Skip navigation
All Places >

Threat Prevention

Log in to follow, share, and participate in this community.

Recent Activity

Enis Dunic
IPS inspection requires additional CPU and memory resources to handle the incoming packets. If your CPU utilization is under heavy load IPS inspection will be disabled.    From CheckPoint:   Special IPS Bypass mechanism automatically disables all IPS protections (by placing them under exception), when it detects that the certain CPU utilization… (Show more)
in Threat Prevention
Kris Meldrum
Hi All, I'm looking for a way within R80.10 to see a timestamp for when the last Threat Prevention (but more specifically, IPS) policy was installed. I know I can see firewall through fw stat. IPS stat only shows me that it is enabled and the signature update number which doesn't help for my use case. Is there a way to see when IPS or Threat… (Show more)
in Threat Prevention
Thomas Kundig
Dear all,   I would like to activate ICAP server on a Sanblast appliance in r80.10 managed by a management also in r80.10. The only documentation that I find is to activate on the r77.30 or on a r80.10 but managed by a R80.20.   ICAP and Sandblast Appliance … (Show more)
in Threat Prevention
Olga Kuts
Hello!   Is it planned to releaze an IPS signature for CVE-2017-3737?
in Threat Prevention
Shivajith S
May I know how to block IPS based for Countries to block outside access to Particular segment . My scope is I need to block for VPN segment ,for example lets say my user are in UK ,I need to block access from china ,In IPS based ...how  to apply this ..  
in Threat Prevention
Bruce Pruitte
Trying to see if I can create a exception by domain name so sites that are hosted in countries that are blocked can still be accessed.  Running into issue to where sites hosted in the cloud are getting blocked when they are being hosted in countries that are blocked via geo policy..   Thanks for any and all responses..   Bruce 
in Threat Prevention
Dameon Welch Abernathy
As a follow-up to our Check Point R80.20 Demo TechTalk and Q&A session, we demonstrated the numerous usability enhancements with IPS Management and Gateway that are coming with the R80.20 release. Experts from R&D answered your IPS-related questions as well!   Tomer Sole Smadi Paradise Ofir Israel Raz Shlomo Avishai Duer   As this was… (Show more)
in Threat Prevention
Amit Singh
My question is related with IPS Protection signatures. I can see same protection name with number of times having different CVE number. As i understand that these protection release on the basis of respective windows version but If i select only latest release of signatures in Detect/Prevent , does it cover rest of release too of same protection… (Show more)
in Threat Prevention
Prashan Attanayake
what is the reason for happen this ? ;[cpu_2];[fw4_1];fw_log_drop_ex: Packet proto=6 x.x.x.x:30730 -> 10.2.200.50:80 dropped by fw_first_packet_state_checks Reason: First packet isn't SYN; ;[cpu_1];[fw4_2];fw_log_drop_ex: Packet proto=6 x.x.x.x:30731 -> 10.2.200.50:80 dropped by fw_first_packet_state_checks Reason: First packet isn't SYN;… (Show more)
in Threat Prevention
Carlos Jara
Hi,   We have a lot of "Host Port Scan" events in.   How can I avoid "Host Port Scan"?   In "Core Protecctions" we can only choice between "Accept" & "Inactive".   Could youo help me?  
in Threat Prevention
Load more items