Skip navigation
All Places >

Threat Prevention

Log in to follow, share, and participate in this community.

Recent Activity

Pedro Amaral
Hi Mates,   After the upgrade to R80.10 on a MDS, hosting 5 CMAs, we are facing a very strange issue and until now the struggle is huge but no luck on sorting it out.   In one of the CMA we need to make some tweaks on “Inspections Settings” for both FTP and MGCP and somehow we don’t have such settings available to manage. In fact we only 9 of them… (Show more)
in Threat Prevention
Matt Parfitt
Content Awareness in R80.10 - A user is trying to download some packages from a program called Unity and some are failing to download. After looking through the logs I repeatedly see a log that is blocking and the reason is 'Blocking request as configured in engine settings of Content Awareness.    Reason 1 - Content Awareness - Error while… (Show more)
in Threat Prevention
John Paul Hayes
Hi Folks,    We operate a web platform completely hosted in AWS.    A new client we have requires that we use Sandblast to scan documents before they are sent to them. Sandblast looks to be the software for the job.    The usage scenario is we store the documents in an AWS S3 bucket and have them scanned there. A piece of middleware will send… (Show more)
in Threat Prevention
Philipp Philippov
Hello Guys, What approaches do you use to exclude multitude of .cab files which are part of Windows and Office updates from Threat Emulation without blocking all the .cab files in general? I tried to add a global exception to threat prevention policy based on sites (*.windowsupdate.com and etc), but it seems to me it does not work. I am very… (Show more)
in Threat Prevention
Brianpiraty Alexi
Any one has good documentation link for checkpoint IPS configuration R 80.10 with IPS policy update   (a) can you describe the Performance impact and confidence level parameters
in Threat Prevention
Matt Parfitt
We are seeing a lot of email being rejected by postfix, some of which is legitimate email that should be delivered.   What I'm seeing from the maillog is logs such as the following;   NOQUEUE: reject: RCPT from unknown[Our IP Address]: 554 5.7.1 <Internal Email address>: Recipient address rejected: Access denied; from=<External Email Address>… (Show more)
in Threat Prevention
Mark Holmes
Hi,   Is it possible for a mail alert to be generated when a specific IPS protection is triggered, as well as logging it to the log?   We have SmartEvent R80 but otherwise a dedicated logging and management running R77.30. I'm not finding a clear answer that I can have both mail alerting and for it to be logged at the same time.   Thanks
in Threat Prevention
Libin Thomas
Team,   Can we create Multiple threat prevention profile in R80.10 , One profile with AV & AB blade enabled with prevent action and the other profile is having only IPS enabled .
in Threat Prevention
Jamie Thatcher
Hi CheckMates,   I'm trying to pickup a word in DLP using a case sensitive weighted keyword.    Ive tried a few variations of regular expressions but none seem to work, Can anyone help?   Thanks Jamie
in Threat Prevention
Jan de Gier
Hi Checkmates,   I recently enabled IPS in detect mode to make sure that I have all false positives removed before enabling in prevent mode.   One of the false positives is coming from a monitoring system, that I want to create an exception for. The monitoring system detects "Brute force scanning of CIFS ports".   I tried to create a global… (Show more)
in Threat Prevention
Load more items