This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Christoph
Collaborator
‎2023-05-05 01:53 AM
Jump to solution

AppSec generating blocks in a detect policy plus customize docker

Hello

Today I have received reports that AppSec is blocking content on a "Detect Only" policy. I can reproduce this behavior.

Unfortunately, I can't find any blocking events at all. When the incident occurs, I receive an ID. When I put the ID (e.g. 40a005c0-35e2-48f8-b19c-dc2c87f81686) in "All Events", I get nothing. I can't find a field for this event.
Am I missing something? How can I find this block? I have opened a case for the original problem.

Another question. I am using a Check Point Cloudguard AppSec GW running Docker:

IMAGE COMMAND CREATED STATUS PORTS NAMES
cp_nginx_gaia "/usr/bin/entrypoint.sh nginx -g 'daemon off;'" 2 days ago Up 2 days ago cp_nginx_gaia

This image comes with a preconfigured timeout for web requests of 60 seconds (NGINX default).

I would like to increase this limit to i.e. 300s. Is there any way to achieve this and make this change permanent?

Cheers Christoph

 

0 Kudos
1 Solution

Accepted Solutions
yuvalmamka
Employee
Employee
‎2023-05-14 03:24 AM
Jump to solution

Hi Christoph,
As @_Val_ advised, for any technical issue you may have - please open a TAC case to get the fast and best response.

Regarding your question about the timeouts, you can configure different timeouts as you like via Advanced Settings.
Click here for more details in our Admin Guide.

View solution in original post

3 Replies
_Val_
Admin
Admin
‎2023-05-05 03:54 AM
Jump to solution

Please open a TAC case: https://help.checkpoint.com

0 Kudos
yuvalmamka
Employee
Employee
‎2023-05-14 03:24 AM
Jump to solution

Hi Christoph,
As @_Val_ advised, for any technical issue you may have - please open a TAC case to get the fast and best response.

Regarding your question about the timeouts, you can configure different timeouts as you like via Advanced Settings.
Click here for more details in our Admin Guide.

Christoph
Collaborator
‎2023-05-14 11:46 PM
In response to yuvalmamka
Jump to solution

Hey Yuval

The block was solved by a ticket and by you:)

The advanced dialog looks exactly as the information I was looking for. Thank you very much.

Best regards

Christoph

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
UPCOMING CLOUDMATES EVENTS
    All CloudMates Events