Skip navigation
All Places >

Threat Prevention

Log in to follow, share, and participate in this community.

Recent Activity

JunedRafeek kittur
How can I block Nmap scan from Outside? .    VAPT report submitted by external vendors used nmap to scan our network and checkpoint gave pretty much all the information which can used further for attacks. How can we block such request on checkpoint?   Sample ::    Starting Nmap 7.70 ( https://nmap.org ) at 2018-12-11 17:51  Standard Time Nmap… (Show more)
in Threat Prevention
Tom Nguyen
Hi,   With the R80.10 API, is there a way determine which IPS profile is tied to a gateway?  Basically, we have a large number of gateways and multiple IPS profiles and I would like to create a script that will eventually create a list with the name of the gateway and the associated IPS profile.   I'm trying to work backwards and I'm just stuck… (Show more)
in Threat Prevention
Sylvia Ross
In R75.X,R76 and R77.X there was the possibility to configure in the profile setting a troubleshooting mode. Is this feature in R80.10 for VM/Azure Cloud Template also available? I have not found this so far in documentation. Thank you for your support.
in Threat Prevention
Tim McColgan
I am really just looking to know, which certificate from my Exchange server should I be importing into the MTA configuration for TLS decryption/encryption? I was going to use a .cer certificate I exported for use in another area in my Checkpoint console for sending emails, but it looks like the MTA configuration wants a p12 cert. Screenshot… (Show more)
in Threat Prevention
Chandhrasekar Saravanan
Hello,   We are running CheckPoint R80.10 and have enabled IPS, Anti-Virus, Anti-Bot threat prevention blades. There is a requirement to block TLS1.0 traffic passing through the gateway. Just wondering how we can achieve this using our Threat Prevention blades.   Thanks, Chandru
in Threat Prevention
Nicholas Sheridan
Hi forum!   I recently installed with the help of a consultant some cloudguard firewalls.  As a side effect of my deployment we needed to integrate remote access with OSX clients, and apparently needed to permit http and https from everywhere to the firewalls IP address - apparently related to the remote access blade and supporting OSX.  So we… (Show more)
in Threat Prevention
Mikel Aanstoot
Hi, as briefly mentioned in my latest question we have moved from R77.30 to R80.10. In the Smart Event Policy we have noticed that for Thread Prevention some automatic reactions have moved to Legacy folder. Legacy suggest "old" and maybe superseded by something else. I cannot find any other setting however. Is this still a useful to configure in… (Show more)
in Threat Prevention
Mikel Aanstoot
Hello, I have configured DNS trap, first in R77.30 and we have now R80.10, according to sk74060. Also added an internal DNS server for better identification. We see some internal DNS trap alerts coming from internal DNS server. We cannot identify the real client who is actually making the DNS request. I think we have to correlate ourselves from… (Show more)
in Threat Prevention
Santiago Platero
Hi community long time no see (dunno why these days can't login to CheckMates), I'm seeing some strange things in the Firewall and Threat Emulation logs, but first some context:   - R80.20 GA Management - R80.10 Security Gateway, with Threat Emulation blade enabled (emulation occurs in the Check Point Cloud), MTA enabled and imported the SSL… (Show more)
in Threat Prevention
Jan Bucek
Hi,     we are software vendor and we faced with one of our custome false positive detection by CheckPoint Endpoint Security Anti-Malware.   My question is "Is there any way how to whitelist our binaries?" I mean some way how to send our binaries to Check Point for prevent scan and global whitelist to not met this false positive detection in… (Show more)
in Threat Prevention
Load more items