Take 255 - General Availability

Product	CPUSE offline package	SmartConsole package
Security Gateway / Standalone Gaia 2.6.18	(TGZ)	(EXE) Build 109
Security Gateway Gaia 3.10	(TGZ)
Security Management	(TGZ)
Blink Image for Security Gateway Gaia 2.6.18 - Clean Install / Upgrade	(TGZ)
Blink Image for Security Management - Clean Install	(TGZ)

To download these packages, you need to have a Software Subscription or Active Support plan.
For Gaia Fast Deployment mechanism "Blink", refer to sk120193.
See R80.30 SmartConsole Releases.
This version reached its End of Support. If you are using this version (or lower), we strongly recommend you to upgrade your environments. Check Point Recommended version for all deployments is R81.10 Take 335 with its Recommended Jumbo Hotfix Accumulator Take.

CPUSE Online Identifiers

Use these CPUSE Online Identifiers:

Check_Point_R80_30_JUMBO_HF_Bundle_T<Take number>_sk153152_Security_Gateway_and_Standalone_2_6_18_FULL.tgz
Check_Point_R80_30_JUMBO_HF_Bundle_T<Take number>_sk153152_Security_Gateway_3_10_FULL.tgz
and
Check_Point_R80_30_JUMBO_HF_Bundle_T<Take number>_sk153152_Security_Management_3_10_FULL.tgz

List of Resolved Issues and New Features

Note - This Take contains all fixes from all earlier Takes.

ID	Product	Description
Take 255 Released on 8 September 2022 and declared as General Availability on 30 October 2022
PRJ-29703, PMTR-59509	Diagnostics	In a rare scenario, the CPView history service may unexpectedly exit. Fix is relevant for Gaia 3.10 only.
PRJ-37761, PRHF-22671	Security Management	The FWM process on the Management Server may unexpectedly exit, creating a core dump file.
PRJ-37986, PRHF-22589	Security Management	After an Application Control update, some application control objects may disappear from SmartConsole, although they are not deprecated.
PRJ-38398, PRHF-23290	Security Management	An Application Control and URL Filtering update may get stuck because of a lock object duplicate issue.
PRJ-39469, PRHF-23825	Security Management	Management HA synchronization may fail with the "NGM failed to import data" error.
PRJ-37884, PRHF-22914	Security Management	Editing an object may fail with the "Could not access file for write operation" error.
PRJ-37507, PRHF-22621	Security Management	Deleting a domain may fail when using the createDomainRecovery.sh script with the "UID" flag.
PRJ-38118, PRHF-23065	Security Management	Policy installation may fail with "an internal error" if some objects are pointed to by an old deleted policy. Refer to sk122954.
PRJ-38215, PRHF-22973	Security Management	If Log Domain reassignment fails, an Application Control and URL Filtering update may get stuck at 70 percent showing the "Running post update actions" status.
PRJ-38786, PRHF-23476	Security Management	Install Policy Preset may fail with "The server did not provide a meaningful reply.". Refer to sk179524.
PRJ-38122, PRHF-23066	Multi-Domain Management	Although all Virtual Devices are deleted, deleting a Domain may fail with an "At least one Virtual Device is defined on this Domain/Domain Management Server. You need to delete all Virtual Systems/Routers prior to deleting Domain/Domain Management Server" message.
PRJ-30962, EPS-562	Logging	In some scenarios, the Forensics report fails to open from Harmony Endpoint logs.
PRJ-39138, PRJ-39139, PMTR-70703	Logging	In IPS Core Protections logs, the link to the Threat Prevention profile is written incorrectly.
PRJ-40507, PRJ-40508, PMTR-85083	Security Gateway	UPDATE: Added a defense mechanism against partial header attacks known as "Slowloris DoS" (CVE-2007-6750).
PRJ-39953, PRJ-39954, PRHF-22814	Security Gateway	UPDATE: Added support for RADIUS UPN authentication with MS-CHAPv2. To use it, enable the registry configuration in ckp_regedit -a SOFTWARE/Checkpoint/VPN1 RADIUS_MSCHAPV2_UPN -n 1.
PRJ-40455, PRJ-40456, PMTR-84535	Security Gateway	In a rare scenario, the FWK process may unexpectedly exit because of a memory allocation issue on the Security Gateway.
PRJ-34168, PRJ-34169, PRHF-20978	Security Gateway	After an upgrade, in a setup with a single Virtual System (VS), the Security Gateway may crash.
PRJ-41002, PRJ-41004	Security Gateway	In a VSX environment, SNMP queries to OSPF OIDs may fail.
PRJ-34401, PRHF-21418	Security Gateway	Deleting IP addresses in the SAM Database may fail.
PRJ-40135, PRJ-40136, PMTR-84236	Security Gateway	When Strict Hold is enabled, traffic is logged with the log "HTTP parsing error detected. Bypassing the request as defined in the Inspection Settings". Refer to sk169995.
PRJ-31456, PRJ-31457, PRHF-16136	Security Gateway	The CPD process may unexpectedly exit and create core dump files.
PRJ-39803, PRJ-39804, PMTR-48371	Security Gateway	In rare scenarios, the Security Gateway may crash when an inspected connection is timed out.
PRJ-39682, PRJ-39683, PRHF-23741	Security Gateway	An ICAP client crash may cause the Security Gateway also to crash and generate an FWK core dump.
PRJ-36565, PMTR-79569	Internal CA	UPDATE: In SmartConsole, added an alert to inform that the ICA certificate will be expired in less than one year. Refer sk158096.
PRJ-34885, PRJ-34886, PMTR-77524	Threat Prevention	When the Security Gateway is in "Detect Only" mode, Threat Prevention Blade exceptions may not be accelerated.
PRJ-35772, PRJ-35773, PMTR-44916	Threat Prevention	File transfer may be very slow when Anti-Virus Blade is enabled.
PRJ-38681, PRJ-38682, PRHF-23324	Threat Prevention	In a rare scenario, an IPS, Anti-Virus, or Anti-Bot update package may fail to load because of a timeout.
PRJ-36382, PRJ-36381, PRHF-22069	Application Control	The /var/log/messages directory may be flooded with "appi_app_db_get_kattrib_info: attribs hash does not exist" messages. A Security Gateway may be slow or unresponsive. Refer to sk178406.
PRJ-36431, PRJ-36432, PMTR-77653	IPS	When ClusterXL is configured, a file may pass without inspection during a failover.
PRJ-39060, PRJ-39061, PRHF-12660	IPS	In a VSX setup, the IP used as the origin SIC name in the IPS log may differ from the IP in other reports.
PRJ-37723, PRJ-37724, PRHF-22465	DLP	DLP logs for files uploaded to Microsoft OneDrive may not show the initial file names and extensions. Refer to sk178290.
PRJ-39279, PRHF-22882	ClusterXL	In a VSX cluster with three or more members, sudden failover and recovery of the Standby VS may occur, causing termination of connections from the Active member. Refer to sk179446. Fix is relevant for Gaia 3.10 only.
PRJ-39836, PRJ-39837	ClusterXL	When reconnecting the OSPF interface on both members in a cluster, a failover may occur when receiving a ROUTED PNOTE on the Active member.
PRJ-39070, PRJ-39071, PRHF-22676	SecureXL	UPDATE: Added a new kernel parameter "fw_allow_reverse_syn" for Smart Connection Reuse. This parameter allows or drops SYN packets coming from the reverse direction. The parameter is set to 0 by default, the Security Gateway drops such packets. Refer to sk24960.
PRJ-39735, PRJ-39736, PMTR-86052	SecureXL	There may be high CPU or/and latency in CIFS/SMB connections.
PRJ-36855, PRJ-36856, PRHF-21863	SecureXL	Policy installation may cause cluster failover and impact the traffic flowing through the cluster.
PRJ-40292, PMTR-81618	SecureXL	In an environment with a cluster in Active/Standby bridge mode, a kernel memory leak may occur. Fix is relevant for Gaia 3.10 only.
PRJ-40906, PRJ-40217, PMTR-63465	SecureXL	In a rare scenario, ipsctl kernel module does not load at startup.
PRJ-38557, PRHF-22924	Routing	UPDATE: Source Pruning will now be disabled by default when VRRP is enabled. This will prevent an interface from keeping the Standby member in Master state after port flapping. The issue is relevant only for Intel X710 network cards using the I40E driver.
PRJ-40846, PRJ-40914, PMTR-85427	VPN	UPDATE: Added a configurable protection for blocking brute-force attacks on VPN SNX portal. Refer to sk180271.
PRJ-40986, PRJ-40987, PMTR-85206	VPN	Resolved the "HTTP Response splitting" vulnerability in Security Gateway portals. Refer to sk179705.
PRJ-40660, PRJ-40661, PRHF-24446	VPN	There may be a low throughput in a Site-to-Site VPN tunnel between two VSX Gateways with enabled.
PRJ-38791, PMTR-82492	VSX	In some scenarios, it is not possible to start a vsx_util upgrade/downgrade after a failed attempt.
PRJ-28950, PRJ-27444, PRHF-17665	VSX	Multi-Queue configuration does not survive reboot on VSX. Refer to sk173950.
PRJ-40248, PMTR-84229	VSX	In VSX, when deleting a warp interface (either by deleting the warp itself or by performing the "reset_gw" command, which deletes all Virtual Devices), the VSX Gateway may crash. Fix is relevant for Gaia 3.10 only.
PRJ-32704, PRHF-20553	VSX	After restoring the VSX Gateway backup, the SNMP agent stops responding when the context is set for a specific VS. Fix is relevant for Gaia 3.10 only.
PRJ-27468, PRJ-27469, PRHF-18056	Gaia OS	UPDATE: A description was added to the output of the "show backup logs" command with information about each column. Refer to sk173970.
PRJ-24451, PRJ-24452, PRHF-16628	Gaia OS	UPDATE: Changed the Syslog message severity from "error" to "info" and removed the exclamation mark in a specific message which is displayed during the normal backup operation flow.
PRJ-29071, PRJ-24564, PRHF-16407	Gaia OS	UPDATE: Added support for the Excluded Files feature (sk116679) for XFS file system on Kernel 3.10.
PRJ-36695, PMTR-79157	Gaia OS	The /var/log/messages file may be flooded with "failed to update arp table file" messages.
PRJ-40306, ODU-454	HCP	Added Update 9 of HealthCheck Point (HCP) Release. Refer to sk171436.
PRJ-40668, ODU-478	HCP	Added Update 10 of HealthCheck Point (HCP) Release. Refer to sk171436.