Check Point GO R75. Release Notes. 21 December Classification: [Public]

Similar documents
Remote Access Clients for Windows 32/64-bit

Endpoint Security. E80.30 Localized Version. Release Notes

Endpoint Security Release Notes

Endpoint Security webrh

SecuRemote for Windows 32-bit/64-bit

How to Connect with SSL Network Extender using a Certificate

R Release Notes. 6 March Classification: [Protected] [Restricted] ONLY for designated groups and individuals

How To Import New Client MSI Files and Upgrade Profiles

How To Troubleshoot VPN Issues in Site to Site

Check Point Document Security

Security Gateway Virtual Edition

How To Configure OCSP

Data Loss Prevention. R75.40 Hotfix. Getting Started Guide. 3 May Classification: [Protected]

How to Configure ClusterXL for L2 Link Aggregation

How To Configure IPSO as a DHCP Server

Remote Access Clients for Windows 32-bit/64-bit

SmartWorkflow R Administration Guide. 29 May Classification: [Restricted]

How To Configure and Tune CoreXL on SecurePlatform

R Release Notes. 18 August Classification: [Public]

Security Acceleration Module

Security Gateway Virtual Edition

Check Point Mobile VPN for ios

Check Point GO R75. User Guide. 14 November Classification: [Public]

How To Install SecurePlatform with PXE

Security Gateway for OpenStack

How To Install IPSO 6.2

VPN-1 Power VSX VSX NGX R65 HFA 10. Release Notes

Data Loss Prevention R71. Release Notes

Endpoint Security webrh

Migration Manager Technical Specifications

R75.40VS. Release Notes. 20 January Protected

Sage ACT! PRO 2011 System Requirements

Installation and Upgrade Guide

Remote Access Clients for Windows 32-bit/64-bit

VSEC FOR OPENSTACK R80.10

Quality of Service R75.40VS. Administration Guide. 15 July Classification: [Protected]

Appsense Environment Manager. User Personalization Performance & Scalability (version ) Technical Overview

IPS R Administration Guide

Performance Pack. Administration Guide Version R70. March 8, 2009

Perceptive Experience Web Scan

Unipass Secur Client User Guide v1.5

NTP Software File Auditor for Windows Edition

Check Point IPS R75. Administration Guide

Setup Guide. Before Setting Up. Installation. Start-up/Shutdown

Installation Notes. for Windows. ZONA Technology, Inc. Scottsdale, Arizona

Sage BusinessWorks Accounting 2012 System Standards

FinalCode Viewer User Manual

ACT! by Sage Corporate Edition 2010 System Requirements

Delphi+ SP5-AP7 System Requirements

For Windows (32-bit & 64-bit).

EntraPass WebStation. Installation Manual DN

dctrack Quick Setup Guide (Recommended) Obtain a dctrack Support Website Username and Password

PPC s SMART Practice Aids Prepare for Installing database upgrade to SQL Express 2008 R2

FinalCode Viewer User Manual

AAD - ASSET AND ANOMALY DETECTION DATASHEET

Setup Guide. Operating Instructions. 1 Before Setting Up 2 Installation 3 Start-up/Shutdown

EA/Studio Installation Guide

Security Enhancements

Connectra Virtual Appliance Evaluation Guide

Access Gateway 9.3, Enterprise Edition

Security Gateway 80 R Administration Guide

Manual Internet Explorer 10 Vista 32 Bit >>>CLICK HERE<<<

Sage 200c Professional. System Requirements and Prerequisites

Sage 200c Professional. System Requirements and Prerequisites

SSL VPN R71. Administration Guide

PS-4700/4800Series User ユーザーマニュアル Hardware Manual Manual

CUTEPDF WRITER. Department of Information Technology User Support. Date October 2004

WMS XPRESS. System Requirements

Ensure that the server where you install the Primary Server software meets the following requirements: Item Requirements Additional Details

Endpoint Security Client

SC-T35/SC-T45/SC-T46/SC-T47 ViewSonic Device Manager User Guide

System Requirements and Prerequisites

Agilent OpenLAB Chromatography Data System (CDS)

Installing Lotus Notes on Your Computer Lotus Notes release (Standard and Basic versions)

Symantec ediscovery Platform

IBM Proventia Management SiteProtector Installation Guide

Embarcadero All-Access Server Installation Guide

Personality Migration Reference

XLmanage Version 2.4. Installation Guide. ClearCube Technology, Inc.

Embarcadero All-Access Server Quick Start Guide. All-Access 1.5 Last Published October 8, 2009

Manual Pdf Win Bit Iso File Reader >>>CLICK HERE<<<

Filr 3.3 Using Micro Focus Filr with Microsoft Office and Outlook Applications. December 2017

Sage 300 People & Web Self Service Technical Information & System Requirements

Visual Nexus Version 4.0

Embarcadero ToolCloud Quick Start Guide. ToolCloud 1.7 Last Published December 14, 2009

About Your Software Windows NT Workstation 4.0 Windows 98 Windows 95 Applications and Support Software

Cleo A+ for Windows Installation Guide November 2001

OmniAccess 3500 Nonstop Laptop Guardian Release 1.2 Administrator Release Notes

Alcatel-Lucent IPSec Client

Endpoint Security Management Server

VMware Enterprise Desktop Solutions. Tommy Walker Enterprise Desktop Specialist Engineer Desktop Platform Solutions

VMware App Volumes Installation Guide. VMware App Volumes 2.13

ClusterXL R Administration Guide. 3 March Classification: [Protected]

SmartView Monitor R75. Administration Guide

RightFax System Requirements Minimum and recommended environments for RightFax 10.6

Installing or Upgrading ANM Virtual Appliance

WA1735 Java Persistence (JPA) Programming using Rational Application Developer 7.5. Classroom Setup Guide. Web Age Solutions Inc.

Cisco s AnyConnect VPN Client (version 2.4)

Nimsoft Monitor. exchange_response Guide. v2.5 series

Pastel ACT! What s New? What s New? Version ACT! What s New Version 13

Transcription:

Check Point GO R75 Release Notes 21 December 2011 Classification: [Public]

2011 Check Point Software Technologies Ltd. All rights reserved. This product and related documentation are protected by copyright and distributed under licensing restricting their use, copying, distribution, and decompilation. No part of this product or related documentation may be reproduced in any form or by any means without prior written authorization of Check Point. While every precaution has been taken in the preparation of this book, Check Point assumes no responsibility for errors or omissions. This publication and features described herein are subject to change without notice. RESTRICTED RIGHTS LEGEND: Use, duplication, or disclosure by the government is subject to restrictions as set forth in subparagraph (c)(1)(ii) of the Rights in Technical Data and Computer Software clause at DFARS 252.227-7013 and FAR 52.227-19. TRADEMARKS: Refer to the Copyright page (http://www.checkpoint.com/copyright.html) for a list of our trademarks. Refer to the Third Party copyright notices (http://www.checkpoint.com/3rd_party_copyright.html) for a list of relevant copyrights and third-party licenses.

Important Information Latest Software We recommend that you install the most recent software release to stay up-to-date with the latest functional improvements, stability fixes, security enhancements and protection against new and evolving attacks. Latest Documentation The latest version of this document is at: http://supportcontent.checkpoint.com/documentation_download?id=12065 For additional technical information, visit the Check Point Support Center (http://supportcenter.checkpoint.com). For more about this release, see the home page at the Check Point Support Center (http://supportcontent.checkpoint.com/solutions?id=sk65602). Revision History Date Description 21 December 2011 Many updates, including: Throughput per R75.20 Gateway (on page 8), Maximum Users per Gateway (on page 9), Supported End User Platforms and Requirements ("Supported End User Platforms" on page 6), and Supported Portable Apps (on page 7). 24 November 2011 First release of this document Feedback Check Point is engaged in a continuous effort to improve its documentation. Please help us by sending your comments (mailto:cp_techpub_feedback@checkpoint.com?subject=feedback on Check Point GO R75 Release Notes).

Contents Important Information... 3 Introduction... 5 What's New... 5 Supported Platforms... 6 Supported Check Point Versions... 6 Supported Gateway and Server Platforms... 6 Supported End User Platforms... 6 Supported Applications... 7 Supported Portable Apps... 7 Throughput per R75.20 Gateway... 8 Maximum Users per Gateway... 9 Installation and Upgrade... 9 Upgrading SmartDashboard... 9 Upgrading Check Point GO Devices... 10 Resolved Issues and Known Limitations... 10

What's New Introduction Thank you for using Check Point GO, Check Point's virtual portable workspace technology made available on a USB Flash drive. This release contains new features and enhancements and resolves various issues for Check Point GO. What's New New features and enhancements in this release: Portable applications (apps) are virtualized versions of Windows programs that run in the Check Point GO Secure Workspace desktop environment. Check Point GO Customization Tool. A tool to pre-configure policies and user profiles and burn them on the Check Point GO device. Remote Device Lock. A way to configure the Check Point GO device to lock after a certain period of time, or after several VPN authentication failures. This is the Check Point GO solution for "remote wipe" (also known as "poison pill") requirements. A locked device can be opened only by password recovery or a full format of the device. Remote Device Lock is configured using the Check Point GO Customization Tool. Enhanced performance for HTTP, login and shutdown. Folder mode. Gives direct access to encrypted Check Point GO folders on the device without running the Secure Workspace desktop environment. Using Windows explorer, users can browse to encrypted storage, add and remove files directly. FTP shared folder. Lets users access a shared network folder in the organization. Smart Card Support for the VPN client. Certificate Persistence. (CAPI Virtualization). After the certificate from a HTTPS-based website has been imported to the device, the certificate remains valid for subsequent Check Point GO sessions on the next Host PC or operating system. This is part of the Check Point GO personalization, where changes made in Secure Workspace (such as downloading CAPI certificates) remains persistent across different Check Point GO sessions and different Windows versions. Format the device in a granular way there are two ways of formatting Check Point GO. The option: Format user data is protected with the user s password. It does not clear the security policy, VPN configuration, pre-configured portable apps, and other information that was configured using the Check Point GO Customization Tool. Restore factory defaults is protected with the administrator's password. Custom End User License Agreement - Add a license that users read and agree to each time they start to use Check Point GO. Data Wipe Mode - In this mode, users have a clean secure workspace and access to approved resources. Session data is deleted from the device on logon and logoff. New look and feel. Introduction Page 5

Supported Check Point Versions Supported Platforms Configure Check Point GO in an environment that includes a Security Gateway, Security Management server, and SmartDashboard. Supported Check Point Versions These Check Point products are supported for installing and managing Check Point GO: Product, from R70.20 Security Gateway Notes On R71 to R71.30 Check Point GO does not work if the Mobile Access Software Blade is enabled. On R71.40 Check Point GO does work with the Mobile Access Software Blade, but certificate authentication for VPN is not supported. Security Management server All Security Management server versions that work with the supported gateways. SmartDashboard Version Install together with SmartDashboard for the version with the Check Point GO R75 Secure Workspace Manager Upgrade Supported Gateway and Server Platforms Check Point GO is supported on Gateways and Security Management servers on these platforms: SecurePlatform appliances and open servers IPSO 4.2/6.2 Disk based and 4.2/6.2 Flash based Windows Server 2003 SP1 32-bit Windows Server 2008 SP1 32-bit - for Check Point versions R70.20 or higher Supported End User Platforms Check Point GO is supported on these Windows platforms on a regular computer or on VMware Workstation version 6.5 or higher: Windows Edition Service Packs Architecture XP Home and Professional SP3 or higher 32-bit Vista Home Basic/Premium, Business, Ultimate SP2 or higher 64-bit 7 Home Premium, Professional, Ultimate 32-and 64-bit Note - Users can log in to Windows using an Administrator or a non-administrator account. Currently, Check Point GO does not support the GUEST account on the host PC. If you require support for other environments, contact Check Point support (http://supportcenter.checkpoint.com). The host computer must have these minimum system requirements: RAM: 512 MB, plus more for each portable app. The amount required for each portable app varies. Processor: Pentium 1 GHz and higher Supported Platforms Page 6

Supported End User Platforms Windows Explorer: 2 free drive letters Supported Applications These applications have been tested for usability within the Check Point GO Secure Workspace when installed on the host computer. Adobe Acrobat (writer) Adobe Reader 8/9 Citrix (web and fat clients, XenApp, NetScaler) ClearQuest CuteFTP Cyberarc Famatech Remote Administrator FileZilla IBM Lotus inotes Mozilla Firefox, version 3 and later Microsoft HyperTerminal Microsoft Windows Image Viewer Microsoft Internet Explorer 6/7/8/9 Open Office (Writer, Calc, and Impress) Outlook Web Access Personal Communications Workstation Program PowerTerm InterConnect for Windows Putty SecureCRT Siebel Client VNC Viewer WebDav WinRar WinZip WordPadCalc WS_FTP Home/PRO Microsoft Media Player Microsoft Notepad Microsoft Paint Microsoft Office XP/2003/2007/2010 Excel, PowerPoint, and Word Microsoft Terminal Services (RDP) client, also called MSTSC Supported Portable Apps These applications have been tested for operations within the Check Point GO Secure Workspace when installed on Check Point GO as portable applications. Supported Portable Application Version Microsoft Office 2003 Mozilla Firefox 5.0.1 Citrix XenApp client (full client and web plugin) 11.2 VMView client 4.5 Supported Applications Page 7

Throughput per R75.20 Gateway Throughput based on VPND CPU Usage The VPND.exe process manages VPN activity. Gateway Appliance with 50% CPU Usage with 80% CPU Usage UTM-1 130 21 33 41 UTM-1 270 42 67 86 2200 Appliance 120 132-4200 Appliance 120 133 - UTM-1 1070 133 150 187 UTM-1 2070 139 175 218 Power-1 9070 153 251 314 4600 Appliance 503 527-4800 Appliance 473 532 - Supported End User Platforms with 100% CPU Usage Cluster of Gateways where N is the number of gateways in the cluster Gateway throughput * N Gateway throughput * N Gateway throughput * N Throughput based on Gateway CPU Usage Gateway Appliance with 50% CPU Usage with 80% CPU Usage 2200 Appliance 80 120 132 4200 Appliance 85 117 133 4600 Appliance 330 511 527 4800 Appliance 513 - - Notes: with 90% CPU Usage If the primary function of a gateway is to use the IPSec VPN Software Blade with Check Point GO, we recommend not exceeding 80% CPU usage. This ensures that no packets are lost. If you use additional Software Blades on a gateway, we recommend not exceeding 50% CPU usage. Do not exceed 100% CPU usage. After 100% CPU usage is exceeded, TCP connections might behave unexpectedly. The throughput for Gateway Clusters that is shown is correct for clusters that are used only for Check Point GO traffic. In multi-core gateways, Check Point GO uses one of the cores. The CPU numbers shown are for that one core. Other cores can be use to run other Software Blades. The maximum number of concurrent connections per device is 400. This limit applies to all gateway devices. To have more than 400 concurrent connections, use a clustered configuration with multiple gateway devices. 400 concurrent connections can support as many as 4000-5000 light remote access users, or as few as 100 heavy users. Throughput per R75.20 Gateway Page 8

Upgrading SmartDashboard An example of a heavy user is one with 4 constant concurrent connections, such as a temp employee or contractor who is constantly connected through Check Point GO to the office resources. A light user might need to download 10Mb of email traffic every 1 hour, which is approximately 2.5Kbps. Maximum Users per Gateway The table below shows the maximum recommended number of light users, medium users, and heavy users for each appliance. All are based on 80% CPU usage. If more than one device is listed, there are multiple options. Number of users Gateway device for light users [Throughput for user] Gateway device for medium users [Throughput for user] Gateway device for heavy users [Throughput for user] 100 UTM-1 130 [330 Kbps] UTM-1 270 [580 Kbps] 200 UTM-1 130 [165 Kbps] UTM-1 270 [290 Kbps] UTM-1 1070 [750 Kbps] 500 UTM-1 270 [116 Kbps] 2200 Appliance [240 Kbps] 4200 Appliance [240 Kbps] 1000 UTM-1 1070 [150 Kbps] UTM-1 2070 [175 Kbps] 2200 Appliance [120 Kbps] 4200 Appliance [120 Kbps] 2000 4600 Appliance [255 Kbps] 4800 Appliance [256 Kbps] 4000 4600 Appliance [127 Kbps] 4800 Appliance [128 Kbps] UTM-1 1070 [300 Kbps] UTM-1 2070 [350 Kbps] 2200 Appliance [240 Kbps] 4200 Appliance [240 Kbps] UTM-1 9070 [251 Kbps] 4600 Appliance [511 Kbps] 4800 Appliance [513 Kbps] 4600 Appliance [255 Kbps] 4800 Appliance [256 Kbps] Cluster of 2 4600 or 4800 Appliances [256 Kbps] UTM-1 9070 [502 Kbps] 4600 Appliance [511 Kbps] 4800 Appliance [513 Kbps] Cluster of 2 UTM-1 9070 [502 Kbps] 4600 Appliance [511 Kbps] 4800 Appliance [513 Kbps] Cluster of 2 4600 or 4800 Appliances [512 Kbps] Cluster of 4 4600 or 4800 Appliances [512 Kbps] Installation and Upgrade To install or upgrade to this release, make sure that you have a gateway and Security Management Server with the version and platform requirements. Then: Use the Secure Workspace Manager Update utility to update the SmartDashboard. Update your Check Point GO settings in SmartDashboard. Provision and upgrade the Check Point GO devices. Upgrading SmartDashboard In this release, a new tool makes it easy to upgrade your Check Point GO Secure Workspace Manager in SmartDashboard. To upgrade your SmartDashboard for Check Point GO R75: 1. Download (http://supportcenter.checkpoint.com) the Check Point GO R75 Secure Workspace Manager Upgrade Utility to the computer with SmartDashboard installed. 2. Run the program. 3. When prompted, select the version of SmartDashboard that you have installed and want to update. 4. Follow the on-screen instructions. Maximum Users per Gateway Page 9

Upgrading Check Point GO Devices When you open SmartDashboard it will be ready to work with Check Point GO R75. Upgrading Check Point GO Devices When you upgrade an existing Check Point GO device: No policy install is required. The user's data is not erased. To upgrade the device: 1. Download (http://supportcenter.checkpoint.com) the new version of Check Point GO. 2. Verify that the package filename is CheckPointGOUpdater.tgz (case sensitive). 3. Copy the file to the Security Gateway computer, to $FWDIR/conf/extender/CSHELL 4. In $FWDIR/conf/extender/CSHELL, run tar xzf Check Point GOUpdater.tgz 5. Only on R71.40 gateways with Mobile Access Software Blade: a) Copy the files to an additional location on the Security Gateway computer: $CVPNDIR/htdocs/SNX/CSHELL/ b) In $CVPNDIR/htdocs/SNX/CSHELL/ run tar xzf Check Point GOUpdater.tgz c) Run $CVPNDIR/scripts/cvpn_post_utility.csh When users connect Check Point GO devices to the gateway, the devices detect the new version, download it and upgrade automatically. Resolved Issues and Known Limitations For issues resolved in Check Point GO R75, see sk65604 (http://supportcontent.checkpoint.com/solutions?id=sk65604). For known limitations, see sk65603 (http://supportcontent.checkpoint.com/solutions?id=sk65603). Resolved Issues and Known Limitations Page 10

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback