Superior Threat Prevention with new AI Deep Learning engines.
Prevents 5x more DNS attacks in real-time.
- Uses millions of zero-day IoC to prevent Command & Control connections and block data theft through DNS tunneling.
- Response time to DNS attacks was decreased from hours to minutes.
- Blocks 4x more attacks with patented in-line Zero Phishing (no software is required on the client side).
Security Gateway blocks phishing attacks to prevent theft of credentials in any web browser.
- Infinity Services for on-premises Management Servers - increase network security with advanced cloud-based security services.
- IoT Network Security - Discover your IoT assets and enforce zero-trust policies.
- SmartWorkflow - Built-in policy supervision over changes in Security Policies and objects.
- Enforce changes in Access Control automatically without installing policy, using Network Feed objects.
- Integrate with SAML 2.0 Identity Providers to allow secure authentication in SmartConsole and for Remote Access users.
- Get the complete event visibility across all Check Point products for efficient monitoring.
- Hyperflow - provides 3x throughput boost for processing large file transfers (elephant flows).
- Maestro Auto-Scaling - dynamically adds and removes Security Group Members based on CPU utilization and traffic.
- Maestro Fastforward - provides ultra-low 1 microsecond latency and 100 Gbps throughput by offloading specific Access Control rules to the Quantum Maestro Orchestrator for hardware acceleration.
- Scalable VPN performance - Security Gateway can process more Remote Access VPN connections at the same time.
For more information, please visit
Web SmartConsole now includes Read/Write capabilities for most commonly used functions. More capabilities to be added over time.
SmartConsole is now updated automatically! No need to reinstall the client to get the latest fixes.
Distribute logs between multiple active Log Servers to support higher rate of logs and redundancy of Log Servers.
IPS and Anti-Bot logs now include a MITRE ATT&CK section that details the different techniques for malicious attack attempts.
Faster Management API execution.
REST API commands to simplify the creation of gateways in SmartProvisioning and more.
Enhance security with the new Access Control Rulebase settings and defaults.
Significant Management stability and performance improvements.
IoT support for Multi Domain Management.
Out of the box, automatically updated policy profiles based on business and IT security needs.
Zero maintenance of policies and protections.
New acceleration mechanism drastically speeds up the Access Control policy installation time.
Install different policies on multiple Security Gateways in parallel.
NAT policy now supports Updatable and Domain objects, Access Roles and Security Zones.
Manage upgrade of multiple security gateways and clusters in parallel.
Review the applied changes to Access Control, Threat Prevention policies and common objects and compare revisions.
Easily represent multiple Data Centers in Security Policy by building query based objects.
Manage custom intelligence feeds fetched by Security Gateways.
A new MITRE ATT&CK view provides the ability to investigate security incidents according to the MITRE defense models, and extract immediate action items based on the mitigation flow.
Use Azure AD users and groups for authentication and authorization.
Backup and restore a domain, migrate Security Management Server to a domain, migrate a domain to a Security Management Server.
Manage HTTPS Inspection Policy in a new dedicated layer within SmartConsole and share across multiple policy packages.
Manage multiple user defined encryption domains per community.
Manage large scale VPN environment using LSV profiles.
Automate and customize actions based on predefined Management operation triggers.
Centrally deploy Hotfixes and Jumbo Hotfixes on multiple Security Gateways and Clusters in parallel.
Revert to a previous management revision and continue working from that point.
Discover every IoT device in the network and turn its data into actionable security intelligence.
Automatically generate security policy based on customer’s profile, connected devices and IoT network status.
Expose advance forensics per SandBlast log focusing on Mitre Att&ck Techniques and Tactics.
CloudGuard Controller enhancements,
Captive Portal integration with SAML 2.0 and third party, Partial Search, and more...
Add third-party tools as panels and views inside SmartConsole.
Use vCenter Tags and
NSX Universal Security Groups
in your security policy.
Exporting your logs to Splunk Enterprise Security is now simpler.
Check Point's Splunk Add-On contains new dashboards for Check Point logs and events.
New Consolidated threat prevention dashboard providing full threat visibility across Networks, Mobile and Endpoints.
Threat Extraction now proactively protects against threats contained in Web downloaded documents.
Threat Prevention logs contain new fields for forensics.
One administrator can publish or discard several SmartConsole sessions, independently of the other sessions.
Use improved log viewer with cards, profiles, statistics and filters to analyze events.
Create a secure log exporting channel using just 1 line of configuration.
Configure malicious email policy with Threat Profiles in SmartConsole.
Mark IPS Protections to follow-up on them later.
User experience enhancements when monitoring and configuring policies for virtual environments.
New data center objects for: Google Cloud Platform, Cisco ISE and Nuage.
Create presets for cross-domain
Run policy installation presets with a single click or schedule to run them automatically.
Endpoint Security Server updates, SmartProvisioning, Compliance, GDPR,
Global VPN Communities, Rule-base performance improvements, and more...
Security policy is enhanced to accept or block traffic according to application & data.
One log entry shows network, application and data information.
Policies can be segmented into layers, allowing simplicity and delegation.
IPS and the SandBlast family can be unified as one policy and installed separately from Access Control changes.
The new rule matching algorithm, improvements in acceleration templates and new FQDN-based domain objects increase your gateways' performance.
Packet-mode search, rule navigation shortcuts and a session pane for change history increase your operational efficiency.
New Management API commands for show-changes, verify-policy and more.
Visit Check Point's Github account for open-source tools based on the R80.10 Management API.
Several administrators can work together using different sessions.
During a session, all modified objects are being locked.
Objects and rules can be modified using CLI and web service API.
All management operations (e.g. policy installation) are supported.
Unified threat management for correlated events based on the Check Point logs.
Customized overviews and reports to show real-time events. Drill-down from a chart to see the actual logs.
Highlight a rule to view its logs.
All monitor views are integrated into the console.
Detailed monitor view of all gateways in the system. Embedded commands of backup, scripts and more.
Revert to previous policy, object tags, tabbed policy view, exporting to CSV files and more manageability enhancements.