CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


CPUG Challenge 2018?? We will be holding another CPUG Challenge for 2018.
The plan is to time it around CPX again (earlier this year), but not necessarily limit it to those in attendance.
I'll provide more details as we get a bit closer, but be ready! -E

 

Results 1 to 4 of 4

Thread: R77.30 DLP using large Data Dictionary ~3Million Identities.

  1. #1
    Join Date
    2010-03-04
    Location
    SW OH
    Posts
    12
    Rep Power
    0

    Default R77.30 DLP using large Data Dictionary ~3Million Identities.

    I would like to hear from those using Check Point DLP and processing traffic against a large Data Type dictionary.

    1. How did you load the dictionary, CP DLP documentation isn't really clear on formats supported.
    • Are CSV Files Supported or did you write custom CPCode?
    • Can the CSV files have multiple columns per row (fname, lname, ssn, mrn, etc)?
    • Match against multiple data value (example fname + ssn = match)


    2. Anyone running large data dictionaries approximately 3 Million identities with associated data?

    3. Gotchas to keep in mind would be nice. Planning on an integrated deployment model, FW, App, IPS, AV and DLP. on large appliances.

    Sorry, I can't be more specific due to NDA restrictions.

    Regards.

  2. #2
    Join Date
    2009-04-30
    Location
    Colorado, USA
    Posts
    2,088
    Rep Power
    12

    Default Re: R77.30 DLP using large Data Dictionary ~3Million Identities.

    DLP received a substantial overhaul in R80 and subsequent gateway releases. It will be called "Data Awareness".
    --
    My Book "Max Power: Check Point Firewall Performance Optimization"
    Second Edition Coming Soon

  3. #3
    Join Date
    2006-03-08
    Location
    Lausanne
    Posts
    1,016
    Rep Power
    13

    Default Re: R77.30 DLP using large Data Dictionary ~3Million Identities.

    Quote Originally Posted by ShadowPeak.com View Post
    DLP received a substantial overhaul in R80 and subsequent gateway releases. It will be called "Data Awareness".
    And we know why it is awareness and not control anymore :-)
    -------------

    Valeri Loukine
    CCMA, CCSM, CCSI
    http://checkpoint-master-architect.blogspot.com/

  4. #4
    Join Date
    2006-10-25
    Location
    Wisconsin
    Posts
    17
    Rep Power
    0

    Default Re: R77.30 DLP using large Data Dictionary ~3Million Identities.

    Quote Originally Posted by ShadowPeak.com View Post
    DLP received a substantial overhaul in R80 and subsequent gateway releases. It will be called "Data Awareness".
    Little clarification on this. DLP is pretty much the same in R80.x land. What is new is the addition of what they are calling the Content Awareness blade and it is DLP-lite and not nearly as resource intensive. It will be managed within the Access Control policy as a separate column if it is enabled on that particular layer.

Similar Threads

  1. Large Downloads getting Corrupted
    By rohit88sood in forum Firewall Blade
    Replies: 10
    Last Post: 2014-06-12, 19:57
  2. daily log files are too large
    By bollano in forum Firewall Blade
    Replies: 1
    Last Post: 2012-06-22, 19:57
  3. log file that is too large
    By bollano in forum SmartView Tracker
    Replies: 2
    Last Post: 2012-06-19, 17:02
  4. Best practices for large environments?
    By Carsten in forum Identity Awareness Blade
    Replies: 0
    Last Post: 2011-02-23, 08:48
  5. NGX large FTP failures
    By petronius in forum Services (TCP, UDP, ICMP, etc.)
    Replies: 1
    Last Post: 2006-07-28, 10:32

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •