CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


Tim Hall has done it again! He has just released the 2nd edition of "Max Power".
Rather than get into details here, I urge you to check out this announcement post.
It's a massive upgrade, and well worth checking out. -E

 

Results 1 to 3 of 3

Thread: Policy installation takes long time

  1. #1
    Join Date
    2015-03-31
    Posts
    36
    Rep Power
    0

    Default Policy installation takes long time

    Hi Team,

    I'm running my environment with Distributed architecture and managing 2 cluster objects contains 2 firewalls on each cluster.
    The rulebase has nearly 350 rules for each cluster and no of objects are near to 1800.
    After Ransomware attack we started blacklisting IP addresses which is used to given by threat advisory team on daily basis.
    Now the no of objects increased to 5800 and it's growing day by day.
    On initial days it took less than 1.5 minutes for policy saving, verification and installation.
    But now a days it takes almost 2 minutes or sometimes even more for saving the policy itself.
    Verification and installation takes almost more than 5 minutes.
    Am afraid what will happen in future when the no of objects increasing more than 10000 or odd.

    I have 2 queries:
    1.Is there any way to find out objects which never get hits inside the rule which configured long back.
    2. Is there any other way to blacklist the botnet IP addresses

  2. #2
    Join Date
    2012-07-10
    Location
    Zurich, Switzerland
    Posts
    252
    Rep Power
    7

    Default Re: Policy installation takes long time

    Blocking individual IP addresses is does not help prevent attacks from botnets, since you will never be fast enough to adopt to their dynamics.
    A properly designed security policy combined with the IPS and Antibot-Blade will block the bad guys anyway.
    Ransomware attacks are distributed in most cases by malicious e-mails, and there are the threat emulation/exctraction blades meant for.

  3. #3
    Join Date
    2009-04-30
    Location
    Colorado, USA
    Posts
    2,193
    Rep Power
    13

    Default Re: Policy installation takes long time

    Quote Originally Posted by iamramu92 View Post
    Hi Team,

    I'm running my environment with Distributed architecture and managing 2 cluster objects contains 2 firewalls on each cluster.
    The rulebase has nearly 350 rules for each cluster and no of objects are near to 1800.
    After Ransomware attack we started blacklisting IP addresses which is used to given by threat advisory team on daily basis.
    Now the no of objects increased to 5800 and it's growing day by day.
    On initial days it took less than 1.5 minutes for policy saving, verification and installation.
    But now a days it takes almost 2 minutes or sometimes even more for saving the policy itself.
    Verification and installation takes almost more than 5 minutes.
    Am afraid what will happen in future when the no of objects increasing more than 10000 or odd.

    I have 2 queries:
    1.Is there any way to find out objects which never get hits inside the rule which configured long back.
    2. Is there any other way to blacklist the botnet IP addresses
    Management version? Standalone or distributed? Kind of important in this case ...
    --
    Second Edition of my "Max Power" Firewall Book
    Now Available at http://www.maxpowerfirewalls.com

Similar Threads

  1. Smart 1-205 Policy installation takes too long
    By bhavinjbhatt in forum R77.20
    Replies: 6
    Last Post: 2016-08-05, 07:04
  2. Replies: 0
    Last Post: 2013-04-14, 10:39
  3. Policy installation takes long on R70
    By vbavbalist in forum SmartDashboard
    Replies: 2
    Last Post: 2012-06-22, 12:40
  4. create object via dbedit takes a long time
    By cciesec2006 in forum Security Management Server (Formerly SmartCenter Server ((Formerly Management Server))
    Replies: 2
    Last Post: 2010-01-19, 04:19
  5. fw logexport Takes a long time or Crashes
    By Barry J. Stiefel in forum SmartView Tracker
    Replies: 0
    Last Post: 2005-08-13, 13:56

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •