header rejection, Http worm catcher and Cifs worm catcher patterns were converted into separate protections, giving more granularity in their settings. This feature is installed during the first IPS update process (online update, offline update or scheduled update).
  • Implied exceptions - Built-in exceptions to allow Check Point products trusted traffic.
  • New tool to control IPS functionality from the gateway through CLI.
  • Improved TCP streaming infrastructure.
  • Enhanced HTTP and Web Sockets protection.
  • Improved TAP mode support.
  • Granular TCP logging.
  • New GEO database and additional countries and significantly improved accuracy.


Application Control and URL Filtering

  • Use the Limit action in rules to limit the bandwidth permitted for a rule.
  • Add a Time object to a rule to make the rule active only during specified times.
  • The UserCheck client adds the option to send notifications for applications that are not in a web browser, such as Skype or iTunes.
  • New UserCheck features: Cancel button on messages and UserCheck Frequency.
  • If traffic is not detected by other applications, it is declared an unknown application. This lets you block all unknown traffic and better handle known traffic.


Data Loss Prevention

Add visible and hidden marks to Microsoft Office documents when they are sent as email attachments (outgoing and internal emails).

  • Visible Watermarks alert users to sensitive document content when viewed or printed.
    • Add customized text footer to Power Point slides: "Highly Restricted, sent by John Smith on 7/7/11".
    • Add a large diagonal "Classified" visible watermark on the first page of Word documents that match a DLP rule.
  • Hidden Watermarks are encrypted and let DLP tag documents without affecting format.
    • Does not change the visible document layout.
    • The tag can be identified in DLP scans.
    • The tag can be used for forensic analysis to track leaked documents.

Improved Privacy Options:

  • Can choose to not store original messages with the DLP incident.
  • Send the original email to the data owner.
  • Easy to view HTML-based messages include highlighted matched content and masked credit card numbers.

Time Object:

  • Limit rules to certain times of the day, day of week or day of month.
  • Stop DLP rules on set date, when the data is no longer sensitive (for example, after financial data is publicly released).

Improved Compliance and Matching:

  • Easily view and quickly apply multiple compliance-related rules.
  • Improved template matching identifies files by text and by embedded images (for example, upload company logo to match documents using the company template with that logo embedded).
  • New Message Attributes data type to match based on overall message size, number of attachments, and number of words.



  • In Application and URL Filtering, UserCheck Frequency lets you set the number of times that users get UserCheck messages for accessing applications that are not permitted by the policy. You can also set the notifications to be based on accessing the rule, application category, or the application itself.
  • UserCheck Scoping enhances notifications to match not only by rule, but also by category and site in the Application Control rulebase.
  • A dedicated UserCheck agent on the endpoint gives users notifications and options, according to your rules, when their user actions match DLP or Application and URL Filtering rules.
  • If you don't need users to enter their reason for wanting to do an action that is caught by DLP or Application and URL Filtering rules, you can disable this requirement. See the UserCheck Interaction window > Conditions.
  • Cancel button added to the Inform and Ask web pages, to stop loading a requested page or to stop an email in progress.
  • UserCheck Revoke Page lets you delete (revoke) all UserCheck entries when you access the Revoke Page (https:///RevokePage).


Identity Awareness

  • New Identity acquisition methods:
    • Terminal Servers / Citrix communicate with the gateway through one IP address, but are used to host multiple users. The gateway identifies the originating user behind connections from these multi-user hosts.
    • Transparent Portal Authentication redirects an unauthenticated user to a URL, for authentication (using Kerberos SSO) and then redirects the user back to the originally requested URL. If the transparent authentication fails, the user is redirected to the Captive Portal for manual authentication. The new Browser-Based Authentication lets you configure Captive Portal and Transparent Portal Authentication for Identity Awareness.
    • SSO with Remote Access Clients integrates the Mobile Access blade with the Identity Awareness blade. It adds identity data for VPN client users (coming from E75.x clients, E80.x clients, SecureClient, SSL Network Extender, and so on).
  • Identity Agent for MAC OS (10.6 and 10.7). It can be downloaded from the Identity Awareness Captive Portal.
  • Nested Groups are enforced by the Identity Awareness blade. You can set a parent group as an Access Role in a rule, and it applies to all users in the sub groups.




  • New Reports tab, for richer management functionality of SmartEvent reports and ease of use.
  • Output reports to PDF.
  • New layout for Anti-Malware reports.

Anti-Bot and Anti-Virus X 5:

  • Enhanced overall support for Anti-Bot and Anti-Virus X 5.
  • SmartEvent Intro for Anti-Bot and Anti-Virus X 5.


Usability and Performance Enhancements:

  • Summary view of grouped Events tab supported in Application Control and Anti-Malware events.
  • Easy to activate SmartEvent on a standalone environment - no configuration needed, just activate the Software Blade on the Security Management Server properties.
  • Enhanced SmartEvent performance: support for 2 Million events per day (8,000 to 15,000 users behind Application Control and URL Filtering).


HTTPS Inspection

  • Support for HTTPS Inspection on inbound traffic.
  • Automatic update for Trusted CA list.



You can configure a Security Gateway to be an HTTP/HTTPS web proxy, in transparent or non-transparent mode.



Support for Suite-B GCM encryption. See RFC 6379 for more information.



SmartLog is a next generation solution for managing logs generated by Check Point Security Gateways. This solution is designed to answer the challenges of storing, searching and filtering logs in modern environments with continually increasing log volume. SmartLog has full-text, ultra-fast search capability, and can search huge quantities of log files in seconds.




  • New SmartLog for full-text, ultra-fast search over billions of log records.
  • Configure Multi Portal access through VPN clients (connected with Office Mode), to protect your portals from external network exposure. This new option applies to all portals: Mobile Access Portal, UserCenter Portal, Identity Awareness Captive Portal, Platform Portal, and DLP Portal.
  • SmartProvisioning supports Security Gateway 80 appliances.


  • NAT and Log templates in SecureXL.
  • IPv6 acceleration, MultiCore and ClusterXL HA support on Gaia and SecurePlatform.


  • R75.40 management servers do not need IPv6 licenses.
  • Gaia can automatically attach licenses for Security Gateways and management servers.


  • Hit count - shows number of instances a rule in the Application Control or Firewall rulebases was matched to traffic.
  • Improved performance and easier installation of SmartConsoles.

Note: Smart-1 25 is supported. Whenever Smart-1 25 is listed as supported, Smart-1 25B is as well, unless explicitly stated otherwise.


R75.40 Downloads

Check Point highly recommends to upgrade to Gaia OS and to the most recent Release and Hotfix.

Note: In order to download some of the packages you will need to have a Software Subscription or Active Support plan.

It is recommended to install a hotfix from sk90700.

Software Download Matrix


Fresh Installation

Platform Hardware \ Appliance Gateway with Integrated Management (Standalone) Security Management Server Security Gateway Multi-Domain Security Management
Gaia 2012 Models Appliances
UTM-1 Appliances
- -
21400 Appliance (supports SAM and 10G SFP+ Acceleration Ready I/O cards) - -
Open Servers
IP-Series Disk-based Platforms
, - , -
Smart-1 Appliances -
5, 25, 50
50, 150
Power-1 Appliances - - -
SecurePlatform 2012 Models Appliances
UTM-1 Appliances
- -
Smart-1 Appliances -
5, 25, 50
50, 150
Power-1 Appliances - - -
Open Servers
RHEL 5.0/ RHEL 5.4 Open Servers - -
IPSO 6.2 IP150, IP280, IP290, IP390, IP560, IP690, IP1280, IP2450 Disk-Based
- -
IP290, IP390, IP560, IP690, IP1280, IP2450 Flash-Based
- - -
Windows - (ISO)
Solaris - - -



Platform Hardware \ Appliance Gateway with Integrated Management (Standalone) Security Management Server Security Gateway Multi-Domain Security Management


(from other platforms to Gaia)

2012 Models Appliances
UTM-1 Appliances

Smart-1 Appliances -
5, 25, 50
50, 150
Power-1 Appliances - - -
Open Server
IP-Series Disk-based Platforms - - & or
SecurePlatform 2012 Models Appliances
UTM-1 Appliances

Smart-1 Appliances -
5, 25, 50
50, 150
Power-1 Appliances - - -
Open Servers

RHEL 5.0/ RHEL 5.4 Open Servers -
IPSO 6.2 IP150, IP280, IP290, IP390, IP560, IP690, IP1280, IP2450Disk-Based
IP290, IP390, IP560, IP690, IP1280, IP2450 Flash-Based
- - -
Windows - (ISO)
Solaris - - -

Note: direct upgrade from IPSO 4.2 to Gaia is not supported



Platform GUI
Windows - SmartConsole
Windows - SmartDomain Manager



Management Tools Gaia Linux & SecurePlatform IPSO Windows Solaris
Management Server Migration Tool
Bootmanager (for IP Appliances) - - -
Upgrade Verifier for IPSO to Gaia - - - -



Agent Windows
Exchange agent


R75.40 Released Hotfixes

Released Hotfixes
sk79000 (Check Point R75.40 Hotfix)
sk97987 (Some SSL VPN functionality breaks as a result of a Java update to version 7 update 51 (7u51) and above)


R75.40 Documentation

This solution is about products that are no longer supported and it will not be updated
Applies To:
  • This solution integrates sk75260.

Give us Feedback
Please rate this document