Requirements
Threat Extraction Requirements for Web-downloaded Documents
-
A minimum of 2.3GB free RAM must be available, regardless of the number of cores or connection used by the Security Gateway
Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources.. -
Supported with appliance series 5000, 6000, 7000, and higher.
Threat Emulation Requirements
Threat Emulation Check Point Software Blade on a Security Gateway that monitors the behavior of files in a sandbox to determine whether or not they are malicious. Acronym: TE. that uses ThreatCloud The cyber intelligence center of all of Check Point products. Dynamically updated based on an innovative global network of threat sensors and invites organizations to share threat data and collaborate in the fight against modern malware. requires Gaia Check Point security operating system that combines the strengths of both SecurePlatform and IPSO operating systems. operating system (64 or 32-bit).
Logging Requirements
Logs can be stored on:
-
A Management Server
Check Point Single-Domain Security Management Server or a Multi-Domain Security Management Server. that collects logs from the Security Gateways. This is the default. -
A Log Server
Dedicated Check Point server that runs Check Point software to store and process logs. on a dedicated server. This is the recommendation for environments that generate many logs.
A dedicated Log Server has greater capacity and performance than a Management Server with the activated Logging & Status Check Point Software Blade on a Management Server to view Security Logs from the managed Security Gateways. Software Blade Specific security solution (module): (1) On a Security Gateway, each Software Blade inspects specific characteristics of the traffic (2) On a Management Server, each Software Blade enables different management capabilities..
The dedicated Log Server must run the same version as the Management Server.
SmartEvent Requirements
You can enable the SmartEvent Software Blade on a Security Management Server Dedicated Check Point server that runs Check Point software to manage the objects and policies in a Check Point environment within a single management Domain. Synonym: Single-Domain Security Management Server., or install a dedicated SmartEvent Server Dedicated Check Point server with the enabled SmartEvent Software Blade that hosts the events database..
SmartEvent Server R80.40 can connect to a different version of a Log Server - R77.xx or lower.
SmartEvent and a SmartEvent Correlation Unit SmartEvent software component on a SmartEvent Server that analyzes logs and detects events. are usually installed on the same server. You can also install them on different servers, for example, to balance the load in large logging environments. The SmartEvent Correlation Unit must be the same version as the SmartEvent Server.
To deploy SmartEvent and to generate reports, a valid license or contract is required.
Hardware Requirements
For an average rate of 500 logs per second:
-
Total CPU Cores: 4
-
RAM: 16GB
Desktop SmartConsole Requirements
Desktop SmartConsole Hardware Requirements
This table shows the minimum hardware requirements for SmartConsole Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on. applications:
|
Component |
Minimum Requirement |
|---|---|
|
CPU |
Intel Pentium Processor E2140, or 2 GHz equivalent processor |
|
Memory |
4 GB |
|
Available Disk Space |
2 GB |
|
Video Adapter |
Minimum resolution: 1024 x 768 |
Desktop SmartConsole Software Requirements
-
Microsoft .NET framework 4.5.
-
Microsoft Visual C++.
SmartConsole is supported on:
-
Windows 10 (all editions), Windows 8.1 (Pro), and Windows 7 (SP1, Ultimate, Professional, and Enterprise)
-
Windows Server 2016, 2012, 2012 R2, 2008 (SP2), and 2008 R2 (SP1)
Gaia Portal Requirements
The Gaia Portal Web interface for the Check Point Gaia operating system. supports these web browsers:
|
Browser |
Supported Versions |
|---|---|
|
Microsoft Edge |
Any |
|
Google Chrome |
14 and higher |
|
Mozilla Firefox |
6 and higher |
|
Apple Safari |
5 and higher |
|
Microsoft Internet Explorer |
8 and higher (If you use Internet Explorer 8, file uploads |
Mobile Access Requirements
|
Endpoint Computer OS Compatibility |
Windows |
Linux |
macOS |
iOS |
Android |
|---|---|---|---|---|---|
|
|
|
|
|
|
|
|
Clientless access to web applications (Link Translation) |
|
|
|
|
|
|
|
|
|
|
|
|
|
Secure Workspace |
|
|
|
|
|
|
|
|
|
|
|
|
|
SSL Network Extender - Application Mode |
|
|
|
|
|
|
Downloaded from Mobile Access applications |
|
|
|
|
|
|
Citrix |
|
|
|
|
|
|
File Shares - Web-based file viewer (HTML) |
|
|
|
|
|
|
Web mail |
|
|
|
|
|
|
Endpoint Browser Compatibility |
Microsoft |
Google |
Mozilla |
Apple |
Opera for |
Microsoft |
|---|---|---|---|---|---|---|
|
Mobile Access Portal |
|
|
|
|
|
|
|
Clientless access to web applications (Link Translation) |
|
|
|
|
|
|
|
Compliance Scanner |
|
|
|
|
|
|
|
Secure Workspace (2), (3) |
|
|
|
|
|
|
|
SSL Network Extender - Network Mode |
|
|
|
|
|
|
|
SSL Network Extender - Application Mode (2) |
|
|
|
|
|
|
|
Downloaded from Mobile Access applications |
|
|
|
|
|
|
|
Citrix |
|
|
|
|
|
|
|
File Shares - Web-based file viewer (HTML) |
|
|
|
|
Limited support |
|
|
Web mail |
|
|
|
|
|
|
|
|
Notes:
|
Identity Awareness Requirements
Identity Clients
See Clients and Agents Support by Windows Platform and Clients and Agents Support by Mac Platform for:
-
Identity Agent for a Terminal Server
AD Query and Identity Collector
Supported Active State of a Cluster Member that is fully operational: (1) In ClusterXL, this applies to the state of the Security Gateway component (2) In 3rd-party / OPSEC cluster, this applies to the state of the cluster State Synchronization mechanism. Directory versions: Microsoft Windows Server 2008 R2, 2012, 2012 R2, 2016, and 2019.
Harmony Endpoint Management Server Requirements
Hardware Requirements
These are the minimum requirements to enable Endpoint Security management on a Security Management Server:
|
Component |
Requirement |
|---|---|
|
Number of CPU cores |
4 |
|
Memory |
16 GB |
|
Disk Space |
845 GB |
The requirements for dedicated Endpoint Security Management Servers are similar.
Resource consumption is based on the size of your environment. For larger environments, more disk space, memory, and CPU are required.
Software Requirements
For more information, see the R80.40 Harmony Endpoint Security Server Administration Guide.
-
Endpoint Security Management Servers are supported on Management-only appliances or Open Servers. Endpoint Security Management Servers do not support Standalone
Configuration in which the Security Gateway and the Security Management Server products are installed and configured on the same server. (Security Gateway + Management Server) and Multi-Domain Security Management deployments. -
Endpoint Security Management Servers is not supported on Red Hat Enterprise Linux releases.
-
R80.40 Endpoint Security Management Server can manage:
-
E80.64 and higher versions of Endpoint Security Clients for Windows
-
E80.64 and higher versions of Clients for macOS
-
Anti-Malware Signature Updates
-
To allow Endpoint Security clients to get Anti-Malware signature updates from a cleanly installed R80.40 Primary Endpoint Security Management Server, follow the instructions in the R80.40 Harmony Endpoint Security Server Administration Guide when you select the Anti-Malware component.
-
For a new R80.40 Endpoint Policy Server that was installed from scratch (not upgraded), you must follow sk151533. No additional steps are required, if you upgrade the Primary Endpoint Security Management Server to R80.40.
-
Endpoint Security Clients can continue to acquire their Anti-Malware signature updates directly from an external Check Point signature server or other external Anti-Malware signature resources, if your organization's Endpoint Anti-Malware policy allows it.