https://community.checkpoint.com/t5/General-Topics/Software-Blade/m-p/16164#M2714 <HTML><HEAD></HEAD><BODY><P>Thank you</P></BODY></HTML> Tue, 05 Dec 2017 08:18:50 GMT Di_Junior 2017-12-05T08:18:50Z https://community.checkpoint.com/t5/General-Topics/Software-Blade/m-p/16160#M2710 <HTML><HEAD></HEAD><BODY><P>Hi Guys,</P><P></P><P>I have a doubt about IPS software blade. I would like to know if it is possible to limit the number of connections to an internal host using the IPS software blade.</P></BODY></HTML> Mon, 04 Dec 2017 15:48:47 GMT https://community.checkpoint.com/t5/General-Topics/Software-Blade/m-p/16160#M2710 Di_Junior 2017-12-04T15:48:47Z https://community.checkpoint.com/t5/General-Topics/Software-Blade/m-p/16161#M2711 <HTML><HEAD></HEAD><BODY><P>Hi Dialu,</P><P></P><P>Of course you can, please check the following IPS Protections (and Inspection Settings on R80.X):</P><UL><LI>Network Quota (limit the number of connections allowed from the same source)</LI><LI>Review the "Web Servers Flooding Denial of Service" protections (for HTTP, UDP and SSL)</LI><LI>Review the "Denial of Service" protections in general (some of them allow you to configure parameters of inspection)</LI></UL><P></P><P>Regards.</P></BODY></HTML> Mon, 04 Dec 2017 19:53:06 GMT https://community.checkpoint.com/t5/General-Topics/Software-Blade/m-p/16161#M2711 KennyManrique 2017-12-04T19:53:06Z https://community.checkpoint.com/t5/General-Topics/Software-Blade/m-p/16162#M2712 <HTML><HEAD></HEAD><BODY><P>If SecureXL is enabled the best way to do this is using the Rate Limiting feature described in the R77 Security Gateway Technical Administration Guide.&nbsp; Command is <STRONG>fw samp add quota </STRONG>as shown here:</P><P></P><P><IMG alt="" class="image-1 jive-image j-img-original" src="https://community.checkpoint.com/legacyfs/online/checkpoint/61201_samp.jpg" style="width: 620px; height: 280px;" /></P><P></P><P>Using the IPS Network Quota signature will work as well, but will pretty much eliminate any chance of SecureXL accelerating anything whatsoever on the firewall.</P><P></P><P>--<BR /> My Book "Max Power: Check Point Firewall Performance Optimization" <BR /> Second Edition Coming Soon</P></BODY></HTML> Mon, 04 Dec 2017 23:11:35 GMT https://community.checkpoint.com/t5/General-Topics/Software-Blade/m-p/16162#M2712 Timothy_Hall 2017-12-04T23:11:35Z https://community.checkpoint.com/t5/General-Topics/Software-Blade/m-p/16163#M2713 <HTML><HEAD></HEAD><BODY><P>Thank you.</P></BODY></HTML> Tue, 05 Dec 2017 08:18:39 GMT https://community.checkpoint.com/t5/General-Topics/Software-Blade/m-p/16163#M2713 Di_Junior 2017-12-05T08:18:39Z https://community.checkpoint.com/t5/General-Topics/Software-Blade/m-p/16164#M2714 <HTML><HEAD></HEAD><BODY><P>Thank you</P></BODY></HTML> Tue, 05 Dec 2017 08:18:50 GMT https://community.checkpoint.com/t5/General-Topics/Software-Blade/m-p/16164#M2714 Di_Junior 2017-12-05T08:18:50Z