Software Changes

This section lists differences in behavior from previous versions.

• Two Threat Prevention defaults are changed to further increase the security value our customers get from the product.

  • Threat Emulation Check Point Software Blade on a Security Gateway that monitors the behavior of files in a sandbox to determine whether or not they are malicious. Acronym: TE. now scans executable files by default.

  • Threat Extraction Check Point Software Blade on a Security Gateway that removes malicious content from files. Acronym: TEX. for Web is now enabled by default.

  Note - For this to take effect, make sure SandBlast Threat Emulation and Threat Extraction are enabled on the applicable Security Gateways.

• Ability to control SMB protocol inspection for Anti-Virus Check Point Software Blade on a Security Gateway that uses real-time virus signatures and anomaly-based protections from ThreatCloud to detect and block malware at the Security Gateway before users are affected. Acronym: AV. and SandBlast Threat Emulation using SmartConsole Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on..

• The Identity Awareness Check Point Software Blade on a Security Gateway that enforces network access and audits data based on network location, the identity of the user, and the identity of the computer. Acronym: IDA. pdp ifmap CLI command is deprecated and is no longer supported in R81.

• Log description change for DNS sinkhole trap - log is changed to Prevent UserCheck rule action that blocks traffic and files and can show a UserCheck message. instead of Detect UserCheck rule action that allows traffic and files to enter the internal network and logs them., the Security Gateway Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. prevents users from reaching malicious sites.

• Password length restriction for users in User Database (Security Management Database) are extended.

• Threat Prevention - Starting R81, Traditional Anti-Virus is not supported.

• End of development support for Geo Policy, customers facing issues with Geo Policy can use Network Objects instead. For more information see sk126172

• Dynamic Balancing (previously known as: Dynamic Split) for acceleration is on by default. For more information, see sk164155.

  Note - Dynamic Balancing is off by default if manual changes to the Dynamic Balancing configuration are applied prior to R81 upgrade.

• For new installations, NetFlow no longer requires Log/Accounting to be enabled. Logging is off by default. Log/Accounting must still be configured in the Rule Base All rules configured in a given Security Policy. Synonym: Rulebase. for Security Gateways running earlier versions.

• Management API is enabled by default on all types of devices regardless of the amount of free memory.

• CPU Spike Detective is on by default. For more information about CPU Spike Detective, see sk166454

• Upgrade of Management Servers configured as Log Servers to R81:

  • Logs older than the last 24 hours are not available for queries.

  • Management Servers that store logs on an external storage device must follow sk66003 to change the locations of the existing indexes and keep the log data.

    Note - The logs are not lost, indexing can be configured to re-index the logs after the upgrade process completes.

• Changes and Enhancements to Compliance Check Point Software Blade on a Management Server to view and apply the Security Best Practices to the managed Security Gateways. This Software Blade includes a library of Check Point-defined Security Best Practices to use as a baseline for good Security Gateway and Policy configuration.. For more information, see sk170578.