CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.

First, I hope you're all well and staying safe.
Second, I want to give a "heads up" that you should see more activity here shortly, and maybe a few cosmetic changes.
I'll post more details to the "Announcements" forum soon, so be on the lookout. -E


Results 1 to 2 of 2

Thread: Broadcast & Noisy traffic rules

  1. #1
    Join Date
    Rep Power

    Default Broadcast & Noisy traffic rules

    Hi Peeps

    im trying to define a noisy traffic + broadcast rule within CP 4800 , just to keep the logs little bit manageable. Question is what sort of objects required ? , services i need to specify ? drop or reject



  2. #2
    Join Date
    Bath, UK
    Rep Power

    Default Re: Broadcast & Noisy traffic rules

    Hello CiscoGuy!

    I am no expert and do not claim this to be best practice but what I have configured on our firewalls is as follows (these rules are located just above the cleanup).

    Source:any Destination:any Service: ICMP-Requests Action: (Depending on your company policy) Drop/Accept dont log (can enable logging for troubleshooting)
    Source:any Destination:any Service: NBT(predefined) Action: drop, dont log
    Source:any Destination:any Service: Netvault (Backup software that is noisy if you use it) Action: Drop (Ensure you have specific rules above if you use it, otherwise backups will fail), dont log

    Just a few examples from a few of our firewalls.

    Also, if you do not care what traffic is dropped, and are able to enable the logging for troubleshooting you can just not log on your cleanup.

    Even without enabling the logging on the cleanup, providing you are not running SecureXL at the time you can use the following command to see what is being dropped in real time: fw ctl zdebug drop

    Hope this helps.


Similar Threads

  1. Replies: 1
    Last Post: 2012-02-24, 11:06
  2. Replies: 13
    Last Post: 2009-12-18, 12:30
  3. QOS Rules Inbound & Outbound
    By soundsfuzzy in forum QoS (Quality of Service) (Formerly FloodGate-1)
    Replies: 0
    Last Post: 2006-09-07, 20:46
  4. Import Rules & Objects
    By Waylander in forum Miscellaneous
    Replies: 3
    Last Post: 2006-09-05, 11:23
  5. Blocking P2P & IM Traffic
    By spootnicks in forum IPS Blade (Formerly SmartDefense)
    Replies: 4
    Last Post: 2006-05-30, 04:33


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts