topic Re: Question about CIFS in Firewall and Security Management https://community.checkpoint.com/t5/Firewall-and-Security-Management/Question-about-CIFS/m-p/81883#M6339 If you do full protocol Inspection on CIFS traffic (either access or threat prevention), it cannot be inspected in fastpath.<BR />If it is allowed/bypassed by IP/port only (nothing protocol-specific), I believe it can be accelerated.<BR /><BR />sk106062 refers to a bug that was fixed in R80.10 related to IPS and other blades.<BR />The other SK you were probably looking at is an internal SK that was specific to R77.30, IPS, and disabling protocol inspections. Wed, 15 Apr 2020 01:04:22 GMT PhoneBoy 2020-04-15T01:04:22Z Question about CIFS https://community.checkpoint.com/t5/Firewall-and-Security-Management/Question-about-CIFS/m-p/81801#M6336 <P>Dear Experts,</P> <P>&nbsp;</P> <P>We have come cross 2 SK about the CIFS , in the <SPAN>sk153832 it states as below:</SPAN></P> <P><STRONG>CIFS full acceleration is not supported and should be taken as RFE in Solution Center.</STRONG></P> <P>&nbsp;</P> <P><SPAN>But in sk106062 , it explains that bypass the cifs&nbsp; can fully acceleated by Securexl :</SPAN></P> <P><STRONG>Pass the CIFS traffic and check that it is fully accelerated by SecureXL.</STRONG></P> <P><STRONG>Run&nbsp;<EM>fwaccel conns | grep '445'</EM>&nbsp;command.</STRONG></P> <P><STRONG>There should&nbsp;<EM>not</EM>&nbsp;be "S" flag or "F" flag for port 445 (CIFS traffic).</STRONG></P> <P>&nbsp;</P> <P><SPAN>Understand the CIFS can cause elephant flow , but may I know if there is conflicts between the 2 SKs?</SPAN></P> <P>&nbsp;</P> <P>&nbsp;</P> Tue, 14 Apr 2020 13:23:12 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Question-about-CIFS/m-p/81801#M6336 Hugo_Zhao 2020-04-14T13:23:12Z Re: Question about CIFS https://community.checkpoint.com/t5/Firewall-and-Security-Management/Question-about-CIFS/m-p/81883#M6339 If you do full protocol Inspection on CIFS traffic (either access or threat prevention), it cannot be inspected in fastpath.<BR />If it is allowed/bypassed by IP/port only (nothing protocol-specific), I believe it can be accelerated.<BR /><BR />sk106062 refers to a bug that was fixed in R80.10 related to IPS and other blades.<BR />The other SK you were probably looking at is an internal SK that was specific to R77.30, IPS, and disabling protocol inspections. Wed, 15 Apr 2020 01:04:22 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Question-about-CIFS/m-p/81883#M6339 PhoneBoy 2020-04-15T01:04:22Z