R81.10.00 for Quantum Spark released
Check Point released R81.10.00 for Quantum Spark appliances which brings code alignment between the Quantum R81.10 Security Gateway release and the Quantum Spark product line. Because Embedded Gaia software of R81.10.00 inherits its code base from the R81.10 GA version of Quantum Security Gateway, the R81.10.00 Quantum Spark appliances inherit all maintrain limitations (see sk170418).
R81.10.xx will only be supported on the 1500, 1600, and 1800 series of Quantum Spark appliances. These appliances will still receive updates for the R80.20.xx branch but will ultimately end up with stability, performance and bug fixes only. The 700, 900, 1200R and 1400 appliance lines are still supported with R77.20.xx.
R81.10.00 currently only supports locally managed and SMP. Centrally managed is supported at EA level.
You can find all details regarding R81.10.00 for Quantum Spark appliances here, along with the Release Notes and Known Limitations and Resolved Issues.
What’s New
Enhancement and New Features (Locally Managed)
- Improve and Simplify SSL inspection operation
- Some network devices do not support installation of an SSL certificate, therefore making SSL inspection not possible. When you use the gateway capability to automatically sense and identify network elements, you can now select on which network element SSL inspection is enabled.
- Gateway administrators have full control on which network elements SSL inspection will operate:
- Desktops and laptop are automatically selected, and other network devices can be easily added.
- You can also select bypassing inspection on MacOS devices.
- Smart Accel – (EA level)
- Improves gateway performance by accelerating low risk traffic sources:
- Video streaming (Netflix, YouTube, Spotify)
- Well known corporate services (Microsoft, Google, Apple, Check Point Services)
- Social Media services (Facebook, Tiktok)
- Web Conferences (Skype, WebEx, Zoom)
- Improves gateway performance by accelerating low risk traffic sources:
- Password Complexity
- Set password complexity to high to harden the Gateway Admin Password
- Password length, number of different characters, Password history, Password Expiration
- Updatable objects and FQDN in the Rule Base
- Use fully qualified domain name (FQDN) object in the Access Policy.
- VoIP improvements
- Enable bidirectional traffic with the SIP provider service when SIP traffic inspection is disabled.
- VPN Monitoring
- New information was added to the VPN tunnels monitoring page
- Support Radius 2.0 server
- FTP AV – Inspect FTP protocol by Anti-Virus Software Blade
- ZScaler (VPN 3rd party) support
- Mirror port
- Allows duplicating all the traffic that goes through one or more LAN ports, into one of the other LAN ports.
- TCPDump via WebUI
- Additional capabilities for TCPdump tool. Includes additional filters, custom filter and RT output.