Software Changes

Note - To see the list of changes starting from R80.40, see sk180180.

This section describes behavior changes from the previous version.

Management Server

Gaia Operating System

VSX

VPN

  • When a Check Point Management Server creates an IKE certificate, by default this certificate contains the "Server Authentication" attribute within the "Extended Key Usage" field.

  • Changed the default value of "Maximum concurrent IKE negotiations" from 1,000 to 10,000 in the Security Gateway / ClusterXL object > the "Optimization" page.

  • Changed the default value of cphwd_medium_path_qid_by_mspi parameter from 1 to 0 and cphwd_medium_path_qid_by_cpu_id parameter from 0 to 1.

Quantum Maestro, Scalable Chassis, and ElasticXL

Security Gateway

  • In the feature "Hide NAT behind IP Address Range", it is now possible to configure the Security Gateway to select the Hide NAT IP address based on the combination of the source IP address and the source port. See sk105302.

  • Improved the output of the adlogconfig command. See the R82 CLI Reference Guide.

  • In the Threat Prevention Engine Settings, the default "Connection Unification" period changed from 600 minutes to 180 minutes (in SmartConsole, click "Manage & Settings" > "Blades" > in the "Threat Prevention" section, click "Advanced Settings" > click the "General" page).

Mobile Access

  • Changed the default value of the "max_concurrent_vpn_tunnels" parameter from 200 to 10000 in VSX environments.

QoS

SmartConsole