Take 230 - General Availability

Product	CPUSE offline package	SmartConsole package
Security Gateway / Standalone	(TGZ)	(EXE) Build 130
Security Management	(TGZ)
Blink Image for Security Gateway - Clean Install / Upgrade	(TGZ)
Blink Image for Security Management - Clean Install	(TGZ)

To download these packages, you need to have a Software Subscription or Active Support plan.
For Gaia Fast Deployment mechanism "Blink", refer to sk120193.
See R80.20 SmartConsole Releases.
This version reached its End of Support. If you are using this version (or lower), we strongly recommend you to upgrade your environments.

CPUSE Online Identifiers

Use these CPUSE Online Identifiers:

Check_Point_R80_20_JUMBO_HF_Bundle_T<Take number>_sk137592_Security_Gateway_and_Standalone_2_6_18_FULL.tgz

and

Check_Point_R80_20_JUMBO_HF_Bundle_T<Take number>_sk137592_Security_Management_3_10_FULL.tgz

List of Resolved Issues and New Features

Note - This Take contains all fixes from all earlier Takes.

ID	Product	Description
Take 230 Released on 4 September 2022 and declared as General Availability on 3 November 2022
PRJ-38397, PRHF-23290	Security Management	An Application Control and URL Filtering update may get stuck because of a lock object duplicate issue.
PRJ-36187, PRHF-22004	Logging	UPDATE: Amended the override_server_setting.sh script to support changes in the values of RFL_SOLR_MAX_MERGE_COUNT and RFL_SOLR_MAX_MERGE_THREAD_COUNT.
PRJ-30961, EPS-562	Logging	In some scenarios, the Forensics report fails to open from Harmony Endpoint logs.
PRJ-39952, PRHF-22814	Security Gateway	UPDATE: Added support for RADIUS UPN authentication with MS-CHAPv2. To use it, enable the registry configuration in ckp_regedit -a SOFTWARE/Checkpoint/VPN1 RADIUS_MSCHAPV2_UPN -n 1.
PRJ-40506, PMTR-85083	Security Gateway	UPDATE: Added a defense mechanism against partial header attacks known as "Slowloris DoS" (CVE-2007-6750).
PRJ-40134, PMTR-84236	Security Gateway	When Strict Hold is enabled, traffic is logged with the log "HTTP parsing error detected. Bypassing the request as defined in the Inspection Settings". Refer to sk169995.
PRJ-40643, PRJ-38912	Security Gateway	When Anti-Virus Blade is enabled, there may be a continuous high memory consumption which can lead to latency.
PRJ-41003, PRJ-40954	Security Gateway	In a VSX environment, SNMP queries to OSPF OIDs may fail.
PRJ-31455, PRHF-16136	Security Gateway	The CPD process may unexpectedly exit and create core dump files.
PRJ-34167, PRHF-20978	Security Gateway	After an upgrade, in a setup with a single Virtual System (VS), the Security Gateway may crash.
PRJ-34884, PMTR-77524	Threat Prevention	Traffic bypassed due Threat Prevention exception is not accelerated.
PRJ-40045, PRJ-34088	Threat Prevention	IPS and other Threat Prevention logs may not contain packet capture. And dmesg may be flooded with related errors.
PRJ-36430, PMTR-77653	IPS	When ClusterXL is configured, a file may pass without inspection during a failover.
PRJ-37722, PRHF-22465	DLP	DLP logs for files uploaded to Microsoft OneDrive may not show the initial file names and extensions. Refer to sk178290.
PRJ-39835, PMTR-84079	ClusterXL	When reconnecting the OSPF interface on both members in a cluster, a failover may occur when receiving a ROUTED PNOTE on the Active member.
PRJ-39069, PRHF-22676	SecureXL	UPDATE: Added a new kernel parameter "fw_allow_reverse_syn" for Smart Connection Reuse. This parameter allows or drops SYN packets coming from the reverse direction. The parameter is set to 0 by default, the Security Gateway drops such packets. Refer to sk24960.
PRJ-36854, PRHF-21863	SecureXL	Policy installation may cause cluster failover and impact the traffic flowing through the cluster.
PRJ-40847, PMTR-85427	VPN	UPDATE: Added a configurable protection for blocking brute-force attacks on VPN SNX portal. Refer to sk180271.
PRJ-40659, PRHF-24446	VPN	There may be a low throughput in a Site-to-Site VPN tunnel between two VSX Gateways with enabled.
PRJ-27467, PRHF-18056	Gaia OS	UPDATE: A description was added to the output of the "show backup logs" command with information about each column. Refer to sk173970.
PRJ-29070, PRHF-16407	Gaia OS	UPDATE: Added support for the Excluded Files feature (sk116679) for XFS file system on Kernel 3.10.
PRJ-40305, ODU-454	HCP	Added Update 9 of HealthCheck Point (HCP) Release. Refer to sk171436.
PRJ-40667, ODU-478	HCP	Added Update 10 of HealthCheck Point (HCP) Release. Refer to sk171436.