60000/40000 Security Platforms: Release Notes
60000/40000 Security Platforms: Release Notes
R76SP.50
Release Notes
[Protected]
© 2017 Check Point Software Technologies Ltd.
All rights reserved. This product and related documentation are protected by copyright and
distributed under licensing restricting their use, copying, distribution, and decompilation. No part
of this product or related documentation may be reproduced in any form or by any means without
prior written authorization of Check Point. While every precaution has been taken in the
preparation of this book, Check Point assumes no responsibility for errors or omissions. This
publication and features described herein are subject to change without notice.
RESTRICTED RIGHTS LEGEND:
Use, duplication, or disclosure by the government is subject to restrictions as set forth in
subparagraph (c)(1)(ii) of the Rights in Technical Data and Computer Software clause at DFARS
252.227-7013 and FAR 52.227-19.
TRADEMARKS:
Refer to the Copyright page http://www.checkpoint.com/copyright.html for a list of our
trademarks.
Refer to the Third Party copyright notices http://www.checkpoint.com/3rd_party_copyright.html
for a list of relevant copyrights and third-party licenses.
Important Information
Latest Software
We recommend that you install the most recent software release to stay up-to-date
with the latest functional improvements, stability fixes, security enhancements and
protection against new and evolving attacks.
Feedback
Check Point is engaged in a continuous effort to improve its documentation.
Please help us by sending your comments
mailto:[email protected]?subject=Feedback on 60000/40000
Security Platforms R76SP.50 Release Notes.
Revision History
Date Description
05 November 2017 General updates.
Introduction
Overview
Introducing Check Point's new appliances, the 64000 and 44000, the world's fastest Threat
Prevention platforms. The carrier-class next-generation Threat Prevention and Firewall solutions
provide the security you need today and into the future.
The platforms already support fast networking connectivity such as 40 GbE and 100 GbE. Now they
can be integrated with new and advanced solutions, both on premises or in the cloud.
When traffic volume or security requirements increase, you can easily scale the system up to
capacity. These scalable platforms enable you to continue growing your business without the
worry of security coverage.
Welcome to the future of Cyber Security!
Important Solutions
For more about R76SP.50 and to download the software, see the R76SP.50 Home Page
http://supportcontent.checkpoint.com/solutions?id=sk115735.
For a list of open issues, see the Known Limitations
http://supportcontent.checkpoint.com/solutions?id=sk115736.
What's New
Hardware
• New 7 slots/6U 44000 successor Chassis. Supports up to 6 SGMs.
• New SGM400 with updated hardware. 56 threads, 28 cores (HT) and 40G interfaces to the
back-plane.
• New SSM440 introduces 100G connectivity and an improved port density.
Distribution
• Optimizes the traffic distribution between the SGMs.
• Adds the source port to the SSM distribution calculation which optimizes new connection
distribution to SGMs.
• Adds the source port to the CoreXL calculation which optimizes new connection allocation to
different CPU cores.
• Enhances the use of the CPUs on a single SGM.
Image Cloning
• Single Management Object (SMO) and configuration propagation functionality extended.
• Supports synchronization of software (binaries and libraries).
• Easier than ever to scale-up. Add new SGMs or replace SGMs if there is a hardware failure.
Usability
• Improved user experience with updated scalable platform specific commands.
• Same workflow, look and feel as unified Check Point commands.
Commands
Command Syntax
Configures the port speed set ssm id <ssm_id> qsfp-ports-mode
<qsfp_mode>
set interface <ifn> link-speed <speed>
Command Syntax
Shows the current status of all defined show interfaces
interfaces on the system
Synchronizes the local time for all SGMs set ntp server primary [NTP Server]
and the CMM, with the NTP server version [version num]
set ntp server secondary [NTP Server]
version [version num]
Shows the content of a log file show smo log <log file> [filter <string>]
[from <date>] [to <date>] [tail <n>]
CPView
• CPView utility is a text-based, built-in utility that runs with the cpview command. See
http://supportcontent.checkpoint.com/solutions?id=sk101878.
• Runs on Security Gateways, Security Management Servers, and Multi-Domain Security
Management and is now available for scalable platforms.
• Shows statistical data to monitor the machine performance.
• Data shows general system information, such as CPU, memory and disk space.
• Data provides information about the performance of the software blades.
• Data updates continuously in easy to access views.
Firmware Versions
Component Hardware Version
SSM160 5.5.R1.4.CP404.T-ATCA404.binoxpkg
SSM Firmware
SSM440 5.5.R5.2.CP.T-ATCA510.binoxpkg
SGM220 1.3
SGM260 2.1
SGM BIOS Image
SGM400 2.28
SGM220 1.54
SGM220 1.54
SGM260 1.4
IPMC Firmware Image
SGM400 1.02
SGM220 1.54
SGM260 2.4
FPGA Image
SGM400 2.34
SGM220 2.4
SGM260 2.66
FPGA Recovery Image
SGM400 2.34
System Requirements
Management Requirements
You can manage the R76SP.50 60000/40000 Security Platform with a Security Management Server
or Multi-Domain Security Management version R76 or higher. For management requirements, see
the R76 Release Notes http://downloads.checkpoint.com/dc/download.htm?ID=22933.
If you use the LTE features, you must install the R76 LTE Hotfix on the management server. See
http://supportcontent.checkpoint.com/solutions?id=sk95768.
Gateway Requirements
Supported Software Blades
Security Gateway VSX Gateway
Firewall
IPS
Threat Emulation
Application Control
Identity Awareness
URL Filtering
IPSec VPN
IPv4 only IPv4 only
Anti-Bot
Anti-Virus