I would appreciate expert help to clarify an Checkpoint Next Generation inspection.I understand first checkpoint rulebase process through Kernal and rest of the prevention blade is handled by user process.Could you please advise what would be the inspection order for Next Generation inspection flow.
My understanding is following
1. IPSec VPN Decryption
2. Security Rule Base
5. URL/Application Filtering : Its works on same time on packet to detect and block.
6. Anti-virus/AntiBot - Its works on same time on packet to detect and block.
7. HTTP Inspection
8. IPSEC VPN Encryption
I might be wrong but I need your help to understand how inspection engine will work.