Mobile Access wizard for easy connection to Exchange server.
DLP Enhancements
Fingerprinting: Protect files residing in network repositories. The gateway scans repositories and prevents files or parts of files from leaving the organization.
Whitelist policy: easily define files that will not be matched by the DLP engine.
Upload specific files to the Security Management server, or create a network repository.
DLP is now fully user aware for all protocols.
Use Access Roles in DLP rule base.
DLP email notifications to end-users for violations on all protocols.
UserCheck client single sign on.
UserCheck notification configuration and multi-language support.
SMTP Mirror mode for easy DLP Proof of Concept.
New Appliance and Hardware Support
New 21600 appliances.
New 21700 appliances.
Support for DDoS Protector appliances.
Security Acceleration Module (supported for IPv4 and Gateway Mode only)
Support for Bypass Card (FONIC) on 4000 and 12000 appliances. See sk85560 for more information.
Endpoint Security Blade
The Endpoint Policy Management Blade lets you manage and enforce Endpoint Security policies on Windows and Mac computers. Endpoint Security Software Blades include:
Media Encryption
Full Disk Encryption
Firewall
Compliance
WebCheck
Application Control
When the Endpoint Policy Management blade is enabled, the Security Management Server also becomes an E80.40 Endpoint Security Management Server that manages E80.40 and earlier Endpoint Security clients, with R76 SmartEndpoint.
Application and URL Filtering Enhancements
Enhanced options to filter HTTPS without SSL inspection
Enhanced options for search engine results:
Enforce search engine safe-search
Filter cached and translated pages from search engine results
Enhanced reporting:
Detailed user activity reports.
Filter reports by user group
Web browsing time shown in logs, events, and reports.
Dedicated permission to generate SmartEvent reports
SmartLog and SmartEvent
New Timeline view in SmartLog for better understanding and orientation of search results.
Reporting enhancements for Application and URL Filtering
SmartEvent tripled scale. See the SmartEvent Sizing Guide sk87263.
Anti-Bot and Anti-Virus
Improved scanning and recognition of bots and viruses.
UserCheck support.
Rulebase exceptions can be based on URLs.
VPN
AES performance enhancements for high end appliances (12400, 12600, and 21000 series): Increased Site-to-Site VPN and Remote Access throughput.
HTTPS Inspection black-list automatic updates.
Increased session rate for Identity Awareness Captive Portal.
DDoS/DoS Performance Enhancements
During a DoS or DDoS attack, these SecureXL features can be activated to mitigate the attack:
Penalty box - Early drop of packets arriving from suspected sources, for better performance under heavy load, such as caused by a DDoS attack. See sk74520.
Optimized drops under heavy load - Dropped traffic is accelerated by SecureXL, reducing gateway resource consumption during heavy load. See sk90861 and sk90941 for advanced configurations.
Note: Solaris is a legacy platform, unsupported for new installations. You can migrate the Solaris database to Windows, SecurePlatform, and Gaia, from Check Point versions in the Supported Upgrade Paths listed below.
You can upgrade these Security Management Server and Security Gateway versions to R76:
Upgrade on IPSO 6.2 (both for Disk Based and for Flash Based) requires IPSO 6.2 MR4 or later IPSO release. For information, including memory size limitations, please see sk92306 (Check Point IPSO 6.2 MR4 and MR4a).
Upgrade on IPSO 6.2 is not supported from the R75.40VS version.
Mobile Access wizard for easy connection to Exchange server.
DLP Enhancements
Fingerprinting: Protect files residing in network repositories. The gateway scans repositories and prevents files or parts of files from leaving the organization.
Whitelist policy: easily define files that will not be matched by the DLP engine.
Upload specific files to the Security Management server, or create a network repository.
DLP is now fully user aware for all protocols.
Use Access Roles in DLP rule base.
DLP email notifications to end-users for violations on all protocols.
UserCheck client single sign on.
UserCheck notification configuration and multi-language support.
SMTP Mirror mode for easy DLP Proof of Concept.
New Appliance and Hardware Support
New 21600 appliances.
New 21700 appliances.
Support for DDoS Protector appliances.
Security Acceleration Module (supported for IPv4 and Gateway Mode only)
Support for Bypass Card (FONIC) on 4000 and 12000 appliances. See sk85560 for more information.
Endpoint Security Blade
The Endpoint Policy Management Blade lets you manage and enforce Endpoint Security policies on Windows and Mac computers. Endpoint Security Software Blades include:
Media Encryption
Full Disk Encryption
Firewall
Compliance
WebCheck
Application Control
When the Endpoint Policy Management blade is enabled, the Security Management Server also becomes an E80.40 Endpoint Security Management Server that manages E80.40 and earlier Endpoint Security clients, with R76 SmartEndpoint.
Application and URL Filtering Enhancements
Enhanced options to filter HTTPS without SSL inspection
Enhanced options for search engine results:
Enforce search engine safe-search
Filter cached and translated pages from search engine results
Enhanced reporting:
Detailed user activity reports.
Filter reports by user group
Web browsing time shown in logs, events, and reports.
Dedicated permission to generate SmartEvent reports
SmartLog and SmartEvent
New Timeline view in SmartLog for better understanding and orientation of search results.
Reporting enhancements for Application and URL Filtering
SmartEvent tripled scale. See the SmartEvent Sizing Guide sk87263.
Anti-Bot and Anti-Virus
Improved scanning and recognition of bots and viruses.
UserCheck support.
Rulebase exceptions can be based on URLs.
VPN
AES performance enhancements for high end appliances (12400, 12600, and 21000 series): Increased Site-to-Site VPN and Remote Access throughput.
HTTPS Inspection black-list automatic updates.
Increased session rate for Identity Awareness Captive Portal.
DDoS/DoS Performance Enhancements
During a DoS or DDoS attack, these SecureXL features can be activated to mitigate the attack:
Penalty box - Early drop of packets arriving from suspected sources, for better performance under heavy load, such as caused by a DDoS attack. See sk74520.
Optimized drops under heavy load - Dropped traffic is accelerated by SecureXL, reducing gateway resource consumption during heavy load. See sk90861 and sk90941 for advanced configurations.
Note: Solaris is a legacy platform, unsupported for new installations. You can migrate the Solaris database to Windows, SecurePlatform, and Gaia, from Check Point versions in the Supported Upgrade Paths listed below.
You can upgrade these Security Management Server and Security Gateway versions to R76:
Upgrade on IPSO 6.2 (both for Disk Based and for Flash Based) requires IPSO 6.2 MR4 or later IPSO release. For information, including memory size limitations, please see sk92306 (Check Point IPSO 6.2 MR4 and MR4a).
Upgrade on IPSO 6.2 is not supported from the R75.40VS version.