Friday, February 24, 2012

Gaia public EA, first impression

As you may already know, long expected Check Point Gaia has finally made the first public EA.

I am currently playing with it, and it seems quite interesting. Here are my first notes for the matter.

Finally, Google Chrome is support for WebUI, although my old Firefox 3.6 on OSX is not. The first time wizard loos quite nice, and it finally recognizes the platform, VMware Fusion in my case.

VRRP is indeed part of the release, all praise Check Point for that!

When installing, you can see much more detailed progress

Once system is up, you get WebUI overview page. It is too big to put it here, but there are some detais I would like to point out. There is a feedback area in the GUI. You can just mark something you like or not with the smiley faces, You can also send the text feedback form the tool.

 Check Point listens, isn't it nice?

One last picture for today, in the use management section one is able to set a lot of accessibility and management roles. Each part of MGMT interface can be set to full rights or read only.

Now, what about kernel? It is still RH Linux based, 2.6 version. I have installed 64 Bit version, and it seems to do its job so far.

CLI is set to clish, and you get bash in expert mode. cpshell is still there, but some of the commands do not work. As I am still in the earliest curiosity stage, RTFM step is not done yet, so it might be a user error.

I am planning to dig into the most expected features: dynamic routing, VRRP, extended kernel memory, etc. New posts to come.


  1. I can't think of a reason you'd want to use cpshell since clish in Gaia incorporates everything you could do in cpshell (with the same syntax, even).

  2. sure, clish was one of the most wanted features. still, weird about cpshell.

  3. I am anxious to hear about the dynamic routing part of it....namely BGP as SPLAT's dynamic routing leaves a lot to be desired.

  4. that is why post is named "first impression. just give me a chance :-)

    actually, the main problem was not routing process, but its ability to inject routes to the kernel. the only way to check that is to build a serious lab. i am not there yet.

    as for configuration part, BGP, OSPF and others are part og WebUI now, IPSO Voyager style

  5. Hi Valeri, is the EA of GAIA open to everyone? I would like to get my hands on it as we are currently reviewing Fortinet and Palo Alto against CP and I would like to ensure I'm not missing anything.

    Cheers, Jim

  6. Hi!, there are two quesions:

    1. Is Gaia EA open to everybody? The answer is yes, it is public. If it would not, I could not post about it. But you have to register to EA through UserCenter.

    2. As for the competitive analysis, I would stick to the latest official version, with is R75.30 and does not include Gaia just yet.

    For me personally, there is not a question. Palo Alto is close to CP in terms of security features, Fortigate is way behind. But Check Point beats everybody when it comes to usability and MGMT tools.

    Hope this helps.