What is Gaia?

Check Point Gaia is the next generation Secure Operating System for all Check Point Appliances, Open Servers and Virtualized Gateways.

Gaia combines the best features from IPSO and SecurePlatform (SPLAT) into a single unified OS providing greater efficiency and robust performance. By upgrading to Gaia, customers will benefit from improved appliance connection capacity and reduced operating costs. With Gaia, IP Appliance customers will gain the ability to leverage the full breadth and power of all Check Point Software Blades.

Gaia secures IPv6 networks utilizing the Check Point Acceleration & Clustering technology and it protects the most dynamic network and virtualized environments by supporting 5 different dynamic routing protocols. As a 64-Bit OS, Gaia increases the connection capacity of existing appliances supporting up-to 10M concurrent connections for select 2012 Models.

Gaia simplifies management with segregation of duties by enabling role-based administrative access. Furthermore, Gaia greatly increases operation efficiency by offering Automatic Software Update.

The feature-rich Web interface allows for search of any command or property in a second.

Gaia provides backward compatibility with IPSO and SPLAT CLI-style commands making it an easy transition for existing Check Point customers.

• Is R75.40 released only on Gaia?
  

  R75.40 has been released on Gaia, SecurePlatform, IPSO and Windows.

• What are the main features of Gaia?
  

  • Support for all Check Point appliances.
  • Support for all Open servers appearing on the Check Point Hardware Compatibility List.
  • High Connection Capacity through 64-bit support on select appliances.
  • New Web UI portal providing full control of the system, with search capability and web based terminal.
  • Unified command line shell which is backward compatible with Clish and cpshell.
  • IPv6 native support, including acceleration, ClusterXL ,Web UI and command line shell.
  • ClusterXL and VRRPRole Based Administration - fine grained control of Administrator's privileges.
  • RADIUS and TACACS+ support.

• Can Gaia be used as a Security Management server?
  

  Yes.

• Can Gaia Management server be used to manage SecurePlatform gateways?
  

  Yes. Also, vice versa is possible.

• Is there a special SmartDashboard for Gaia?
  

  No. Gaia includes a standard SmartDashboard.

• Does Gaia support Multi Domain (Provider-1)?
  

  Yes. Multi Domain Management R75.40 is available on Gaia. See sk69682 for more details.

• Can I upgrade to Gaia from SecurePlatform?
  

  Yes. The in-place upgrade process is exactly the same as the process used to upgrade from one SecuePlatform release to a newer one. For more details on the upgrade process, refer to sk70260.

• Can I upgrade to Gaia from IPSO?
  

  Yes, but the upgrade process is different than upgrading from one version of IPSO to a newer one. The upgrade process from IPSO to Gaia is documented in sk70260.

• I have set up a VRRP pair under Gaia, or have upgraded a VRRP pair from IPSO to Gaia. Both of my appliances are showing up as Master
  

  In Gaia, you must add an explicit firewall rule to both appliances allowing 'Accept of VRRP' protocol packets.

• Do I need a special license in order to use IPv6?
  

  IPv6 license can be freely obtained using procedure documented in sk66082.

• How to configure Proxy ARP on Gaia?
  

  Proxy ARP is a firewall feature, not an OS feature. You can control Proxy ARP using the standard methods (SmartDashboard and $FWDIR/conf/local.arp) documented in sk30197.

• Which Check Point appliances are supported by Gaia?
  

  The following appliances are supported by Gaia:

  • 2012 appliances - 21400, 12600, 12400, 12200, 4800, 4600, 4200, 2200
  • Power-1 - 11000, 9070, 5070
  • UTM-1 - 3070, 2070, 1070, 570, 270, 130
  • Smart-1 - 150, 50, 25, 25B, 5
  • IP Appliances - IP2450, IP1280, IP690, IP560, IP390, IP290, IP282, IP150

• Which Open Servers are supported by Gaia?
  

  Gaia supports all the Open Servers that SecurePlatform supports. You can check the Gaia and SecurePlatform Hardware Compatibility List on the Check Point public site.

• Which Appliances models / Open Servers models support 64-bit?
  

  Refer to sk71001.

• Does Gaia VRRP support Full HA ?

  No. VRRP does not support Full HA.

• R75.40 Gaia Feature Release (Gaia+)

  The following features are available in R75.40 Gaia Feature Release (Gaia+) fresh install:

  1. Ability to configure 6in4 tunnels.
  2. Backup and restore, including scheduled backups.
  3. Policy Based Routing (PBR). See Gaia Advanced Routing R75.40 Administration Guide.
  4. Support for PPPoE interfaces. See sk79880 for information about SecureXL known limitations with regards to PPPoE.
  5. SNMP Traps can be configured to be sent if RAID issues occur.
  6. TACACS+ authentication.
  7. e1000 driver has been updated to version 7.6.15.
  8. Monitor mode now works on 10GbE ports, effectively implementing sk73180. In addition, "one legged" bridge is created automatically, when enabling monitor mode, effectively implementing sk70900.
  9. 2012 appliances now have the ability to automatically fetch a license during the First Time Wizard.
  10. ISP Redundancy. See sk25129 (Supported platforms for ISP Redundancy).
  11. An assortment of minor fixes.

  
  
  Notes:

  • Gaia Feature Release (Gaia+) was released shortly after R75.40 to incorporate some features that were not integrated into the initial Gaia release.
  • These features are not available when upgrading to R75.40 Gaia.
  • The features in Gaia+ will be included in all post-R75.40 releases.

   

  In order to check, which version of Gaia is installed (Gaia or Gaia+),
  run the 'show version all' command in clish and check the 'OS build':
  
  HostName> show version all
  
  

  OS build	Gaia release
  65	Gaia+
  264	last Gaia Early Availability release most people saw
  338	Gaia General Availability release (first version)
  339	Gaia General Availability release (second version)

  
  
  Example output:

  HostName> show version all
  
  Product version Check Point Gaia R75.40 
  OS build 65
  OS kernel version 2.6.18-92cp
  OS edition 32-bit
  

• Which browsers are supported for Gaia Portal?
  

  Refer to sk92668.