CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


First, I hope you're all well and staying safe.
Second, I want to give a "heads up" that you should see more activity here shortly, and maybe a few cosmetic changes.
I'll post more details to the "Announcements" forum soon, so be on the lookout. -E

 

Search:

Type: Posts; User: ShadowPeak.com

Search: Search took 0.00 seconds.

  1. Re: IPS Protect internal hosts only - recommendation

    Yep IPS was at long last fully integrated with the rest of the Threat Prevention blades in R80.10 gateway. Also Geo Protection was renamed Geo Policy and is no longer part of the IPS blade in...
  2. Re: IPS Protect internal hosts only - recommendation

    Not exactly, if you have an R80.10 gateway IPS can be managed in the same TP profile and policy layer as the other four Threat Prevention blades. As such you can use columns such as Protected Scope...
  3. Re: IPS Protect internal hosts only - recommendation

    It will be inspected by IPS.



    Whether the traffic is reverse (or return), doesn't matter. If the packet is trying to leave towards an interface marked as Internal it will be inspected by IPS.
  4. Re: IPS Protect internal hosts only - recommendation

    Not came from (ingress), but leaving on (egress) is what this setting impacts. What interface the traffic arrived on originally is not relevant to this IPS setting. DMZs are considered equivalent...
  5. Re: IPS Protect internal hosts only - recommendation

    All that matters is whether the interface is set to Internal or External on the Topology page of each interface. Pretty sure this setting does not care about the IP addressing.

    However your...
  6. Re: IPS Protect internal hosts only - recommendation

    I covered this pretty thoroughly in my book, here is the text:

    Perform IPS Inspection on all Traffic This is typically the default setting. All
    traffic regardless of direction has IPS...
Results 1 to 6 of 6