Skip navigation
All Places >

Threat Prevention

Log in to follow, share, and participate in this community.

Recent Activity

Set as default view
CHINMAYA NAIK
CHINMAYA NAIK in Threat Prevention22 hours ago (Show more)
Click to view contentSetup MGMT Server : Open Server Security Gateway : 15600 TE Appliance MTA : Enabled   Requirement : Our requirement is that Threat Emulation or Antivirus should drop the mail if any other or unknown extension is attach in the mail. (Currently Checkpoint TE and AV blade support more than 90 file type [AV] and 65 file type by [TE] )    … (Show more)
in Threat Prevention
1 replyShow more activity
Mike Painter
Mike Painter in Threat Prevention1 year ago (Show more)
In short, it would be great if Check Point could interface with a vulnerability scanner to automatically configure IPS rules based off various parameters. Wishful thinking, perhaps?   For example, lets say anything with a CVSS of 1-4 is inactive, 5-7 is in detect, and 8-10 is protect. You could then run this against the Confidence and Performance… (Show more)
in Threat Prevention
10 repliesShow more activity
Matt J
Matt J in Threat Prevention1 day ago (Show more)
I am trying to setup inbound SSL Inspection for the first time for one of our websites we are deploying.    I am using a Digicert wildcard certificate that is imported on the CheckPoint and installed on the server itself. I have verified the whole cert chain is installed and that it's the same cert on the CheckPoint and the server.    If I turn… (Show more)
in Threat Prevention
3 repliesShow more activity
Sameer Ahammed
Sameer Ahammed in Threat Prevention3 days ago (Show more)
This is a signature triggered on ips. So i just wanted to know when it will trigger. Kindly help me with this
in Threat Prevention
2 repliesShow more activity
56aea48b-b5d0-442c-bce7-6bf75bbc04f5
56aea48b-b5d0-442c-bce7-6bf75bbc04f5 in Threat Prevention3 days ago (Show more)
Click to view contentDear  FW:23500     Version:R80.10       Hotfix:R80_10_JUMBO_HF_Bundle_T56_sk11638 I have set hold mode,refer to screenshots below: TP configuration as follow: But the log shows as follow: Description:                   Connection was allowed because background classification mode was set. See sk74120 for more information.… (Show more)
in Threat Prevention
4 repliesShow more activity
NAMKYUN KIM
NAMKYUN KIM in Threat Prevention4 days ago (Show more)
H All, I'm using Smart Console R80.10 version. I'm trying to send syslog from smartconsole to my log server. And then I'm gonna normalize syslog into serveral ports using regex. You know.. there are lots of syslog format. So, I would like to know syslog format case by case.   for example,  1. Traffic log 2. F/W log 3. ICMP log  etc,...  … (Show more)
in Threat Prevention
2 repliesShow more activity
Peter Elmer
Peter Elmer Employee in Threat Prevention4 days ago (Show more)
Office 365 Tenants based access can be enforced on the gateway in two different ways: using a dedicated Application Control signature or a custom RFE hot fix for R80.10. This documents is describing both options.
in Threat Prevention
2 commentsShow more activity
Peter Elmer
Peter Elmer Employee in Threat Prevention4 days ago (Show more)
Many government customers and some vertical markets require the gateway importing ‘Indicators of Compromise’ from intelligence sources relevant for this market. These indicators are available in the form of feeds providing information in the form of csv or STIX (Structured Threat Indication eXpression) format. This document describes how a Check…
in Threat Prevention
NAMKYUN KIM
NAMKYUN KIM in Threat Prevention4 days ago (Show more)
Hello All,   I'm using SmartConsole R80.10. But I would like to get IPS Signature list to analysis. Where could I get that? like pdf or excel something like text file.
in Threat Prevention
4 repliesShow more activity
Chanatip Adisaktrakool
Chanatip Adisaktrakool in Threat Prevention2 weeks ago (Show more)
Click to view contentHi guys,   I'm trying to test prevent attack by IPS software blade with CVE-2006-2369 but no luck. For this attack I use Radware Raptor Attack tool, Both of machines test is Radware Raptor tool, one act as Attacker and another one act as Server         Including Massscan Port Scanner not detect/prevent as well.     There is no any… (Show more)
in Threat Prevention
4 repliesShow more activity
Load more items