How to turn off Smart Defense for one specific host

[Dimitri]

Is it possible to turn off Smart Defense for one host.....???????

[kva.kva]

Do you mean for CP server? Or smth else?
For CP module it's impossible, as i know it will be a new feature in new CP release. Smth like profiles in Interspect.

[Dimitri]

It is CP, thank you for the answer

[yelwoci]

Now it would be very nice to be able to define trusted hosts with Smartdefense, that turns it off for a particular host list

[chillyjim]

Quote:

Originally Posted by yelwoci

Now it would be very nice to be able to define trusted hosts with Smartdefense, that turns it off for a particular host list

Please open a RFE (http://www.checkpoint.com/jsp/rfe/rfe.jsp) for this. I'm hoping to get critical mass on requests for them to do this.

[maurox]

For the moment you can do this adding a new tcpservice ( for ex. "tcp80" without adding anything on the protocol type ( in advanced properties , for example http has "http").
After you must add a rule for this host/new service:

old rule
any -> host -> http /any > accept

new rule
any-> host-> tcp80 > accept
Maurox

[alucinado]

Yes, you can do this editing the asm.def file located in $FWDIR/lib. The procedure is available at checkpoint with the number sk31918 (the only problem is that you need the advanced access to read this article).