Supported Environments

Management Servers boot by default with 64-bit GaiaClosed Check Point security operating system that combines the strengths of both SecurePlatform and IPSO operating systems. kernel after a clean installation or upgrade to R81.

Note - If you revert from the R81 upgrade, the appliance boots with the 64-bit Gaia kernel, even if it was originally 32-bit.

Refer to the Support Life Cycle Policy page for more information and announcements about Check Point Appliances.

Management Server

These platforms support R81 in the Management ServerClosed Check Point Single-Domain Security Management Server or a Multi-Domain Security Management Server. and Log ServerClosed Dedicated Check Point server that runs Check Point software to store and process logs. configurations:

Check Point Product

Smart-1 5150 (1),

Smart-1 5050 (1),

Smart-1 3150 (2),

Smart-1 3050 (2),

Smart-1 625 (3),

Smart-1 525 (4)

Smart-1 410 (5),

Smart-1 405 (5),

Smart-1 225 (6)

Open Servers

Virtual Machines (7)

Security Management Server

Log Server

SmartEvent Server

Multi-Domain Security Management Server

(8)

(8)

Multi-Domain Log Server

(8)

(8)

  1. For information about Smart-1 5050 and Smart-1 5150, see sk120453.

  2. For information about Smart-1 3050 and Smart-1 3150, see sk98931.

  3. For information about Smart-1 625, see sk157153.

  4. For information about Smart-1 525, see sk120453.

  5. For information about Smart-1 405 and Smart-1 410, see sk117578.

  6. For information about Smart-1 225, see sk98931.

  7. "Virtual Machines" apply to Public Cloud and to Private Cloud.

    See the Hardware Compatibility List > Tab Virtual Machines.

  8. Requires a license to manage a minimum of 25 Security Gateways.

  9. Each of these Smart-1 models and platforms can run any combination of these products:

Management High Availability:

You can configure Check Point Management High AvailabilityClosed Deployment and configuration mode of two Check Point Management Servers, in which they automatically synchronize the management databases with each other. In this mode, one Management Server is Active, and the other is Standby. Acronyms: Management HA, MGMT HA. between on-premises Management Servers and Management Servers in a cloud.

You must make sure the required Check Point traffic can flow between the on-premises servers and the servers in the cloud.

Security Gateway or Cluster

Only these platforms support R81 in the Security GatewayClosed Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. or ClusterClosed Two or more Security Gateways that work together in a redundant configuration - High Availability, or Load Sharing. configuration:

Platforms

SK

Security Gateway,

Cluster

28000, 28600HS

sk152733

26000, 26000T

sk152733

23500, 23800, 23900

sk107516

16000, 16200, 16600HS, 16600T

sk152733

15400, 15600

sk107516

7000

sk139932

6200, 6400, 6500, 6600, 6700, 6800, 6900

sk139932

5100, 5200, 5400, 5600, 5800, 5900

sk110053

3100, 3200, 3600, 3800

sk110052

64000, 44000 (1)

sk65305

Open Servers

N / A

Virtual Machines (2)

N / A

  1. For more information, see sk169954.

  2. Applies to Public Cloud and to Private Cloud. See the Hardware Compatibility List > Section Virtual Machines.

Standalone (Gateway + Management Server)

Only these platforms support R81 in the StandaloneClosed Configuration in which the Security Gateway and the Security Management Server products are installed and configured on the same server. configuration:

Platforms

Standalone

23500, 23800, 23900

(1)

16000, 16200, 16600T

The model 16600HS does not support Standalone

15400, 15600

(1)

7000

6200, 6400, 6600, 6700, 6900

The models 6500, 6800 do not support Standalone

5900

5100, 5200, 5400, 5600, 5800

(1)

3100, 3200, 3600, 3800

Open Servers

Virtual Machines (2)

  1. These appliance models support Standalone only with the HDD storage.

    These appliance models do not support Standalone with the SSD storage.

    1. Connect to the command line.

    2. Log in to the Expert mode.

    3. Get the list of disk device names:

      fdisk -l | grep '/dev/'

      In the output, refer to the name of the disk device (sda, sdb, and so on).

    4. Run this command for your disk device (sda, sdb, and so on):

      cat /sys/block/<DISK_DEVICE_NAME>/queue/rotational

      Example:

      cat /sys/block/sda/queue/rotational

    5. The returned value:

      • 1 - means this disk is HDD

      • 0 - means this disk is SSD

  2. Applies to Public Cloud and to Private Cloud. See the Hardware Compatibility List > Section Virtual Machines.

Threat Emulation Appliances

Platform

Security Gateway,

Cluster

TE2000XN

TE2000X

TE1000X

TE250XN

TE250X

TE100X

Quantum Maestro

For the list of supported Security Appliances in a Maestro Security GroupClosed A logical group of Security Appliances (in Maestro) / Security Gateway Modules (on Scalable Chassis) that provides Active/Active cluster functionality. A Security Group can contain one or more Security Appliances / Security Gateway Modules. Security Groups work separately and independently from each other. To the production networks, a Security Group appears a single Security Gateway. In Maestro, each Security Group contains: (A) Applicable Uplink ports, to which your production networks are connected; (B) Security Appliances (the Quantum Maestro Orchestrator determines the applicable Downlink ports automatically); (C) Applicable management port, to which the Check Point Management Server is connected., see sk162373.

User Space Firewall (USFW)

Security Gateways on these platforms run in the User Space Firewall mode by default:

Platform

USFW

28000, 28600HS

26000, 26000T

23900

From R80.40, the model 23500 does not support USFW

16000, 16000T, 16200, 16600HS

7000

6200B, 6200P, 6200T, 6400, 6600, 6700, 6900

3600, 3600T, 3800

Open Servers (1)

Virtual Machines (2)

  1. Open ServerClosed Physical computer manufactured and distributed by a company, other than Check Point. must have 40 or more CPU cores.

  2. Virtual Machine must have 40 or more virtual CPU cores.

    Applies to Public Cloud and to Private Cloud.

    See the Hardware Compatibility List > Section Virtual Machines.

Notes:

  • Security Gateways on all other Check Point appliance models run in the Kernel Space Firewall (KSFW) mode by default.

  • You can change the configuration from the Kernel Space Firewall (KSFW) mode to the User Space Firewall mode on these Check Point appliance models (see sk167052):

    • 23800

    • 15400, 15600

    • 6500, 6800

    • 5400, 5600, 5800, 5900

  • Appliances configured as Standalone cannot run in the USFW mode.

Virtualization Platforms

For the most up-to-date information about the supported Linux versions and virtualization platforms, see the Hardware Compatibility List > Section Virtual Machines.

Cloud Platforms

Supported setups for cloud solutions: