Check Point GAiA is the unified cutting-edge secure operating system for all Check Point Appliances, open servers and virtualized gateways. GAiA combines the best features from IPSO and SecurePlatform into a single unified OS providing greater efficiency and robust performance. With the support of the full suite of Software Blades, customers will benefit from improved connection capacity and the full breadth and power of Check Point security technologies by adopting GAiA.

Benefits

Combining the Best Features of IPSO & SecurePlatform
  • Secure platform for all Check Point Gateways and Management, open servers and virtualized gateways
  • Support the full-range of Software Blades on all Check Point Appliances, including IP Series
  • Full compatibility with IPSO and SPLAT command line interface
Increase Operational Efficiency with Wide Range of Features
  • Feature-rich and intuitive Web-UI to configure and manage the entire gateway
  • Role-based administration allowing segregation of duties among users with different privilege
  • New Software Update Tool puts system updates on autopilot
  • Replication of security gateway settings or image to others in minutes
  • Fast and efficient installation, backup and recovery
A Secure Platform for the Most Demanding Environments
  • Full integration of IPv6 network security utilizing Check Point advanced technologies (CoreXL, SecureXL, ClusterXL and VRRP)
  • High connection capacity with 64-bit operating system providing up to 210 million concurrent connections on the 61000 Security System
  • Advanced routing options including ClusterXL and VRRP clustering, 5 dynamic routing protocols and 6 multicasting protocols

Features

This interface integrates all management functions into a Web-based dashboard that is accessible via the most popular Web browsers – Internet Explorer, Chrome, Firefox and Safari. The built-in search navigation delivers instant results on commands and properties. For the CLI-inclined users, a Shell-Emulator pop-up window is only a single click away.

GAiA WebGUI

Prepackaged solutions provide turn-key security for various business deployment scenarios. Software Blades can also be individually selected to build customized solution to meet specific security needs. Supported security Blades include:

  • Firewall
  • IPS
  • IPsec VPN
  • Identity Awareness
  • Advanced Networking & Clustering
  • Mobile Access
  • Application Control
  • DLP
  • URL Filtering
  • Anti-Bot
  • Antivirus
  • Anti-Spam & Email Security

Utilizing the efficiency of a 64-bit operating system, GAiA is capable of boosting connection capacity of existing Check Point Appliances.

Appliance Concurrent Connection Capacity Based on Memory Size
Appliance Memory Size SecurePlatform or IPSO GAiA
6 GB 1.2M 2.5M
8 GB 1.2M 3.3M
12 GB 1.2M 5M
24 GB 1.2M 10M

Segregation of duty is part of a good security policy and it improves operating efficiency. The role-based administrative access gives GAiA customers the ability and granularity to customize their security management policies that are particular to their business needs. User authentication and authorization are based on Industry Standard RADIUS and TACACS+ protocols, specific levels of access can be granted based on each individual’s role and responsibility – building a stronger security environment.

Segregation of duty is part of a good security policy and it improves operating efficiency. The role-based administrative access gives GAiA customers the ability and granularity to customize their security management policies that are particular to their business needs. User authentication and authorization are based on Industry Standard RADIUS and TACACS+ protocols, specific levels of access can be granted based on each individual’s role and responsibility – building a stronger security environment.

Update times have been reduced to only a few seconds and post-update testing is performed automatically. Notification emails are sent about recommended updates and update statuses. Updates can be scheduled for automatic download and install during off-peak hours where the impact to business and network resources is minimum.

GAiA Software Update

As the number of available IPv4 addresses diminishes, it is becoming more and more important to ensure that your network is Ready for IPv6. Check Point GAiA is designed to allow easy interoperability with this new version of the Internet Protocol.Support for IPv6 is included with the Acceleration and Clustering Blade. Customers migrating to IPv6 will benefit from the Dual Stack and Tunneling transition methods in GAiA.

IPv6 Ready Phase 2 icon for GAiA

Whether your preferred network redundancy protocol is Check Point ClusterXL technology or standard VRRP protocol, it is no longer a “platform choice” you will have to make with GAiA. Both ClusterXL and VRRP are fully supported by GAiA, and GAiA is available to all Check Point Appliances, open servers and virtual environments. There are no more trade-off decisions between required network protocols and preferred security platforms/functions.

The major protocols supported at release are:

Dynamic Routing Protocols:

  • RIP RFC 1058
  • RIP version 2 (with authentication) RFC 1723
  • OSPFv2 RFC 2328
  • OSPF NSSA RFC 3101
  • BGP4 RFCs 1771, 1963, 1966, 1997, 2918

Multicasting Protocols:

  • IGMPv2 RFC 2236
  • IGMPv3 RFC 3376
  • PIM-SM RFC 4601
  • PIM-SSM RFC 4601
  • PIM-DM RFC 3973
  • PIM-DM state refresh draft-ietf-pim-refresh-02.txt

Transitioning to GAiA is a breeze for security administrators. The same powerful command line interface (CLI) commands from IPSO and SPLAT are seamlessly integrated into GAiA. Additional new commands and capabilities are also added to the GAiA CLI making a powerful CLI interface even more intuitive to use.

GAiA Migration

New Benefits from GAiA for Existing SecurePlatform and IPSO Users
 For IPSO Users: For SecurePlatform Users:
  • Ease of Use
    • Configuration wizards
    • One-step install
    • One-click registration
  • Full Software Blade support
  • Higher connection capacity
    • 64 Bit OS
  • IPv6  security
    • Supports Dual stack and Tunneling
    • SecureXL and CoreXL acceleration
  • More clustering options
    • ClusterXL or VRRP
  • Enhanced device management
    • Image snapshot
    • Device replication
  • Automated software update
  • Powerful Management
    • WebUI and CLI
    • Role-based administration
    • Configuration sets
  • Manageable dynamic routing
  • Higher connection capacity
    • 64 Bit OS
  • IPv6 security
    • Supports Dual stack and Tunneling
    • SecureXL and CoreXL acceleration
  • More clustering options
    • ClusterXL or VRRP
  • Enhanced device management
    • Image snapshot
    • Device replication
  • Automated software update


Upgrading From SecurePlatform

  1. Upgrade the product licenses to R75 or higher
  2.  Connect a DVD drive to the USB port on the computer
  3.  Run: # patch add cd
  4.  Select the applicable upgrade option
  5.  After the upgrade, remove the DVD from the drive
  6.  Reboot
  7.  Install a policy

Upgrading from IPSO

  1. Mount the GAiA ISO on an FTP server
  2. Install the GAiA upgrade package on the IP Appliance
  3. Run the upgrade package
  4. Supply backup location (optional)
  5. Supply upgrade template (optional)
  6. Confirm
  7. Script runs automatically

First Time Installation

  • Multiple Software Install Options Including via a USB Stick
  • Run a First Time Installation Wizard from the Web UI or Command Line Interface or Create an Answer File to Run the Wizard Unattended

GAiA Configuration Wizard