Supported Environments
Management Servers boot by default with 64-bit Gaia Check Point security operating system that combines the strengths of both SecurePlatform and IPSO operating systems. kernel after a clean installation or upgrade to R81.20.
|
Notes:
|
Management Server and Log Server
These platforms support R81.20 in the Management Server Check Point Single-Domain Security Management Server or a Multi-Domain Security Management Server. and Log Server Dedicated Check Point server that runs Check Point software to store and process logs. configurations:
(*) Applies to Public Cloud and to Private Cloud. See the Hardware Compatibility List > Section Virtual Machines.
(*) Applies to Public Cloud and to Private Cloud. See the Hardware Compatibility List > Section Virtual Machines.
Management High Availability:
You can configure Check Point Management High Availability Deployment and configuration mode of two Check Point Management Servers, in which they automatically synchronize the management databases with each other. In this mode, one Management Server is Active, and the other is Standby. Acronyms: Management HA, MGMT HA. between on-premises Management Servers and Management Servers in a cloud.
You must make sure the required Check Point traffic can flow between the on-premises servers and the servers in the cloud.
For Management High Availability restrictions, see sk39345.
Security Gateway or Cluster
These platforms support R81.20 in the Security Gateway Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. or Cluster Two or more Security Gateways that work together in a redundant configuration - High Availability, or Load Sharing. configuration:
Standalone and Full High Availability
Only these platforms support R81.20 in the Standalone Configuration in which the Security Gateway and the Security Management Server products are installed and configured on the same server. (Gateway + Management Server) configuration or Full High Availability Cluster configuration:
-
These appliance models support Standalone only with the HDD storage.
These appliance models do not support Standalone with the SSD storage.
To see the disk type-
Connect to the command line.
-
Log in to the Expert mode.
-
Get the list of disk device names:
fdisk -l | grep '/dev/'
In the output, refer to the name of the disk device (
sda
,sdb
, and so on). -
Run this command for your disk device (
sda
,sdb
, and so on):cat /sys/block/<DISK_DEVICE_NAME>/queue/rotational
Example:
cat /sys/block/sda/queue/rotational
-
The returned value:
-
1 - means this disk is HDD
-
0 - means this disk is SSD
-
-
-
The 9000 appliances require a dedicated R81.20 image.
See the Downloads section in sk181698.
-
Applies to Public Cloud and to Private Cloud. See the Hardware Compatibility List > Section Virtual Machines.
-
It is not supported to enable the SmartEvent Software Blade Specific security solution (module): (1) On a Security Gateway, each Software Blade inspects specific characteristics of the traffic (2) On a Management Server, each Software Blade enables different management capabilities. on any cluster member Security Gateway that is part of a cluster. in Full High Availability Cluster configuration.
Threat Emulation Appliances
Platform |
SK |
Security Gateway, Cluster |
---|---|---|
TE2000XN |
|
|
TE2000X |
|
|
TE1000X |
|
|
TE250XN (*) |
|
|
TE250X |
|
|
TE100X |
|
(*) This appliance model does not support R81.20. See sk173494.
Quantum Maestro
Quantum Maestro Orchestrator A scalable Network Security System that connects multiple Check Point Security Appliances into a unified system. Synonyms: Orchestrator, Quantum Maestro Orchestrator, Maestro Hyperscale Orchestrator. Acronym: MHO. models MHO-140, MHO-170, and MHO-175 fully support the R81.20 release. See sk177624.
For the list of supported Security Appliances in a Maestro Security Group A logical group of Security Appliances (in Maestro) / Security Gateway Modules (on Scalable Chassis) that provides Active/Active cluster functionality. A Security Group can contain one or more Security Appliances / Security Gateway Modules. Security Groups work separately and independently from each other. To the production networks, a Security Group appears a single Security Gateway. In Maestro, each Security Group contains: (A) Applicable Uplink ports, to which your production networks are connected; (B) Security Appliances (the Quantum Maestro Orchestrator determines the applicable Downlink ports automatically); (C) Applicable management port, to which the Check Point Management Server is connected., see sk162373.
User Space Firewall (USFW)
Security Gateways on these platforms run in the User Space Firewall mode by default:
-
The 19000 and 29000 appliances require a dedicated R81.20 image.
See the Downloads section in sk180520.
-
The 9000 appliances require a dedicated R81.20 image.
See the Downloads section in sk181698.
-
Open Server Physical computer manufactured and distributed by a company, other than Check Point. must have 40 or more CPU cores.
-
Virtual Machine must have 40 or more virtual CPU cores. Applies to Public Cloud and to Private Cloud.
-
CloudGuard Network Virtual Machines support USFW regardless of the number of available CPU cores.
|
Notes:
|
SecureXL User Mode (UPPAK)
Only these Check Point appliances support SecureXL Check Point product on a Security Gateway that accelerates IPv4 and IPv6 traffic that passes through a Security Gateway. in the User Mode (UPPAK):
Virtualization Platforms
For the most up-to-date information about the supported Linux versions and virtualization platforms, see the Hardware Compatibility List > Section Virtual Machines.
Cloud Platforms
Supported setups for cloud solutions:
-
Amazon Web Services:
-
Security Gateway
-
High Availability Cluster
-
Cross AZ Cluster
-
Security Gateway Auto Scaling Group
-
Standalone
-
-
Microsoft Azure:
-
Security Gateway
-
High Availability Cluster
-
Virtual Machine Scale Sets
-
Security Management Server
-
Multi-Domain Server
-
Standalone
-
-
Google Cloud Platform (GCP):
-
Security Gateway
-
High Availability Cluster
-
Managed Instance Group (MIG)
-
Security Management Server
-
Multi-Domain Server
-
Standalone
-