https://community.checkpoint.com/t5/General-Topics/Brute-force-attacks-on-Mobile-Access/m-p/239566#M39989 <P>In the last week, I've noticed regular brute force attacks on Mobile Access in the logs. I have 2FA enabled on Mobile Access and brute force protection configured through SmartEvent.</P><P>Is there anything else I could do to improve security? We only access Mobile Access from one country. Would it make sense to set up an access rule to restrict access?</P> Fri, 24 Jan 2025 16:25:29 GMT SubZer0 2025-01-24T16:25:29Z https://community.checkpoint.com/t5/General-Topics/Brute-force-attacks-on-Mobile-Access/m-p/239566#M39989 <P>In the last week, I've noticed regular brute force attacks on Mobile Access in the logs. I have 2FA enabled on Mobile Access and brute force protection configured through SmartEvent.</P><P>Is there anything else I could do to improve security? We only access Mobile Access from one country. Would it make sense to set up an access rule to restrict access?</P> Fri, 24 Jan 2025 16:25:29 GMT https://community.checkpoint.com/t5/General-Topics/Brute-force-attacks-on-Mobile-Access/m-p/239566#M39989 SubZer0 2025-01-24T16:25:29Z https://community.checkpoint.com/t5/General-Topics/Brute-force-attacks-on-Mobile-Access/m-p/239590#M39992 <P>Yes, though HTTPS is typically allowed through an implied rule.<BR />You might have to implement this using the Dos Mitigation commands:&nbsp;<A href="https://support.checkpoint.com/results/sk/sk112454" target="_blank">https://support.checkpoint.com/results/sk/sk112454</A>&nbsp;</P> Fri, 24 Jan 2025 23:18:41 GMT https://community.checkpoint.com/t5/General-Topics/Brute-force-attacks-on-Mobile-Access/m-p/239590#M39992 PhoneBoy 2025-01-24T23:18:41Z