topic Re: How to defend DGA attack in Firewall and Security Management https://community.checkpoint.com/t5/Firewall-and-Security-Management/How-to-defend-DGA-attack/m-p/107169#M14350 <P>yes, AB IPS AV all active.</P><P>I think the DGA does not stand for the attack has occurred, for the worst I enabled the IPS ,AB,AV blades for the local server.</P> Thu, 07 Jan 2021 01:30:57 GMT larry 2021-01-07T01:30:57Z How to defend DGA attack https://community.checkpoint.com/t5/Firewall-and-Security-Management/How-to-defend-DGA-attack/m-p/107117#M14335 <P>the cyble states or situation awareness has reported this dangerous domain-name.&nbsp;</P><P>Users can access my localserver through this DGA domain-name.</P><P>And the traffic came from outside, so what I should do with the Security Gateways?</P><P>I have add a TP strict profile to the local server, anything else?</P> Wed, 06 Jan 2021 09:36:41 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/How-to-defend-DGA-attack/m-p/107117#M14335 larry 2021-01-06T09:36:41Z Re: How to defend DGA attack https://community.checkpoint.com/t5/Firewall-and-Security-Management/How-to-defend-DGA-attack/m-p/107120#M14337 <P>First and foremost, do you have Anti-Bot active in your TP profile?</P> Wed, 06 Jan 2021 12:06:05 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/How-to-defend-DGA-attack/m-p/107120#M14337 _Val_ 2021-01-06T12:06:05Z Re: How to defend DGA attack https://community.checkpoint.com/t5/Firewall-and-Security-Management/How-to-defend-DGA-attack/m-p/107169#M14350 <P>yes, AB IPS AV all active.</P><P>I think the DGA does not stand for the attack has occurred, for the worst I enabled the IPS ,AB,AV blades for the local server.</P> Thu, 07 Jan 2021 01:30:57 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/How-to-defend-DGA-attack/m-p/107169#M14350 larry 2021-01-07T01:30:57Z Re: How to defend DGA attack https://community.checkpoint.com/t5/Firewall-and-Security-Management/How-to-defend-DGA-attack/m-p/107170#M14351 <P>A TAC case is probably a good idea here.</P> Thu, 07 Jan 2021 01:44:26 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/How-to-defend-DGA-attack/m-p/107170#M14351 PhoneBoy 2021-01-07T01:44:26Z Re: How to defend DGA attack https://community.checkpoint.com/t5/Firewall-and-Security-Management/How-to-defend-DGA-attack/m-p/107186#M14354 <P>Second that</P> Thu, 07 Jan 2021 07:48:18 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/How-to-defend-DGA-attack/m-p/107186#M14354 _Val_ 2021-01-07T07:48:18Z