https://community.checkpoint.com/t5/General-Topics/Inline-layer-Question/m-p/275261#M45971 <P>Short answer: It Depends.</P> <P>If you have access to/from different companies involved in your policy then an inline layer per company is definitely a good idea. You can use VPN communities or access roles in parent rules for inline layers if that makes sense for what you're doing. There's not one best practice that can fit them all so really it comes down to what makes sense for your traffic and for your administrators. My feeling is always that a policy that makes sense for the people maintaining it is usually better than trying to force people to adhere to some imagined gold standard that doesn't really fit the purpose.</P> Fri, 10 Apr 2026 10:53:31 GMT emmap 2026-04-10T10:53:31Z https://community.checkpoint.com/t5/General-Topics/Inline-layer-Question/m-p/275247#M45968 <P>Hi everyone,<BR />Is there a limit to the number of inline layers you can use?</P> Fri, 10 Apr 2026 08:22:59 GMT https://community.checkpoint.com/t5/General-Topics/Inline-layer-Question/m-p/275247#M45968 RemoteUser 2026-04-10T08:22:59Z https://community.checkpoint.com/t5/General-Topics/Inline-layer-Question/m-p/275248#M45969 <P>The limit is 251.</P> <P><A href="https://sc1.checkpoint.com/documents/R82.10/WebAdminGuides/EN/CP_R82.10_RN/Content/Topics-RN/Maximum-Supported-Items.htm?tocpath=Maximum%20Supported%20Items%20in%20R82.10%7C_____1#Management_Server" target="_blank">https://sc1.checkpoint.com/documents/R82.10/WebAdminGuides/EN/CP_R82.10_RN/Content/Topics-RN/Maximum-Supported-Items.htm?tocpath=Maximum%20Supported%20Items%20in%20R82.10%7C_____1#Management_Server</A>&nbsp;</P> Fri, 10 Apr 2026 08:30:10 GMT https://community.checkpoint.com/t5/General-Topics/Inline-layer-Question/m-p/275248#M45969 emmap 2026-04-10T08:30:10Z https://community.checkpoint.com/t5/General-Topics/Inline-layer-Question/m-p/275250#M45970 <P>thanks Emma,&nbsp;</P> <P>I have a task to set up, specifically to minimize the number of inline layers we’re using, given that this policy package contains more than 6,000 rules. How can we do this, considering that most of these rules are either S2S or specific access role rules for different companies? Are there any best practices for inline layers that I could use with access roles or S2S? Or is it always recommended to use point-based rules?</P> Fri, 10 Apr 2026 08:49:09 GMT https://community.checkpoint.com/t5/General-Topics/Inline-layer-Question/m-p/275250#M45970 RemoteUser 2026-04-10T08:49:09Z https://community.checkpoint.com/t5/General-Topics/Inline-layer-Question/m-p/275261#M45971 <P>Short answer: It Depends.</P> <P>If you have access to/from different companies involved in your policy then an inline layer per company is definitely a good idea. You can use VPN communities or access roles in parent rules for inline layers if that makes sense for what you're doing. There's not one best practice that can fit them all so really it comes down to what makes sense for your traffic and for your administrators. My feeling is always that a policy that makes sense for the people maintaining it is usually better than trying to force people to adhere to some imagined gold standard that doesn't really fit the purpose.</P> Fri, 10 Apr 2026 10:53:31 GMT https://community.checkpoint.com/t5/General-Topics/Inline-layer-Question/m-p/275261#M45971 emmap 2026-04-10T10:53:31Z