Checkpoint Firewall-1 version 4.1 and later with IPsec VPN enabled will return an IKE Vendor ID payload when it receives an IKE packet with a specific Vendor ID payload. The Vendor ID payload that is returned identifies the system as Checkpoint Firewall-1 and also determines the Firewall-1 version and service-pack or feature-pack revision number. This is an information leakage issue which can be used to fingerprint the Firewall-1 system.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/33567/chkptFW1-IKE.txt
Source: https://packetstormsecurity.com/files/33567/chkptFW1-IKE.txt.html