The Check Point Quantum R81.10 release provides a myriad of updated functions and capabilities in the kernel operating system. From a purely “management” aspect, several key features have been rolled out in the Smart Console making the job of an administrator more efficient and straightforward.
The below three enhancements may stand out for administrators, but these are certainly not the only latest improvements.
1) Smart Console Central Deployment
A common method of updating your Security Gateways is utilizing the CPUSE option in the WebUI (or command line) to upgrade the Security Gateways with HotFix or upgrades.
The new Central Deployment feature in SmartConsole allows you to apply Jumbo Hotfix Accumulators, Hotfixes, and Upgrade packages on Security Gateways and Cluster Members using a Package repository on the Security Management Server or directly from the Check Point Cloud.
Using this option, up to ten active simultaneous Hotfixes/upgrades can be installed on Security Gateways or clusters. And, up to 30 Gateways can be selected for installation. The Security Management Server will queue up subsequent installations to begin the install once one of the installations has been completed.
2) Policy Installation
The R81.10 release enhances the installation of Security Policies. Administrators can now invoke up to 5 simultaneous policies installations with no limit on the number of Security Gateways installed. Policy installations above the limit will be queued and processed in the order they are initiated.
Additionally, Access Control policy installation may be accelerated to minimize the length of time to complete a policy install. This is accomplished by identifying supported – i.e. a new host object with an accompanying rule. The system will skip the policy verification, decreasing the installation time. For more information on this, refer to sk169096.
3) Threat Prevention
The Quantum Gateways have a comprehensive suite of protection against malicious traffic: IPS, Anti-Virus, Anti-Bot, Threat Emulation, and Threat Extraction. In the R81x environment, administrators now have two options for configuring enforcement options.
- Custom Policy: This is the traditional method policy configuration where each blade is configured using profiles and then enabled on the Quantum Gateway.
- Autonomous Policy: This allows policy automatic customizations by Check Point engineers.
This option allows for:
Single Click Configuration: Administrators select one of the predefined network types for the Security Gateways to protect (Perimeter, Cloud/Data Center, Internal Network, Guest Network, Strict Security).
Automatic Configuration Updates: Check Point automatically updates profiles with new features, advanced protections, and other best practices.
For additional information about the latest improvements to the Check Point Quantum R81.10 environment, see the R81.10 documentation package.