CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.

** Announcing the #CPUGchallenge **

I'm very happy to announce that CPUG will be hosting "The CPUG Challenge" during CPX this year.
It promises to be a fun and interesting event that will test (and maybe even expand) your knowledge of R80.10.
Whether or not you plan to attend CPX, we have something for you. Please check out this post or the CPUGchallenge.com web site for more information. -E


Results 1 to 2 of 2

Thread: Checkpoint Next Generation Inspection Flow

  1. #1
    Join Date
    Rep Power

    Default Checkpoint Next Generation Inspection Flow


    I would appreciate expert help to clarify an Checkpoint Next Generation inspection.I understand first checkpoint rulebase process through Kernal and rest of the prevention blade is handled by user process.Could you please advise what would be the inspection order for Next Generation inspection flow.
    My understanding is following

    1. IPSec VPN Decryption
    2. Security Rule Base
    3. IPS
    5. URL/Application Filtering : Its works on same time on packet to detect and block.
    6. Anti-virus/AntiBot - Its works on same time on packet to detect and block.
    7. HTTP Inspection
    8. IPSEC VPN Encryption

    I might be wrong but I need your help to understand how inspection engine will work.

  2. #2
    Join Date
    Rep Power

    Default Re: Checkpoint Next Generation Inspection Flow

    Explained multiple times, for example here:


    Valeri Loukine

Similar Threads

  1. Cisco OTV/LISP for East to West VM Migrations and Checkpoint TCP Stateful Inspection
    By Peter-L in forum Clustering (Security Gateway HA and ClusterXL)
    Replies: 0
    Last Post: 2016-08-08, 07:47
  2. Replies: 3
    Last Post: 2015-11-04, 05:45
  3. Packet Flow in Checkpoint Firewall
    By gaurav.chopra in forum Check Point Firewall Administrator's Toolkit
    Replies: 12
    Last Post: 2015-05-11, 09:47
  4. Application Control & URL Filtering Inspection flow
    By gcampbe9 in forum Application Control Blade
    Replies: 4
    Last Post: 2014-12-03, 17:44
  5. Checkpoint PPTP connection inspection
    By susiar in forum Firewall Blade
    Replies: 3
    Last Post: 2013-12-30, 11:38


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts