Skip navigation
All Places >

Threat Prevention

Log in to follow, share, and participate in this community.

Recent Activity

Santiago Platero
Hi community long time no see (dunno why these days can't login to CheckMates), I'm seeing some strange things in the Firewall and Threat Emulation logs, but first some context:   - R80.20 GA Management - R80.10 Security Gateway, with Threat Emulation blade enabled (emulation occurs in the Check Point Cloud), MTA enabled and imported the SSL… (Show more)
in Threat Prevention
Jorge Abraham
Return-Path: <> X-Original-To: jorgea@localhost Delivered-To: jorgea@localhost Received: from localhost (dateclinux []) by ( with ESMTP id D51942B56E for <jorgea@localhost>; Mon, 12 Nov 2018 09:08:28 -0300 (ART) Delivered-To: Received: from… (Show more)
in Threat Prevention
Miguel Sanchez
As far as we know, IPS signatures that look for SSL/TLS details like the version, do so in common SSL/TLS ports like TCP 443. We get that inspecting for SSL/TLS on every port will degrade performance, but it would be nice if the admin had the option to enable SSL/TLS inspection on IPS signatures in non-common ports.   This might be needed in…
Harald Hansen
The new Anti Virus blade does not support FTP (and POP3). Do you have any roadmap when this will be supported?   We have to enable traditional antivirus in this case, though we would prefer not to.   Refer to sk33893 (1). 
in Threat Prevention
Chris Butler
Thought you all might find this article about Israel and Transportation Security.   'Plane Hacker' Roberts: I put a network sniffer on my truck to see what it was sharing. Holy crap! • The Register 
in Threat Prevention
Michael Horne
Click to view contentHello,   I am a bit of the Threat Protection / IPS newbie.  I have done a bit of a search for this issue, but I do not find something matching   There is a service definition for MySQL that matches TCP port 3306. We have an SAP application that is also using TCP port 3306, but not for MySQL.  This was triggering an IPS event that was in… (Show more)
in Threat Prevention
Jeroen Demets
Hi,  what are you folks using as Main URL to allow users to get the original attachments? When Threat Extraction is active, you can configure it so that users can get the original attachment by clicking "here" in the banner that they see in the mail. The configuration for the target of "here" is not done in the Threat Extraction config settings… (Show more)
in Threat Prevention
Aleksandr Kravchenko
There is a local Sandblast R77.30. In the settings of Threat Emulation there is an Excluded Mail Address, and the antivirus does not.   Very need for couples addresses. Is there any way around that? Can somewhere in config files?
in Threat Prevention
Evgeniy Olkov
Can I find offline (or online) list of all Check Point IPS protections with tags (vendor, product, etc)? We can see all tags in SmartConsole, but it's not comfortable when you are planning IPS pollicy. Our customer want a document with all possible IPS tags.
in Threat Prevention
avisheen shetty
Has anyone faced issue CPU spikes on the checkpoint cluster while downloading Commvault packages. I am currently facing CPU spikes to almost 100% when i try to download Commvault packages using the installer. This has been observed on a cluster of 5600 appliances and 5900 appliances as well.   These firewalls have all the blades enabled 
in Threat Prevention
Load more items