ProHoster > Π‘Π»ΠΎΠ³ > Kev tswj hwm > Check Point Gaia R80.40. Dab tsi tshiab?

Check Point Gaia R80.40. Dab tsi tshiab?

Check Point Gaia R80.40. Dab tsi tshiab?

Qhov kev tso tawm tom ntej ntawm lub operating system yog nce Gaia R80.40. Ob peb lub lis piam dhau los Qhov kev pab cuam Early Access pib, qhov twg koj tuaj yeem nkag mus kuaj qhov kev faib tawm. Raws li ib txwm muaj, peb tshaj tawm cov ntaub ntawv hais txog dab tsi tshiab, thiab tseem qhia txog cov ntsiab lus uas nthuav tshaj plaws los ntawm peb qhov kev xav. Saib tom ntej, kuv tuaj yeem hais tias kev tsim kho tshiab yog qhov tseem ceeb tiag tiag. Yog li ntawd, nws tsim nyog npaj rau cov txheej txheem hloov tshiab thaum ntxov. Yav tas los peb twb muaj lawm luam tawm ib tsab xov xwm ntawm yuav ua li cas (yog xav paub ntxiv, thov mus saib tiv tauj ntawm no). Wb mus txog lub topic...

Yog dab tsi tshiab

Cia peb saib cov kev tshaj tawm tshiab ntawm no. Cov ntaub ntawv muab los ntawm lub xaib Xyuas cov phooj ywg (cov neeg lis haujlwm Check Point zej zog). Nrog koj kev tso cai, kuv yuav tsis txhais cov ntawv no, hmoov zoo cov neeg tuaj saib Habr tso cai rau nws. Hloov chaw, kuv mam li tso kuv cov lus rau tshooj tom ntej.

1. IoT Kev Ruaj Ntseg. Cov yam ntxwv tshiab cuam tshuam nrog Internet ntawm Yam

  • Sau cov khoom siv IoT thiab cov cwj pwm tsheb khiav los ntawm cov ntawv pov thawj IoT nrhiav cav (tam sim no txhawb Medigate, CyberMDX, Cynerio, Claroty, Indegy, SAM thiab Armis).
  • Configure IoT tshiab Txoj Cai Txheej Txheem Txheej Txheem hauv kev tswj hwm txoj cai.
  • Txhim kho thiab tswj kev ruaj ntseg cov cai uas ua raws li cov khoom siv IoT cov yam ntxwv.

2. TLS Kev Tshawb FawbHTTP/2:

  • HTTP/2 yog qhov hloov tshiab rau HTTP raws tu qauv. Qhov hloov tshiab muab kev txhim kho kom nrawm, ua haujlwm tau zoo thiab kev nyab xeeb thiab tau txais txiaj ntsig nrog cov neeg siv kev paub zoo dua.
  • Check Point's Security Gateway tam sim no txhawb HTTP / 2 thiab tau txais txiaj ntsig zoo dua nrawm thiab ua haujlwm tau zoo thaum tau txais kev ruaj ntseg tag nrho, nrog rau txhua qhov Kev Tiv Thaiv Kev Nyab Xeeb thiab Kev Tswj Xyuas Cov Hniav, nrog rau kev tiv thaiv tshiab rau HTTP / 2 raws tu qauv.
  • Kev them nyiaj yug yog rau ob qho tib si ntshiab thiab SSL encrypted tsheb thiab yog tag nrho nrog HTTPS / TLS
  • Kev soj ntsuam muaj peev xwm.

TLS Inspection Layer. Innovations txog HTTPS tshuaj xyuas:

  • Txoj Cai Tshiab Txheej Txheem hauv SmartConsole mob siab rau TLS Kev Tshawb Fawb.
  • Txawv TLS Cov Txheej Txheem Kev Ntsuam Xyuas tuaj yeem siv rau hauv cov pob ntawv sib txawv.
  • Kev sib koom ntawm TLS Inspection txheej hla ntau pob txoj cai.
  • API rau kev ua haujlwm TLS.

3. Kev Tiv Thaiv Kev Nyab Xeeb

  • Zuag qhia tag nrho kev ua tau zoo li qub rau Kev Tiv Thaiv Kev Nyab Xeeb thiab kev hloov tshiab.
  • Tsis siv neeg hloov tshiab rau Threat Extraction Cav.
  • Dynamic, Domain thiab Updataable Objects tam sim no tuaj yeem siv rau hauv Kev Tiv Thaiv Kev Nyab Xeeb thiab TLS Cov Cai Tshawb Fawb. Updataable objects yog cov khoom siv network uas sawv cev rau ib qho kev pabcuam sab nraud lossis ib daim ntawv teev npe zoo ntawm IP chaw nyob, piv txwv li - Office365 / Google / Azure / AWS IP chaw nyob thiab Geo cov khoom.
  • Anti-Virus tam sim no siv SHA-1 thiab SHA-256 kev hem thawj rau thaiv cov ntaub ntawv raws li lawv cov hashs. Ntshuam cov ntsuas tshiab los ntawm SmartConsole Threat Indicators saib los yog Custom Intelligence Feed CLI.
  • Anti-Virus thiab SandBlast Threat Emulation tam sim no txhawb kev soj ntsuam ntawm e-mail tsheb hla POP3 raws tu qauv, nrog rau kev txhim kho kev soj ntsuam ntawm e-mail tsheb hla IMAP raws tu qauv.
  • Anti-Virus thiab SandBlast Threat Emulation tam sim no siv cov kev tshuaj ntsuam xyuas SSH tshiab los tshuaj xyuas cov ntaub ntawv xa mus rau SCP thiab SFTP raws tu qauv.
  • Anti-Virus thiab SandBlast Threat Emulation tam sim no muab kev txhawb nqa zoo dua rau kev tshuaj xyuas SMBv3 (3.0, 3.0.2, 3.1.1), uas suav nrog kev tshuaj xyuas ntau txoj kev sib txuas. Check Point tam sim no tsuas yog tus neeg muag khoom los txhawb kev tshuaj xyuas cov ntaub ntawv hloov mus los ntawm ntau txoj hauv kev (ib qho tshwj xeeb uas yog on-by-default hauv txhua qhov Windows ib puag ncig). Qhov no tso cai rau cov neeg siv khoom nyob ruaj ntseg thaum ua haujlwm nrog qhov kev ua tau zoo txhawb nqa.

4. Kev Paub Txog Tus Kheej

  • Kev them nyiaj yug rau Captive Portal kev koom ua ke nrog SAML 2.0 thiab lwm tus neeg muab kev qhia txog tus kheej.
  • Kev them nyiaj yug rau Identity Broker rau scalable thiab granular sib qhia cov ntaub ntawv qhia txog tus kheej ntawm PDPs, nrog rau kev sib koom ua ke.
  • Txhim kho rau Terminal Servers Agent kom zoo dua scaling thiab compatibility.

5 ib. IPsec VPN

  • Txhim kho qhov sib txawv VPN encryption domains ntawm Security Gateway uas yog tus tswv cuab ntawm ntau lub zej zog VPN. Qhov no muab:
  • Txhim kho kev ceev ntiag tug - Internal networks tsis tau nthuav tawm hauv IKE raws tu qauv kev sib tham.
  • Txhim kho kev ruaj ntseg thiab granularity - Qhia kom meej cov tes hauj lwm twg nkag tau rau hauv lub zej zog VPN tshwj xeeb.
  • Txhim kho kev sib raug zoo - Yooj yim txoj hauv kev raws li VPN cov ntsiab lus (pom zoo thaum koj ua haujlwm nrog qhov khoob VPN encryption sau).
  • Tsim thiab seamlessly ua hauj lwm nrog ib tug Loj Scale VPN (LSV) ib puag ncig nrog kev pab los ntawm LSV profiles.

6. URL lim

  • Txhim kho scalability thiab resilience.
  • Extended teeb meem muaj peev xwm.

7. NAS

  • Txhim kho NAT chaw nres nkoj cov txheej txheem - ntawm Security Gateways nrog 6 lossis ntau dua CoreXL Firewall piv txwv, txhua zaus siv tib lub pas dej ntawm NAT cov chaw nres nkoj, uas ua kom zoo dua qhov chaw nres nkoj siv thiab rov siv dua.
  • NAT chaw nres nkoj siv saib xyuas hauv CPView thiab nrog SNMP.

8. Suab tshaj IP (VoIP)Ntau qhov xwm txheej CoreXL Firewall tswj SIP raws tu qauv los txhim kho kev ua haujlwm.

9. Chaw taws teeb nkag VPNSiv daim ntawv pov thawj tshuab kom paub qhov txawv ntawm cov tuam txhab thiab cov khoom tsis yog koom nrog thiab tsim ib txoj cai tswj kev siv cov cuab yeej cuab tam nkaus xwb. Kev tswj hwm tuaj yeem ua ntej-logon (duab authentication nkaus xwb) lossis tom qab-logon (device thiab user authentication).

10. Mobile Access Portal AgentEnhanced Endpoint Security on Demand nyob rau hauv Mobile Access Portal Agent los txhawb txhua qhov web browsers loj. Yog xav paub ntxiv, saib sk113410.

11.CoreXL thiab Multi-Queue

  • Kev them nyiaj yug rau kev faib tsis siv neeg ntawm CoreXL SNDs thiab Firewall piv txwv uas tsis tas yuav tsum muaj Kev Ruaj Ntseg Ruaj Ntseg reboot.
  • Txhim kho tawm ntawm lub thawv kev paub - Security Gateway hloov pauv tus naj npawb ntawm CoreXL SNDs thiab Firewall piv txwv thiab Multi-Queue configuration raws li kev thauj mus los tam sim no.

12. Kev sib koom ua ke

  • Kev them nyiaj yug rau Cluster Control Protocol hauv Unicast hom uas tshem tawm qhov xav tau ntawm CCP

Tshaj tawm lossis Multicast hom:

  • Cluster Control Protocol encryption yog tam sim no qhib los ntawm lub neej ntawd.
  • Tshiab ClusterXL hom -Active/Active, uas txhawb nqa Pawg Cov Tswv Cuab hauv thaj chaw sib txawv uas nyob ntawm cov subnets sib txawv thiab muaj qhov sib txawv IP chaw.
  • Kev them nyiaj yug rau ClusterXL Cluster Cov Tswv Cuab uas khiav cov software sib txawv.
  • Tshem tawm qhov xav tau ntawm MAC Magic configuration thaum ob peb pawg txuas nrog tib lub subnet.

13. TSW

  • Kev them nyiaj yug rau VSX upgrade nrog CPUSE hauv Gaia Portal.
  • Txhawb rau Active Up hom hauv VSLS.
  • Txhawb rau CPView cov ntaub ntawv txheeb xyuas rau txhua qhov Virtual System

14. Zero KovKev teeb tsa yooj yim Plug & Play txheej txheem rau kev txhim kho cov cuab yeej - tshem tawm qhov xav tau ntawm kev txawj ntse thiab yuav tsum tau txuas mus rau cov khoom siv rau kev teeb tsa thawj zaug.

15. Gaia REST APIGaia REST API muab txoj hauv kev tshiab los nyeem thiab xa cov ntaub ntawv rau cov servers uas khiav Gaia Operating System. See sk143612.

16. Advanced Routing

  • Kev txhim kho rau OSPF thiab BGP tso cai rau rov pib dua thiab rov pib OSPF nyob sib ze rau txhua qhov CoreXL Firewall piv txwv yam tsis tas yuav rov pib dua lub daemon.
  • Txhim kho txoj kev tshiab rau kev txhim kho kev tuav ntawm BGP routing inconsistencies.

17. Cov peev txheej tshiab tshiab

  • Hloov kho Linux kernel
  • Tshiab partitioning system (gpt):
  • Txhawb ntau tshaj 2TB lub cev / kev xav tau tsav
  • Faster file system (xfs)
  • Txhawb nqa lub kaw lus loj dua (txog 48TB kuaj)
  • I/O kev txhim kho kev ua tau zoo
  • Multi-Queue:
  • Tag nrho Gaia Clish kev txhawb nqa rau Multi-Queue commands
  • Tsis siv neeg "rau ntawm lub neej ntawd" configuration
  • SMB v2/3 mount txhawb nqa hauv Mobile Access hniav
  • Ntxiv NFSv4 (tus neeg siv khoom) kev txhawb nqa (NFS v4.2 yog lub neej ntawd NFS version siv)
  • Kev them nyiaj yug ntawm cov cuab yeej tshiab rau kev debugging, saib xyuas thiab teeb tsa lub system

18. CloudGuard Controller

  • Txhim kho kev ua tau zoo rau kev sib txuas mus rau Sab Nraud Data Centers.
  • Kev koom ua ke nrog VMware NSX-T.
  • Kev them nyiaj yug rau ntxiv API cov lus txib los tsim thiab kho cov ntaub ntawv Center Server cov khoom.

19. Multi-Domain Server

  • Thaub qab thiab rov qab kho ib tus neeg Domain Management Server ntawm Multi-Domain Server.
  • Migrate ib Domain Management Server ntawm ib Multi-Domain Server mus rau qhov sib txawv Multi-Domain Security Management.
  • Migrate ib tug Security Management Server los ua Domain Management Server ntawm Multi-Domain Server.
  • Migrate Domain Management Server los ua Kev Tswj Xyuas Kev Ruaj Ntseg.
  • Rov qab ib lub Domain ntawm Multi-Domain Server, lossis Kev Tswj Xyuas Kev Ruaj Ntseg rau qhov kev hloov kho yav dhau los rau kev kho ntxiv.

20. SmartTasks thiab API

  • Tshiab Management API authentication txoj kev uas siv qhov pib-tsim API Key.
  • Tshiab Management API cov lus txib los tsim cov khoom pawg.
  • Central Deployment of Jumbo Hotfix Accumulator thiab Hotfixes los ntawm SmartConsole los yog nrog API tso cai rau nruab lossis hloov kho ntau qhov Kev Ruaj Ntseg Qhov Rooj thiab Pawg Ua ke.
  • SmartTasks - Txhim kho cov ntawv sau tsis siv neeg lossis HTTPS thov los ntawm cov thawj coj ua haujlwm, xws li tshaj tawm kev sib tham lossis txhim kho txoj cai.

21. Kev xa tawmCentral Deployment of Jumbo Hotfix Accumulator thiab Hotfixes los ntawm SmartConsole los yog nrog API tso cai rau nruab lossis hloov kho ntau qhov Kev Ruaj Ntseg Qhov Rooj thiab Pawg Ua ke.

22. SmartEventQhia tawm SmartView views thiab tshaj tawm nrog lwm tus thawj coj.

23. Log ExporterExport cav lim raws li cov nqi teb.

24. Endpoint Security

  • Kev them nyiaj yug rau BitLocker encryption rau tag nrho Disk encryption.
  • Kev them nyiaj yug rau lwm daim ntawv pov thawj Authority daim ntawv pov thawj rau Endpoint Security tus thov kev pab
  • authentication thiab kev sib txuas lus nrog Endpoint Security Management Server.
  • Kev them nyiaj yug rau dynamic loj ntawm Endpoint Security Client tej pob khoom raws li cov xaiv
  • nta rau kev xa tawm.
  • Txoj cai tam sim no tuaj yeem tswj hwm qib kev ceeb toom rau cov neeg siv kawg.
  • Txhawb rau Persistent VDI ib puag ncig hauv Endpoint Policy Management.

Qhov peb nyiam tshaj plaws (raws li cov neeg siv khoom ua haujlwm)

Raws li koj tuaj yeem pom, muaj ntau qhov kev tsim kho tshiab. Tab sis rau peb, raws li rau system integrator, muaj ob peb lub ntsiab lus nthuav heev (uas kuj nthuav rau peb cov neeg siv khoom). Peb Qhov Zoo Tshaj 10:

  1. Thaum kawg, kev txhawb nqa tag nrho rau IoT cov khoom siv tau tshwm sim. Nws yog qhov nyuaj heev los nrhiav lub tuam txhab uas tsis muaj cov khoom siv zoo li no.
  2. Kev tshuaj xyuas TLS yog tam sim no muab tso rau hauv ib txheej (Layer). Nws yog qhov yooj yim dua li tam sim no (ntawm 80.30). Tsis muaj kev khiav qhov qub Legasy Dashboard. Ntxiv rau, tam sim no koj tuaj yeem siv Updataable cov khoom hauv HTTPS txoj cai tshuaj xyuas, xws li Office365, Google, Azure, AWS, thiab lwm yam kev pabcuam. Qhov no yooj yim heev thaum koj yuav tsum teeb tsa kev zam. Txawm li cas los xij, tseem tsis muaj kev txhawb nqa rau tls 1.3. Pom tau tias lawv yuav "tuav" nrog rau qhov kev kho tshiab tom ntej.
  3. Cov kev hloov pauv tseem ceeb rau Anti-Virus thiab SandBlast. Tam sim no koj tuaj yeem tshawb xyuas cov txheej txheem xws li SCP, SFTP thiab SMBv3 (los ntawm txoj kev, tsis muaj leej twg tuaj yeem tshawb xyuas cov txheej txheem ntau-channel ntxiv lawm).
  4. Muaj ntau yam kev txhim kho txog Site-to-Site VPN. Tam sim no koj tuaj yeem teeb tsa ntau qhov chaw VPN ntawm lub rooj vag uas yog ib feem ntawm ntau lub zej zog VPN. Nws yooj yim heev thiab nyab xeeb dua. Tsis tas li ntawd, Check Point thaum kawg nco txog Route Based VPN thiab me ntsis txhim kho nws txoj kev ruaj ntseg / kev sib raug zoo.
  5. Ib tug nrov feature rau cov neeg siv tej thaj chaw deb tau tshwm sim. Tam sim no koj tuaj yeem lees paub tsis yog tus neeg siv nkaus xwb, tab sis kuj yog lub cuab yeej los ntawm nws txuas. Piv txwv li, peb xav tso cai rau kev sib txuas VPN tsuas yog los ntawm cov cuab yeej koom tes. Qhov no yog ua tiav, tau kawg, nrog kev pab ntawm daim ntawv pov thawj. Nws kuj tseem tuaj yeem ua tau ncaj qha mount (SMB v2/3) cov ntaub ntawv sib koom rau cov neeg siv nyob deb nrog tus neeg siv VPN.
  6. Muaj ntau qhov kev hloov pauv hauv kev ua haujlwm ntawm pawg. Tab sis tej zaum ib qho ntawm qhov nthuav tshaj plaws yog qhov ua tau ntawm kev ua haujlwm ntawm pawg uas lub rooj vag muaj ntau yam sib txawv ntawm Gaia. Qhov no yooj yim thaum npaj kev hloov tshiab.
  7. Txhim kho Zero Touch peev xwm. Ib qho tseem ceeb rau cov neeg uas feem ntau nruab "me" gateways (piv txwv li, rau ATMs).
  8. Rau cov cav, cia siab txog 48TB tam sim no txhawb nqa.
  9. Koj tuaj yeem faib koj lub SmartEvent dashboards nrog rau lwm tus thawj coj.
  10. Log Exporter tam sim no tso cai rau koj ua ntej lim xa cov lus siv cov teb xav tau. Cov. Tsuas yog cov ntaub ntawv tsim nyog thiab cov xwm txheej yuav raug xa mus rau koj lub tshuab SIEM

Hloov tshiab

Tej zaum ntau tus twb xav txog kev hloov kho tshiab. Tsis tas yuav maj. Yuav pib nrog, version 80.40 yuav tsum tsiv mus rau General Availability. Tab sis txawm tias tom qab ntawd, koj yuav tsum tsis txhob hloov kho tam sim ntawd. Nws yog qhov zoo dua los tos tsawg kawg yog thawj qhov kev kho mob.
Tej zaum muaj coob tus "sab" ntawm cov laus versions. Kuv tuaj yeem hais tias qhov tsawg kawg nkaus nws twb ua tau (thiab tseem tsim nyog) hloov mus rau 80.30. Qhov no twb yog ib tug ruaj khov thiab pov thawj system!

Koj tseem tuaj yeem sau npe rau peb cov nplooj ntawv pej xeem (Telegram, Facebook, VK, TS Solution Blog), qhov twg koj tuaj yeem ua raws li qhov tshwm sim ntawm cov ntaub ntawv tshiab ntawm Check Point thiab lwm yam khoom siv kev ruaj ntseg.

Tsuas yog cov neeg siv sau npe tuaj yeem koom nrog hauv daim ntawv ntsuam xyuas. Kos npe rau hauvthov.

Dab tsi version ntawm Gaia koj siv?

  • R77.10

  • R77.30

  • R80.10

  • R80.20

  • R80.30

  • lwm yam

13 cov neeg siv pov npav. 6 cov neeg siv txwv tsis pub siv.

Tau qhov twg los: www.hab.com

Ntxiv ib saib