博威---云架构决胜云计算

 找回密码
 注册

QQ登录

只需一步,快速开始

搜索
查看: 89725|回复: 3

R81.20 Public EA is available

[复制链接]
发表于 2022-11-7 16:24:01 | 显示全部楼层 |阅读模式
微信图片_20221107162834.jpg
R81.20 Public EA is available
BY RICK · JUNE 7, 2022

Nearly six months after the release of the Production EA for R81.20 Check Point has now launched the Public EA program for their upcoming R81.20 release. See also the R81.20 Public EA thread on CheckMates.

How to register?
UserCenter:
Register to the Public EA release via – UserCenter -> TRY OUR PRODUCTS -> Early Availability Programs -> CPEA-EVAL-R81.20

PartnerMAP:
Register to the Public EA release via – Partnermap -> CUSTOMER ACQUISITIONS -> Early Availability Programs -> CPEA-EVAL-R81.20

R81.20 Public EA limitations
Check Point Public EA is designed for lab and sandbox deployments only.
Public EA version upgrade to GA is not supported.
VSX is not supported within the public EA program.
For Maestro Hyper Scale – Please contact the Public EA Support team directly via the feedback link provided within the EA program.
Multi-version Cluster (MVC) is not supported with Cluster Load-Sharing.
What’s New
Quantum Security Gateway and Gaia
THREAT PREVENTION
Prevent browsing to Zero-Day phishing websites.
Check Point Quantum Security Gateway enhances its web browsing protection to further prevent users from accessing phishing websites.
Powered by patented technologies and AI engines, the Security Gateway now uses Clientless In-Browser protection to prevent access to the most sophisticated phishing websites, both known and completely unknown (zero-day phishing websites).
The enhanced solution is available through the Security Gateway network flow, introducing dynamic security components that run within the browser with no need to install any client.
Delivered as part of your existing NGTX license.
Works out of the box for Security Gateways with Autonomous Threat Prevention enabled.
Up to 50% performance enhancement to IPS CIFS protections.
IOC feeds now support a significantly increased capacity in the number of observables for URLs, Domains, IP addresses, and Hashes – 2 million and up to hardware limit.
Support for inspection of FTPS by Content Awareness, Anti-Virus and Threat Extraction blades.
Maestro Hyperscale
MAESTRO AUTO-SCALING
Automatically assigns Security Appliances (scale units) to a Security Group when the configured conditions are met.

Maestro Fastforward
Sub microseconds latency.
Port line-rate throughput for single connection.
Support for Accelerated policy installation on Maestro Security Gateways. For more information see sk169096.
Support gradual upgrade with Multi Version Cluster (MVC)
Based on the current traffic load, the Security Gateway automatically changes the number of CoreXL SNDs, Firewall instances and the Multi-Queue configuration for zero traffic impact.
Management Data Plane Separation (MDPS) support for Scalable Platforms.
IOT PROTECT
Leverage Quantum Security Gateway and Infinity to instantly discover IoT devices and enforce independent Zero-Trust policies.

Only allow what is needed for the device to operate.
Automatically assign policies to IoT devices according to their internet access requirements.
IPSEC VPN
Seamless site to site tunnel establishment with AWS native cloud VPN. Setup a route based VPN tunnel with a virtual Gateway in just a few simple steps.
Major performance and stability improvement for Remote Access and Site to Site VPN that delivers a significantly greater capacity for VPN tunnels.
Extended Security Gateway certificate validation capabilities for quicker authentication.
Scalable VPN – Multi process architecture to process IKE negotiation (IKED)
ACCESS CONTROL
Use a Network Feed object to customize a private web server feed definition for IP addresses or domains. The objects are automatically updated in Security Gateway without the need to install a policy. Updatable Objects uses the Network Feed to strengthen the dynamic configuration ability of the Access Control policy.
Performance improvements – Support for Updatable Objects, Domain objects, and Dynamic objects with the Optimized Drop feature (drop templates).
ADVANCED ROUTING
Support for Intermediate System (IS-IS) routing protocol.
DHCP Relay Agent Information Option 82 that addresses several scaling and security issues that arise in public DHCP use.
OSPFv3 NSSA support.
IPv6 Static MFC Cache to enable forwarding of multicast data without PIM configuration.
Support for Routed control scripts to allow ClusterXL fail-over and tear down of BGP connections.
Routing Protocol History for BFD to improve troubleshooting capabilities.
NetFlow Live connections and Firewall rule ID UUID.
GAIA OPERATING SYSTEM
Configure a retention policy for Gaia scheduled backups and snapshots.
Use the CLI, to monitor the module temperature, module supply voltage, TX Bais voltage, Rx optical Power, and TX optical power for a single transceiver or all transceivers on an appliance.
Automatic update to the NIC firmware during the ISO installation process for appliances that have 40GbE, 100/25GbE, and/or NVIDIA ConnectX 100G Cards.
COREXL
HyperFlow
Increases throughput of elephant connections.
Automatically detects and dynamically allocates CPU cores between main tasks on a Security Gateway.
Improves CoreXL FWK processes response time.
In User Space Firewall (USFW), the number of IPv6 instances can equal the number of IPv4 instances, this allows the gateway to process a more significant amount of IPv6 traffic.
IDENTITY AWARENESS
The Identity Awareness Gateway automatically identifies and excludes Service Account sessions acquired by the Identity Collector. For more details, see sk174266.
Improved resiliency, scalability, and stability for PDPs and Identity Brokers. Additional threads handle authentication and authorization flows.Improved resiliency, scalability, and stability for PDPs and Identity Brokers. Additional threads handle authentication and authorization flows.
During a PDP failure, a PEP Identity Awareness Gateway can recover its identity database from connected PDP Gateways.
Identity Collector is now supported with Quantum Spark Appliances.
MOBILE ACCESS
OAuth 2.0 support for Capsule Workspace and Office 365.

SMB APPLIANCES
Central Deployment – Use SmartConsole to upgrade Quantum Spark and Quantum Edge Appliances. Identity Collector is now supported with Quantum Spark Appliances.

Quantum Security Management
GENERAL
Integration between your on-premises Security Management Server and the Infinity Portal:
Run cloud services that are managed in the Infinity Portal on your Security Management Server objects.
See a unified log view of all your Check Point products, on-premises and in cloud.
Run Management APIs securely on the on-premises Security Management Server from anywhere in the world through the Infinity Portal.
Performance improvements to IPS updates and utilization.
SMARTCONSOLE
Administrators can use SAML 2.0 to configure SmartConsole users to authenticate with an Identity Provider.

SMARTWORKFLOW
Send policy and configuration changes for peer review and approval before publishing.

MANAGEMENT REST API
Management API support for:

Identity Awareness configuration on gateways and clusters.
HTTPS Inspection outbound certificate configuration.
Creation of LSM Gateways.
Creation of LSM Gateways VPN configuration.
UPGRADES
Central Deployment- Use SmartConsole to Gradually upgrade Quantum Cluster Members.
Upgrade Quantum Spark and Quantum Edge Appliances.
Pre-Upgrade Verifier results are now presented in the upgrade report.
Significant performance improvement by importing Domain Management Servers concurrently instead of sequentially.
CLOUDGUARD NETWORK SECURITY
CloudGuard Controller support for:
Oracle Cloud Infrastructure (OCI)
Nutanix
New Azure resources – Application Security Groups, Private Endpoints
New AWS resources – Load Balancer tags
SmartTasks integration – Configure SmartTasks for CloudGuard Controller events.
Nutanix Flow support for CloudGuard Network Security Gateways.
Amazon Web Services (AWS):
Cross Availability Zones Cluster.
Security Gateways Auto Scaling Group for Gateway Load Balancer (GWLB).
Harmony Endpoint
ENDPOINT POLICY MANAGEMENT
Use SSO to connect to the Endpoint Web Management Console.

REMOTE ACCESS VPN
Exclude SAAS applications (such as Office 365) from the remote-access VPN domain.Authenticate Remote Access VPN users with SAML.
 楼主| 发表于 2022-11-7 16:27:46 | 显示全部楼层
Public1.png
Check Point Quantum R81.20 is packed with new features. that offer elasticity, efficiency, and innovative security enhancements


Quantum IoT Protect offers enterprise IoT device discovery embedded into Quantum Gateways and applies autonomous zero-trust policies that are automatically updated based on device type, risk level, and industry best practice, This makes it easy to secure IP cams, smart TVs, Wi-Fi printers, and much more.

Zero-Day Phishing Prevention, powered by patented technologies and AI engines, prevents access to the most sophisticated phishing websites, both known and completely unknown, without the need to install and maintain clients on end-user devices.

Continuing to innovate Maestro, including several new features that improve efficiency, elasticity, and compatibility with public clouds. The new Autoscaling feature in Maestro Hyper-scale lets you automatically allocate resources across Security Groups (based on your priorities), bringing cloud-like scale and agility to your prem-based security (for example, to accommodate peak traffic hours). To support high-speed, high-volume transaction environments (e.g. digital trading), Maestro now offers accelerated data paths for higher throughput and lower latency based on predefined rules (“Fast Forwarding”).

Enhancing the gold standard in Security Management: Quantum R81.20 lets you leverage the new Management API to integrate security from the ground up and efficiently manage access policies with support for dynamic policy objects taken from external sources. A new workflow now supports policy change management to minimize errors, allowing verification for new policies before they are applied and enforced throughout (“4 Eyes Principle”). By automating VPN connections to public clouds, R81.20 makes it easy to connect your Quantum Gateways with data centers hosted in the public cloud. Offering simplified user authentication with third party SAML Identity Providers, authentication is modernized and improved for administrators to log-in to SmartConsole as well as remote users accessing corporate assets. This enables SSO, MFA, and compliance checks, and complements current support for third-party Identity Providers with the Identity Awareness blade.
 楼主| 发表于 2022-11-7 16:31:58 | 显示全部楼层
Announcing Titan
New Quantum Cyber Security Platform Release (R81.20)

The speed and sophistication of evasive zero-day DNS and phishing attacks requires AI Deep Learning to predict and block malicious behavior without human intervention.

Titan revolutionizes threat prevention and security management with AI Deep Learning, advanced cloud services, integrated IoT security, and firewall auto scaling performance for mission critical applications.
QQ截图20221107163133.jpg
 楼主| 发表于 2022-11-7 16:33:53 | 显示全部楼层
R81.20Over 20 New Features
QQ截图20221107163408.jpg
您需要登录后才可以回帖 登录 | 注册

本版积分规则

小黑屋|手机版|Archiver|boway Inc. ( 冀ICP备10011147号 )

GMT+8, 2024-11-22 00:26 , Processed in 0.093071 second(s), 19 queries .

Powered by Discuz! X3.4

Copyright © 2001-2021, Tencent Cloud.

快速回复 返回顶部 返回列表