https://community.checkpoint.com/t5/Firewall-and-Security-Management/Threat-Prevention-IPS-policy/m-p/148976#M55433 <P>Hi All</P><P>Can anyone clarify for me the below</P><P>1.Under the Threat Prevention, I see IPS and threat prevention layers, yet IPS is enabled on the Threat Prevention profile anyway.</P><P>Is the IPS layer just there for pre R80 or R77 software from when it was upgraded and is no longer needed?</P><P>&nbsp;</P><P>2.Under the Threat prevention rule, if we click on the arrow, we get E-1.1 etc, are these just all the exceptions which also can be accessed under the Exceptions menu also?</P><P>&nbsp;</P><P>cheers</P> Thu, 19 May 2022 08:40:17 GMT carl_t 2022-05-19T08:40:17Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Threat-Prevention-IPS-policy/m-p/148976#M55433 <P>Hi All</P><P>Can anyone clarify for me the below</P><P>1.Under the Threat Prevention, I see IPS and threat prevention layers, yet IPS is enabled on the Threat Prevention profile anyway.</P><P>Is the IPS layer just there for pre R80 or R77 software from when it was upgraded and is no longer needed?</P><P>&nbsp;</P><P>2.Under the Threat prevention rule, if we click on the arrow, we get E-1.1 etc, are these just all the exceptions which also can be accessed under the Exceptions menu also?</P><P>&nbsp;</P><P>cheers</P> Thu, 19 May 2022 08:40:17 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Threat-Prevention-IPS-policy/m-p/148976#M55433 carl_t 2022-05-19T08:40:17Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Threat-Prevention-IPS-policy/m-p/149081#M55434 <P>If you don’t manage any pre-R80 gateways, you can remove the IPS layer.</P> <P>The Threat Prevention exceptions may or not be listed as rules in the policy as the policy can be more granular.</P> Fri, 20 May 2022 01:28:48 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Threat-Prevention-IPS-policy/m-p/149081#M55434 PhoneBoy 2022-05-20T01:28:48Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Threat-Prevention-IPS-policy/m-p/149113#M55435 <P>To further expand on what PhoneBoy said, here is the relevant page from my IPS/AV/ABOT video series that fully explains the&nbsp;Legacy IPS layer and how to get rid of it:</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="IPS_Legacy.png" style="width: 999px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/16649i0810A863733907AE/image-size/large?v=v2&amp;px=999" role="button" title="IPS_Legacy.png" alt="IPS_Legacy.png" /></span></P> Fri, 20 May 2022 12:41:27 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Threat-Prevention-IPS-policy/m-p/149113#M55435 Timothy_Hall 2022-05-20T12:41:27Z