Skip to main content

What’s New in R80

What’s New in R80

Unified Console

You can now control all aspects of security from one console.  This includes gateway configuration, monitoring and event management.
  • The Gateway tab consolidates SmartView Monitor and SmartUpdate so you can configure your gateways and monitor status and updates in one place
  • The Logs and Monitoring tab consolidates SmartEvent, SmartLog and SmartReporter so you now have full threat management functions on the same console

Unified Policy

With R80, you can have a unified policy for access control and threat prevention rules, allowing you better control over critical aspects of security.
  • Access Control policy unifies the Firewall, Application Control, URL Filtering and Data Awareness policies
  • Threat Prevention policy unifies the IPS, Anti-virus, Anti-bot and Threat Emulation policies

Policy Layers and Sub-Policies

R80 introduces the concept of layers and sub-policies, allowing you to segment your policy according to your network segments or business units/functions.  In addition, you can also assign granular privileges by layer or sub-policy to distribute workload and tasks to the most qualified administrators
  • With layers, the rule base is organized into a set of security rules.  These set of rules or layers, are inspected in the order in which they are defined, allowing control over the rule base flow and the security functionalities that take precedence. If an “accept” action is performed across a layer, the inspection will continue to the next layer. For example, a compliance layer can be created to overlay across a cross-section of rules.
  • Sub-policies are sets of rules that are created for a specific network segment, branch office or business unit, so if a rule is matched, inspection will continue through this subset of rules before it moves on to the next rule.
  • Sub-policies and layers can be managed by specific administrators, according to their permissions profiles.  This facilitates task delegation and workload distribution.

Role-based & Concurrent Administration

R80 enables concurrent administration, while enabling granular privilege delegation for each administrator.
  • Multiple administrators can login and work in read-write mode on the same security policy without conflict.
  • A new publish mechanism supports concurrent administration and provides revision control functionality.
  • Granular administrator profiles can determine the exact privileges each administrator will have by sub-policy,  layer or specific rules,  what logs they can view and what operations they can execute.

Trusted CLI and API Automation and Orchestration

  • CLI and API interface options are available for management of integrations with 3rd party systems & automation of daily functions.
  • Any operations is controlled by a privilege profile, so the administrator maintains strict control over automation and integration capabilities.

Operational Efficiency Enhancements

R80 introduces multiple features to streamline workflow and help administrators makes smarter policy decisions.
  • Integrated logging enables the administrator to view all logs associated with a rule on the same screen.
  • Detailed rule information is stored, providing visibility into rule history and changes, hit counts, and other user defined information such as ticket numbers.
  • Enhanced search capabilities allow the administrator to immediately find any rule or object in the system.
  • Management High Availability is enhanced to sync only changes between servers, significantly improving performance.

Multi-Language and Accessibility Support

With R80, it is easy to change the Console language with a single click and there is now support for accessibility features such as vision impairment and keyboard navigation.

Scalable Architecture

R80 is built on 64-bit multi-threaded architecture, enabling it to support large-scale security operations.

Web-Based Monitoring and Logging

All logging and monitoring functions are accessible via a web-based interface.

Multi-Domain Management Enhancements

For complex, multi-tenant environments, R80 supports:
  • Unified architecture and unified client with single domain security management
  • New and improved views for domain provisioning and global configuration

SmartEvent Enhancements

  • Enhanced speed, scale and accessibility with ability to analyze hundreds of millions of logs/day
  • Smart Search functionality that allows free-text search of logs and events with auto-suggest and favorites
  • Predefined graphical report templates for frequently used security metrics
  • Customizable reports to address specific environment needs

IPS Enhancements

  • IPS protections can be activated according to tags, enabling the customer to activate relevant protections such as protections related to components (eg. Apache) or vulnerability type.
  • All protections are tagged for ease of use

Comments

Post a Comment

Popular posts from this blog

Checkpoint firewall common commands part 2

Checkpoint firewall common commands part 2 For basic firewall informaton gathering: fgate stat -Status and statistics of Flood-Gate-1. fwaccel <stat|stats|conns>  – View status, statistics or connection table of SecureXL. fw getifs -Show list of configured interfaces with IP and netmask. cpstat <app_flag> [-f flavour] -View OS, HW and CP application status. Issue cpstat without any options to see all possible application flags <app_flag> and corresponding flavours. Examples: cpstat fw -f policy – verbose policy info cpstat os -f cpu – CPU utilization statistics cpinfo -y all   -List all installed patches and hotfixes. cpd_sched_config print -Show task scheduled with CPD scheduler. enabled_blades -View enabled software blades avsu_client [-app <app>]   , get_version <app>  -Get signature version and status of content security .Without the -app option “Anti Virus” is used. show co...
Post a Comment
Read more

Unable to Connect to Server Checkpoint R80

Unable to Connect to Server Checkpoint R80 Unable to Connect to Server A connection to the management server will fail if: A firewall between SmartConsole and the management server blocks Port 19009 -  port 19009 is used for a new R80 service. Allow traffic on this port for all clients and management servers. No GUI clients are assigned -  Open the Gaia Portal. If the First Time Configuration Wizard opens, complete it. If the First Time Configuration Wizard has already run, open  User Management > GUI Clients  and add a client. When using Multi-Domain Security Management, connect SmartConsole to the Multi-Domain Server and make sure the domains have GUI clients assigned to them. The required processes are not reachable -  Make sure the computer with SmartConsole installed can reach the IP address of the management server, and that these server processes are up and running: cpm fwm Operation time out  – Your connection ...
Post a Comment
Read more

Configuring Proxy ARP for Manual NAT

Configuring Proxy ARP for Manual NAT Symptoms After creating a Manual Static NAT rule, Security Gateway does not answer the ARP Requests for the Static NATed IP address that was configured in the Manual NAT rule. Security Gateway replies to ARP requests with a wrong MAC address, mostly for the NAT traffic.  Introduction Let us consider the following scenario: Two networks ( Network_A  and  Network_B ) are separated by a Security Gateway (single Security Gateway or ClusterXL). On each network, there is a host ( Host_A  on  Network_A ,  Host_B  on  Network_B ). Let us assume, that  Network_A  represents the  Internal  network, and  Network_B  represents the  External  network. According to the existing standards, when  Host_B  needs to send data to  Host_A , an ARP Request for the MAC address of  Host_A  will be sent by  Host_B  to  Network...
Post a Comment
Read more