What's New

Introduction

R82 is Check Point's major software release for Quantum products and CloudGuard Network Security. It introduces 50 innovative capabilities to strengthen threat prevention, greatly streamline operations and provisioning, and troubleshoot network connections with integrated diagnostics tools.

This release provides access to new AI-powered threat prevention engines that strengthen defense against zero-day phishing, brand spoofing, malware, and more. R82 also adds DNS protection against NXNS, offers DNS configuration granularity, and supports DNS-over-HTTPS InspectionClosed Feature on a Security Gateway that inspects traffic encrypted by the Secure Sockets Layer (SSL) protocol for malware or suspicious patterns. Synonym: SSL Inspection. Acronyms: HTTPSI, HTTPSi..

Check Point offers the industry's first complete protection for HTTP/3 over QUIC. R82 also enables effortless and automated HTTPS Inspection deployment with granular controls and exceptional performance.

Check Point's VSXClosed Virtual System Extension. Check Point virtual networking solution, hosted on a computer or cluster with virtual abstractions of Check Point Security Gateways and other network devices. These Virtual Devices provide the same functionality as their physical counterparts. has a new versatile mode (VSNext) that unifies management features and APIs across Virtual Systems and physical Security Gateways. Furthermore, clusterClosed Two or more Security Gateways that work together in a redundant configuration - High Availability, or Load Sharing. management is greatly simplified with a new page in Gaia PortalClosed Web interface for the Check Point Gaia operating system. and a new mode (ElasticXL) that enables Security GatewayClosed Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. clustering without the need for physical OrchestratorsClosed See "Maestro Orchestrator"..

In addition, R82 introduces a new version of Check Point's operating system with superior networking and routing capabilities. For automation, users and DevOps teams can now execute API calls directly to security gateways through a new dynamic policy layer. For future-proofing, R82 enables NIST-approved Kyber (ML-KEM) encryption to protect today’s VPN traffic against future quantum computing-based hacking.

These are just some of the powerful new capabilities in R82.

Threat Prevention

AI-based prevention engines

Check Point's new AI security engines represent a shift in how we utilize data, transitioning from mostly a single indicator perspective to a multi-dimensional approach.

Improved DNS Security Capabilities

This release provides new and enhanced DNS security capabilities with the addition of:

  • Advanced DNS protection against Non-Existent Domain (NXNS) Attack.

  • Support for DNS over HTTPS (DoH) protocol.

  • Configuration Granularity - Advanced DNS Security settings in the Threat Prevention profile.

  • Detailed DNS Security statistics - Now available in the SmartView Dashboard.

Automatic Security Services Configuration

Zero PhishingClosed Check Point Software Blade on a Security Gateway (R81.20 and higher) that provides real-time phishing prevention based on URLs. Acronym: ZPH., Anti-VirusClosed Check Point Software Blade on a Security Gateway that uses real-time virus signatures and anomaly-based protections from ThreatCloud to detect and block malware at the Security Gateway before users are affected. Acronym: AV., Anti-BotClosed Check Point Software Blade on a Security Gateway that blocks botnet behavior and communication to Command and Control (C&C) centers. Acronyms: AB, ABOT. and IPSClosed Check Point Software Blade on a Security Gateway that inspects and analyzes packets and data for numerous types of risks (Intrusion Prevention System). Software Blades are now more accessible, providing a simpler and easier user experience.

Web Security

  • Added support of HTTP/3 protocol over QUIC transport (UDP) for Network Security, Threat Prevention, and Sandboxing.

HTTPS Inspection

This release sets a new standard with breakthrough performance, unmatched simplicity, and effortless deployment of HTTPS Inspection. Now, you can significantly increase your security without sacrificing speed or user experience. Embrace cutting-edge technology that transforms HTTPS Inspection into a seamless, innovative solution, ensuring your systems stay secure and your users stay satisfied.

  • Enhanced HTTPS Inspection UI - HTTPS Inspection is fully managed in SmartConsoleClosed Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on.:

    • Enhanced HTTPS Inspection policy - A dedicated policy for inbound inspection, including certificate management views for both inbound and outbound policies and enhanced default outbound policy.

    • Trusted CA package - A new view to manage Trusted certificates and see the status of the trusted CA package

    • HTTPS Inspection Advanced settings - A new view to configure advanced settings, including R82 new features.

  • Client Side Fail mode - This new feature automatically detects failures in inspected TLS connections caused by client-side issues, such as certificate-pinned applications. When a failure is detected, the connection is flagged to be bypassed in future attempts, and Artificial intelligence (AI) learns from these failures to identify similar connections.

    • Endpoint Detection - Identifies endpoints without deployed outbound CA certificate.

  • Learning mode:

    • Gradual & Smart deployment - Activated during the deployment of HTTPS Inspection, inspecting a minor percentage of traffic over two weeks.

    • Network Learning - Gathers insights into network behavior and detects potential connectivity issues for Artificial intelligence consideration.

    • Performance Prediction - Estimates the impact on performance when HTTPS Inspection is fully implemented.

  • Bypass Under Load - Bypasses TLS connections when the Security Gateway experiences high CPU load.

  • HTTPS Inspection monitoring - Introducing the HTTPS Inspection statistics view in SmartView, including bypass/inspect statistics.

Quantum Security Gateway

New Clustering Technology

Dynamic Policy Layer

Identity Awareness

IPsec VPN

Mobile Access

Dynamic Routing

Added support for new Dynamic Routing capabilities:

Added support for new Dynamic Routing API calls:

  • REST API calls for BGP, PIM, Multicast Listener Discovery (MLD).

  • REST API calls for Route Redistribution, Inbound Route Filters, and NAT Pools.

  • REST API calls for IGMP.

See the Check Point Gaia API Reference v1.8 (and higher) > section "Networking".

Performance and Infrastructure

  • HyperFlow acceleration of elephant flows for the SMB/CIFS protocol.

  • HyperFlow acceleration of elephant flows for the QUIC protocol.

  • Quantum Security Gateway log rate output capacity increased by up to 100% through a new multi-process architecture.

Quantum Maestro, Scalable Chassis, and ElasticXL

This release features improvements in managing and monitoring Scalable Platform clusters, which include:

VSX

Check Point VSX is enhanced with a new mode (VSNext), allowing simpler configuration, easier provisioning, and a similar experience to a physical Security Gateway.

The benefits of the new VSX mode are:

Tools and Utilities

Gaia Operating System

Note - This section applies to Security Gateways, Management Servers, and Log Servers.

This release boosts Gaia OS with a new OS kernel and multiple new configuration options for better security, enhanced networking and a simpler experience.

The new capabilities are:

Quantum Security Management

Security Management Server Enhancements

SmartConsole

Web SmartConsole

  • These new Web SmartConsole capabilities are available for this release:

    • Threat Prevention Rule Base

    • HTTPS Inspection Rule Base

    • NAT Rule Base

    • Rule Base search

Central Deployment of Hotfixes and Version Upgrades in SmartConsole

Central Software Deployment through SmartConsole was enhanced and now supports:

SmartProvisioning

Multi-Domain Security Management Server

Compliance

  • Added Gaia OS Best Practice support for Quantum Maestro - presenting a consolidated Best Practices status for each Security Group MemberClosed Member of a Security Group in ElasticXL Cluster, Maestro, and Scalable Chassis. Acronym: SGM. and Orchestrators.

  • Added Gaia OS Best Practice support for Quantum Spark Appliances (only for applicable Gaia OS Best Practices).

  • Added Gaia OS Best Practice support for Log Servers.

  • Added new regulations:

    • Center for Internet Security Benchmarks

    • Cyber Essentials v3.1

    • Cybersecurity Maturity Model Certification

    • Essential Eight & Strategies to Mitigate Cyber Security Incidents

    • IEC 62443-2-1 201

    • ISO 27001:2022

    • Israeli Cyber Defense Methodology 2.0

    • Network and Information Systems Directive 2

    • PCI DSS 4.0

    • TISAX 5.1

Harmony Endpoint Web Management

  • Client optimization for Windows servers - Harmony Endpoint now allows you to easily optimize the Endpoint Security clients for Windows servers, such as Exchange servers, Active Directory servers, Database servers, and so on, by manually assigning Windows server roles.

  • Run Diagnostics - Using the Push Operation, an administrator can run a diagnostic check on endpoint clients.

    The reports show the total CPU and RAM usage for the last 12 hours, including the CPU usage by processes. Based on the reportClosed Summary of network activity and Security Policy enforcement that is generated by Check Point products, such as SmartEvent. data, Harmony Endpoint may offer suggested exclusions to optimize the endpoint performance. You can easily add an exclusion as part of "Global Exclusion" or "Exclusion per Rule".

  • Exclusions Enhancements:

    • Exclusion description - You can now add comments to new or existing exclusions.

    • Global Exclusion - You can now easily add global exclusions that apply to all rules.

  • Application Control for macOS - Control which applications can run or use networking.

  • New Asset Management view:

    • Filters - A brand new look and functionality for filters that enhances operation and productivity, while using the Asset Management view.

    • Asset Management Table - Bigger asset management table to see all relevant data easily.

    • Columns reorder - New Column reorder option to customize the asset management table based on their specific needs by changing columns location.

  • Linux Offline Package - Supports upload and export package for Linux OS clients.

  • Support for Harmony Endpoint Management API on an on-premises Endpoint Security Management Server.

    The API is disabled by default for on-premises deployments. See the Harmony Endpoint Management API documentation.