Supported Environments
Management Servers boot by default with 64-bit Gaia
Check Point security operating system that combines the strengths of both SecurePlatform and IPSO operating systems. kernel after a clean installation or upgrade to R80.40.
|
|
Note - If you revert from the R80.40 upgrade, the appliance boots with the 64-bit Gaia kernel, even if it was originally 32-bit. |
Refer to the Support Life Cycle Policy page for more information and announcements about Check Point Appliances.
Check Point Appliances
|
|
Note - Support for Check Point Quantum appliances: 3800, 6400, 6700, 7000, 16200, 16600HS, 28000, and 28600HS. For more information, see sk110052, sk139932, and sk152733. These appliances are supported with the R80.40 Jumbo Hotfix Accumulator Take 45 or higher. |
Management Server and Log Server
These platforms support R80.40 in the Management Server Check Point Single-Domain Security Management Server or a Multi-Domain Security Management Server. and Log Server Dedicated Check Point server that runs Check Point software to store and process logs. configurations:
|
Check Point Product |
Smart-1 205, 210, 225, 405, 410, 525, 625 |
Smart-1 3050, 3150, 5050, 5150 |
Open Servers |
Virtual Machines (*) |
|---|---|---|---|---|
|
Security Management Server Endpoint Security Management Server |
|
|
|
|
|
Log Server |
|
|
|
|
|
SmartEvent Server |
|
|
|
|
|
Multi-Domain Security Management Server |
|
|
|
|
|
Multi-Domain Log Server |
|
|
|
|
(*) Applies to Public Cloud and to Private Cloud. See the Hardware Compatibility List > Section Virtual Machines.
|
Platforms |
SK |
Management |
Management + Log Server |
Management + Log Server + SmartEvent |
|---|---|---|---|---|
|
Smart-1 5050, Smart-1 5150 |
|
|
|
|
|
Smart-1 3050, Smart-1 3150 |
|
|
|
|
|
Smart-1 625 |
|
|
|
|
|
Smart-1 525 |
|
|
|
|
|
Smart-1 405, Smart-1 410 |
|
|
|
|
|
Smart-1 225 |
|
|
|
|
|
Smart-1 210 (16GB RAM) (1) |
|
|
|
|
|
Smart-1 210 (8GB RAM) |
|
|
|
|
|
Smart-1 205 (16GB RAM) (1) |
|
|
|
|
|
Smart-1 205 (4GB RAM) (2) |
|
|
|
|
|
Open Servers |
N / A |
|
|
|
|
Virtual Machines (3) |
N / A |
|
|
|
-
As part of the upgrade to R80.40 on Smart-1 205, we recommend to upgrade the memory to 16GB.
-
Smart-1 205 and Smart-1 210 appliances with default memory can run Security Management Server
Dedicated Check Point server that runs Check Point software to manage the objects and policies in a Check Point environment within a single management Domain. Synonym: Single-Domain Security Management Server. OR Log Server OR SmartEvent. -
Applies to Public Cloud and to Private Cloud. See the Hardware Compatibility List > Section Virtual Machines.
Management High Availability:
You can configure Check Point Management High Availability Deployment and configuration mode of two Check Point Management Servers, in which they automatically synchronize the management databases with each other. In this mode, one Management Server is Active, and the other is Standby. Acronyms: Management HA, MGMT HA. between on-premises Management Servers and Management Servers in a cloud.
You must make sure the required Check Point traffic can flow between the on-premises servers and the servers in the cloud.
For Management High Availability A redundant cluster mode, where only one Cluster Member (Active member) processes all the traffic, while other Cluster Members (Standby members) are ready to be promoted to Active state if the current Active member fails. In the High Availability mode, the Cluster Virtual IP address (that represents the cluster on that network) is associated: (1) With physical MAC Address of Active member (2) With virtual MAC Address. Synonym: Active/Standby. Acronym: HA. restrictions, see sk39345.
Security Gateway or Cluster
These platforms support R80.40 in the Security Gateway Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. or Cluster Two or more Security Gateways that work together in a redundant configuration - High Availability, or Load Sharing. configuration:
|
Platforms |
SK |
Security Gateway, Cluster |
|---|---|---|
|
28000, 28600HS |
|
|
|
26000, 26000T |
|
|
|
23500, 23800, 23900 |
|
|
|
21400, 21700, 21800 |
|
|
|
16000, 16000T, 16200, 16600HS |
|
|
|
15400, 15600 |
|
|
|
13500, 13800 |
|
|
|
12200, 12400, 12600 |
|
|
|
7000 |
|
|
|
6200, 6400, 6500, 6600, 6700, 6800, 6900 |
|
|
|
5100, 5200, 5400, 5600, 5800, 5900 |
|
|
|
4200, 4400, 4600, 4800 |
|
|
|
3100, 3200, 3600, 3800 |
|
|
|
2200 |
|
|
|
Open Servers |
N / A |
|
|
Virtual Machines (*) |
N / A |
|
(*) Applies to Public Cloud and to Private Cloud. See the Hardware Compatibility List > Section Virtual Machines.
Standalone and Full High Availability
Only these platforms support R80.40 in the Standalone Configuration in which the Security Gateway and the Security Management Server products are installed and configured on the same server. (Gateway + Management Server) configuration or Full High Availability A special Cluster Mode supported only on Check Point appliances running Gaia OS (R75.40 and higher) or SecurePlatform OS (R77.30 and lower), where each Cluster Member also runs as a Security Management Server. This provides redundancy both between Security Gateways (only High Availability is supported) and between Security Management Servers (only High Availability is supported). Synonyms: Full HA Cluster Mode, Full HA, FullHA. Cluster configuration:
|
Platforms |
SK |
Standalone |
|---|---|---|
|
23500, 23800, 23900 |
|
|
|
21400, 21700, 21800 |
|
|
|
16000, 16000T, 16200 The model 16600HS does not support Standalone |
|
|
|
15400, 15600 |
|
|
|
13500, 13800 |
|
|
|
12600 |
|
|
|
12200, 12400 |
|
|
|
7000 |
|
|
|
6200, 6400, 6600, 6700, 6900 The models 6500, 6800 do not support Standalone |
|
|
|
5900 |
|
|
|
5100, 5200, 5400, 5600, 5800 |
|
|
|
4400, 4600, 4800 The model 4200 does not support Standalone |
|
|
|
3100, 3200, 3600, 3800 |
|
|
|
Open Servers |
N / A |
|
|
Virtual Machines (3) |
N / A |
|
-
These appliance models support Standalone only with the HDD storage.
These appliance models do not support Standalone with the SSD storage.
To see the disk type
-
Connect to the command line.
-
Log in to the Expert mode.
-
Get the list of disk device names:
fdisk -l | grep '/dev/'In the output, refer to the name of the disk device (
sda,sdb, and so on). -
Run this command for your disk device (
sda,sdb, and so on):cat /sys/block/<DISK_DEVICE_NAME>/queue/rotationalExample:
cat /sys/block/sda/queue/rotational -
The returned value:
-
1 - means this disk is HDD
-
0 - means this disk is SSD
-
-
-
These appliance models do not support Standalone configuration with their default 4GB RAM.
To support Standalone configuration on these models, upgrade RAM to at least 8 GB.
-
Applies to Public Cloud and to Private Cloud. See the Hardware Compatibility List > Section Virtual Machines.
-
It is not supported to enable the SmartEvent Software Blade
Specific security solution (module): (1) On a Security Gateway, each Software Blade inspects specific characteristics of the traffic (2) On a Management Server, each Software Blade enables different management capabilities. on any cluster member Security Gateway that is part of a cluster. in Full High Availability Cluster configuration.
User Space Firewall (USFW)
Security Gateways on these platforms run in the User Space Firewall mode by default:
|
Platform |
SK |
USFW |
|---|---|---|
|
28000, 28600HS |
|
|
|
26000, 26000T |
|
|
|
23900 From R80.40, the model 23500 does not support USFW |
|
|
|
16000, 16000T, 16200, 16600HS |
|
|
|
7000 |
|
|
|
6200B, 6200P, 6200T, 6400, 6600, 6700, 6900 |
|
|
|
3600, 3600T, 3800 |
|
|
|
Open Servers (1) |
N / A |
|
|
Virtual Machines (2) |
N / A |
|
-
Open Server
Physical computer manufactured and distributed by a company, other than Check Point. must have 40 or more CPU cores. -
Virtual Machine must have 40 or more virtual CPU cores.
Applies to Public Cloud and to Private Cloud.
See the Hardware Compatibility List > Section Virtual Machines.
|
|
Notes:
|
Virtualization Platforms
For the most up-to-date information about the supported Linux versions and virtualization platforms, see the Hardware Compatibility List > Section Virtual Machines.
Cloud Platforms
Supported setups for cloud solutions:
-
Amazon Web Services:
-
Security Gateway
-
High Availability Cluster
-
Security Gateway Auto Scaling Group
-
Transit Gateway with ASG
-
Security Management Server
-
Standalone
-
-
Microsoft Azure:
-
Security Gateway
-
High Availability Cluster
-
Virtual Machine Scale Sets
-
Security Management Server
-
Standalone
-
-
Google Cloud Platform (GCP):
-
Security Gateway
-
High Availability Cluster
-
Managed Instance Group (MIG)
-
Security Management Server
-
Standalone
-
Hardware Health Monitoring
R80.40 supports these Hardware Health Monitoring features for Gaia Check Point appliances:
-
RAID Health: Use SNMP to monitor the health of the disks in the RAID array, and be notified of volume and disk states.
-
Hardware Sensors: Use the Gaia Portal
Web interface for the Check Point Gaia operating system. or SNMP to monitor fan speed, motherboard voltages, power supply health, and temperatures.Check Point Appliances
Smart-1
SNMP Hardware sensor monitoring (polling and traps)
Gaia Portal hardware sensor monitoring
RAID monitoring with SNMP