Professional Documents
Culture Documents
Security Gateway Virtual Edition - Network Mode: Release Notes
Security Gateway Virtual Edition - Network Mode: Release Notes
Security Gateway Virtual Edition - Network Mode: Release Notes
Classification: [Protected]
1
© 2012 Check Point Software Technologies Ltd.
All rights reserved. This product and related documentation are protected by copyright and distributed under
licensing restricting their use, copying, distribution, and decompilation. No part of this product or related
documentation may be reproduced in any form or by any means without prior written authorization of Check
Point. While every precaution has been taken in the preparation of this book, Check Point assumes no
responsibility for errors or omissions. This publication and features described herein are subject to change
without notice.
RESTRICTED RIGHTS LEGEND:
Use, duplication, or disclosure by the government is subject to restrictions as set forth in subparagraph
(c)(1)(ii) of the Rights in Technical Data and Computer Software clause at DFARS 252.227-7013 and FAR
52.227-19.
TRADEMARKS:
Refer to the Copyright page (http://www.checkpoint.com/copyright.html) for a list of our trademarks.
Refer to the Third Party copyright notices (http://www.checkpoint.com/3rd_party_copyright.html) for a list of
relevant copyrights and third-party licenses.
VMware, VMware VMotion and VMware vSphere are registered trademarks and/or trademarks of VMware,
Inc. in the United States and/or other jurisdictions.
2
Important Information
Latest Software
We recommend that you install the most recent software release to stay up-to-date with the latest functional
improvements, stability fixes, security enhancements and protection against new and evolving attacks.
Latest Documentation
The latest version of this document is at:
(http://supportcontent.checkpoint.com/documentation_download?ID=17864)
For additional technical information, visit the Check Point Support Center
(http://supportcenter.checkpoint.com).
Revision History
Date Description
Feedback
Check Point is engaged in a continuous effort to improve its documentation.
Please help us by sending your comments
(mailto:cp_techpub_feedback@checkpoint.com?subject=Feedback on Security Gateway Virtual Edition
R75.40Release Notes).
3
Contents
Introduction
Check Point Security Gateway Virtual Edition protects dynamic virtual environments and external networks
from internal and external threats by securing virtual machines and applications. This solution uses proven
Check Point security technologies: Software Blade architecture, Firewall with content inspection, IPS,
central management, and more.
Security Gateway Virtual Edition has different operation modes. Decide which is best for your environment
and plan the installation accordingly.
Hypervisor Mode enforces VM security within the VMware Hypervisor by inspecting inter-VM traffic,
without changing the virtual network topology.
The Network Mode is deployed as a virtual network device to protect virtual networks and physical
environments. You can configure it as a router or a bridge, in the same way as a physical gateway.
Important –
This release only supports Network mode running on the Gaia OS
Note –
All references to ESX throughout the document are also relevant for ESXi
unless specifically noted otherwise.
What's New
For a more detailed list of new features, see the R75.40 Release Notes
(http://downloads.checkpoint.com/dc/download.htm?ID=13079).
5
What's New
Enhancements
General
Configure Multi Portal access through VPN clients (connected with Office Mode), to protect your portals
from external network exposure. This new option applies to all portals: Mobile Access Portal,
UserCenter Portal, Identity Awareness Captive Portal, Platform Portal, and DLP Portal.
6
Performance
Licensing
SmartConsole
Hit count - shows number of instances a rule in the Application Control or Firewall Rule Bases was
matched to traffic.
Improved performance and easier installation of SmartConsole
7
System Requirements
System Requirements
Item Minimum Recommended Notes
Note - Security Gateway Virtual Edition is based on the R75.40 Security Gateway.
8
Known Limitations
Known Limitations
Note - Use the ID numbers of known limitations to track the status of improvements and to discuss
issues with your vendor or Check Point Technical Support.
00631234 Management High Availability and Log Server are not supported on a standalone Security
Gateway Virtual Edition.
00527267 Performance Pack Heavy Load Quality of Service feature (HLQoS) is not supported.
00922922 This release supports Network mode only. Hypervisor mode isn’t available.
00575640 Cloning and templates are supported for Security Gateway Virtual Edition VM, if:
The VM is a newly deployed Security Gateway Virtual Edition (immediately following
the first boot).
You have not yet configured any Check Point products.
You have not yet completed the first time wizard
General Limitations
ID Description
00526862 VMware Tools are not supported on a Security Gateway Virtual Edition Virtual Machine.
00566886 CPU consumption for the Security Gateway Virtual Edition might show inaccurate results.
To resolve this issue, reserve CPU resources on the ESX:
1. In the vSphere client, right click the Security Gateway Virtual Edition.
2. Select Edit Settings.
3. On the Resources tab, move the Reservation slider to allocate a guaranteed CPU
share (in MHz).
00568259 You can configure up to 2 virtual CPUs for the Security Gateway Virtual Edition.
9
Resolved Issues
Resolved Issues
ID Description
00525830 You can install Security Gateway R75 HFA packages or releases above R75.40 on top of
the Security Gateway Virtual Edition.
10