Just a quick entry to point out that the R70 manuals and binaries are ready for download.
I'll be downloading and pulling the software to pieces over the week end so expect a sizable blog entry on Monday detailing all the new features!
For now here are a few of the new features:
SmartDefense has had a lot of work done, now called simply 'IPS' it provides all the feature that customers have been asking for.
- Bypass under load: IPS can be disabled when CPU% or Memory% hits high values and be re-enabled when it returns to acceptable values
- New signature engine: From what I am told (unconfirmed) some or all of the IPS-1 (previously NFR) signature engine has made it into the Gateway IPS. If true, this incredibly flexible signature language will allow Check Point to broaden their number of protected protocols and provide new protections and signatures faster.
- Bypass lists: Enables you to specify traffic that should bypass IPS inspection using Source IP, Destination IP, and Service, and be forwarded unhindered (providing it matches a firewall rule).
- Packet capture: The packet capture feature that was include in InterSpect (remember him?) has made it into the gateway.
- Policy automation: IPS updates can now be automatically activated, deactivated or activated in monitor-only depending on confidence index, performance impact and threat severity
SmartProvisioning has been added. This is a new feature enables the pushing of OS configuration to SecurePlatform-based solutions including UTM-1, UTM-1 Edge, Power-1 & Secureplatform on Open Hardware. In many ways it's similar in mechanism to SmartLSM, and appears to rely on much of the existing infrastructure. This feature is a major boon to any customer pushing out a large number of Check Point devices and will also assist in reconfiguring replacement appliances following an RMA.
CoreXL is now including in the main train R70 release, and available on Crossbeam, IPSO 6, and of course, SecurePlatform
SecurePlatform is now based on RedHat Enterprise Linux 5.0 (2.6 kernel) which no obsoletes the R65 SPLAT 2.6 build.
EndPoint Connect, a new IPSEC VPN client that take the connectivity enhancements of SecureClient (NAT-T, Visitor mode), adds EndPoint Security On Demand (effectively a locally running copy of Integrity Clientless Security) and SecureClient mobiles smart interface roaming. There is actually much much more to this wonderful little client.
SecureClient/SecuRemote is of course still support.
Anti-spoofing Enforcement Acceleration: One would assume that Anti-spoofing enforcement logic has been added to Performance Pack (Check Point's software SecureXL implementation used on SecurePlatform, UTM-1, Power-1 and Crossbeam). Need to test with a little fw monitor.
Provider-1 has had some work also
- Provider-1 HA has been tweaked to allow for CMA HA across more than two CMAs, and also allows HA to be carried out between P1 MDS machines of different operating systems.
- Provider-1 Shell: a new shell CLI shell that allows you to specify root level commands that can be run in a restricted shell (similar to cpshell) but without needing to give the administrator a root bash shell.
- Cross-CMA search: About time.
I am sure there is going to be a wealth of new and useful features and functionality available too us. More to come on Monday!