CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.

First, I hope you're all well and staying safe.
Second, I want to give a "heads up" that you should see more activity here shortly, and maybe a few cosmetic changes.
I'll post more details to the "Announcements" forum soon, so be on the lookout. -E


Results 1 to 2 of 2

Thread: Threat Protections and SSL Inspection

  1. #1
    Join Date
    Rep Power

    Default Threat Protections and SSL Inspection

    I am currently assessing our IPS blade configuration and am wondering how much of a role SSL inspection plays in IPS Threat Protections. I would assume that Threat Protections without SSL inspection would be better than no Threat Protections at all but, is the inspection of encrypted traffic a major contribution to the effectiveness of Threat Protection? Thank you!

  2. #2
    Join Date
    DFW, TX
    Rep Power

    Default Re: Threat Protections and SSL Inspection

    It depends if you offer or use unencrypted services. For example, if you host an FTP site or if you access somebody else's, then IPS, threat emulation, and so on could see the traffic and provide some protection.

    The overwhelming majority of traffic you are likely to care about is encrypted, though. Even DNS is moving towards encryption with DNS-over-HTTPS. If your traffic is encrypted, then you need SSL inspection to get any protection out of any of the deep inspection features. If the firewall can't see that the traffic is malicious, it can't respond to it.

Similar Threads

  1. R80.40 Threat Prevention Profiles - What are you doing?
    By TheDroppedPacket in forum R80.40
    Replies: 0
    Last Post: 2020-09-18, 10:50
  2. mobile threat protection
    By jflemingeds in forum Miscellaneous
    Replies: 0
    Last Post: 2017-01-04, 02:12
  3. Threat database Update in VSX
    By ba3113 in forum VPN-1 VSX
    Replies: 3
    Last Post: 2016-12-19, 03:09
  4. IPS Geo Protections
    By armando.ferreira in forum Geo Protection
    Replies: 4
    Last Post: 2010-08-16, 11:22
  5. Protocol inspection, how deep the inspection?
    By blackberry in forum Content Security/Security Servers/CVP/UFP
    Replies: 1
    Last Post: 2006-07-14, 05:17


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts