Professional Documents
Culture Documents
Checkpoint Firewalls Gaia - R80.30
Checkpoint Firewalls Gaia - R80.30
30
Checkpoint R80.30
R80.30:
R80.30 is benchmarked off of R80.20 Jumbo Take 74 and R80.10 Jumbo Take 103
HTTPS Inspection:
SSL Bypass mechanism was replaced in R80.30, "Probe Bypass" or "enhanced SSL inspection" are no longer
relevant and has no effect on behavior.
MABDA
Support for Linux 3.10 kernel and the xfs file system providing support for improved system capabilities and
performance, such as an enlarged system storage, improved I/O operations, better debugging tools and more
On The Gateway:
SSL Inspection
TLS_RSA_WITH_AES_256_GCM_SHA384
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
https://dkcheckpoint.blogspot.com/2019/07/checkpoint-r8030.html 1/4
6/16/24, 1:30 PM Dhansham - Engineer's Notebook Checkpoint Firewalls Gaia: Checkpoint R80.30
IPsec VPN
Redundancy for Multiple Entry Points configuration using Dead Peer Detection (DPD) with
third party VPN peers
Improved troubleshooting capabilities allows disabling acceleration only for VPN and per
VPN peer. For more information, see sk151114
Advanced Routing
ClusterXL
Support for Cluster Control Protocol (CCP) encryption provides better security for cluster
synchronization networks.
Starting from this release, CDT version 1.6.1 is embedded in Gaia. For more information,
see sk111158.
SmartConsole extensions
Expand and customize Check Point's SmartConsole for your needs by integrating the tools
you work with into SmartConsole or add third-party tools as panels and views inside
SmartConsole. For more information, see the SmartConsole Extensions Developer Guide.
Endpoint Security
Endpoint and Network compatibility including a new mechanism that inspects files just once,
either by the Security Gateway or by the Endpoint Client, eliminating redundancy.
The number of preboot users using the same client computer increased to 1000.
CloudGuard Controller
Support Data Center Objects for VMware NSX Universal Security Groups.
CPView
https://dkcheckpoint.blogspot.com/2019/07/checkpoint-r8030.html 2/4
6/16/24, 1:30 PM Dhansham - Engineer's Notebook Checkpoint Firewalls Gaia: Checkpoint R80.30
SmartConsole
Operational Efficiency - Add and remove an object from groups within the object editor.
Logging and Monitoring - Improved, simpler and faster user experience for exporting logs to
Splunk.
Consolidated Threat Prevention dashboard provides full threat visibility across networks,
mobile and endpoints.
Threat Prevention:
Simple to use, easily enabled for an existing Security Gateway, and does not require any
changes to your configuration on the network or client side
Threat Extraction prevents zero-day and known attacks by proactively removing active
malware, embedded content and other potentially-malicious parts from a file. Promptly
delivers sanitized content to users, maintaining business flow
Endpoint and Network compatibility includes a new mechanism that inspects files just once,
either by the Security Gateway or the Endpoint client
Ability to import Cyber Intelligence Feeds to the Security Gateway using custom CSV and
Structured Threat Information Expression (STIX)
Consolidated Threat Prevention dashboard provides full threat visibility across networks,
mobile devices and endpoints
Improved understanding for security personnel of how malware analysis is performed and
the reasons a file is flagged as malicious. The Threat Detail report now includes the Malware
DNA - a deeper exploration into features determined to be similar to those in known malware
families. The enhanced analysis of similarities includes:
Behavior
Code structure
File similarities
The report also includes a dynamic map view of malware family appearances around the
globe over time
https://dkcheckpoint.blogspot.com/2019/07/checkpoint-r8030.html 3/4
6/16/24, 1:30 PM Dhansham - Engineer's Notebook Checkpoint Firewalls Gaia: Checkpoint R80.30
For more details, as well as information about the availability, refer to sk120357
Added ability to send files via APIs to be scanned by Anti-Virus on local Check Point
appliances. This capability is supported for both Security Gateways and dedicated Threat
Emulation appliances
For more information, refer to the Threat Prevention API Reference Guide.
Added new machine-learning engines focused on malware detection inside document files to
achieve an optimum catch rate
Enhanced Control of MTA actions and Threat Emulation behavior in case of failure
Added ability for administrators to granularly configure Threat Emulation policy and decide
whether to allow a file transfer based on the error type
When configuring the MTA gateway to block emails if a scan fails (fail-block), administrators
can granularly configure MTA to deliver emails to the users for specific failure types
For more details and configuration instructions, refer to sk132492 and sk145552
Anti-Virus protections are now applied by default on files received through the MTA gateway.
These protections include signatures, hashes and link reputation checks for attachments, link
reputation checks for the email body, and granular enforcement based on the file type
Gateways configured as MTA can now be enriched with custom Anti-Virus IOCs from
external sources.
Links to external feeds for automatic ongoing IOC importing can be added via a configuration
change
For more information and setup instructions, refer to sk132193 and R80.30 Threat
Prevention Administration Guide
Added the ability to configure the MTA gateway to send and receive emails on non-default
SMTP ports (ports other than 25). For more details and configuration instructions, see
sk142932.
Failure to inspect the attachments or links inside an email is now immediately treated as a
failure.
Previously, inspection failure resulted in adding the email to the MTA queue and retrying the
action. As the majority of inspection retries fail as well, this change reduces the size of the
queue and improves MTA performance
https://dkcheckpoint.blogspot.com/2019/07/checkpoint-r8030.html 4/4