I have recently joined the checkmates forum, I wanted to start a new pots but seem unabel to at the moment.
Please consider this scenario.........................
There are multiple devices on two networks with a Checkpoint FW in between the two networks. The networks contain Operational Technology devices in a manufacturing environment. Due to organic growth and mis-management there are many ANY-ANY rules on the FW. This needs to be remediated; however, there are legacy systems that current operatives don't have any history of. i.e. we don't know the traffic flows or the ports that need to be enebaled/disabled to effectivly manage the traffic. Is there a Learning Mode on the CP FW that would be able to monitor and report traffic flows over a period of time ?
CP FW model unknown at the moment but can provide if needed.