- Products
- Learn
- Local User Groups
- Partners
- More
What's New in R82.10?
Watch HereWhen the Agents Attack
A Live Look at Agentic Exposure Validation
AI Security Masters E8:
Claude Mythos: New Era in Cyber Security
CheckMates Go:
CheckMates Fest
I'm looking to finally move to updatable objects off of the legacy geo protection policy. I'm looking for suggestions on the best way to do this. I'm not getting much guidance from support other than general information on updatable objects. The only info I can really find is the below SK. It just doesn't have a ton of info on the transition process. How did you all do this? Did you just use that command in the SK to hide the old shared geo policy and make a new access policy? How do I ensure the old policy isn't on or being enforced? Are you making a separate policy layer for geo protection or just adding rules to the top of your current access policy? Does anyone have any recommended geo policies they are willing to share as an example?
Thats it...just use the sk and use geo updatable objects as source to dst any block and other way around (if needed). I always place geo rules on very top.
Push policy, done.
Thats it...just use the sk and use geo updatable objects as source to dst any block and other way around (if needed). I always place geo rules on very top.
Push policy, done.
I'm guessing instead of the separate exception section, you just make a rule above your geo rules to allow an exception?
YES SIR!
Hey Kevin,
Just wanted to check if you were able to get this sorted out?
Mostly... I set the old geo policy under shared policies to inactive and pushed out some new rules at the top of my rule base to block unwanted countries. Then I tried running $FWDIR/scripts/reload_env_vars.sh -u "disableHiddenGeoPolicy" on my SMS per sk126172 to hide the old geo policy under shared policies. It didn't work. It's still there under shared policies. I'm working with support to figure out why. Nothing yet. Has anyone else run into this?
I think that sk has steps how to hide old geo legacy policy?
Leaderboard
Epsum factorial non deposit quid pro quo hic escorol.
| User | Count |
|---|---|
| 66 | |
| 22 | |
| 7 | |
| 6 | |
| 5 | |
| 4 | |
| 4 | |
| 3 | |
| 2 | |
| 2 |
Thu 09 Jul 2026 @ 10:00 AM (CEST)
Schutz souveräner Workloads: Check Point & die AWS European Sovereign CloudThu 09 Jul 2026 @ 11:00 AM (CEST)
The Cloud Architects Series: Check Point Edge Protection SD-WAN & SASEThu 09 Jul 2026 @ 11:00 AM (EDT)
Tips and Tricks 2026 #9 - What's New with Check Point Email SecurityFri 10 Jul 2026 @ 11:00 AM (IDT)
CheckMates Live Netherlands - Sessie 48: Nieuwe Check Point Workspace SecurityTue 14 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E11: READY OR NOT: Securing the AI Enterprise 3/5 - AI Workforce SecurityThu 30 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E12: READY OR NOT: Securing the AI Enterprise 4/5 - AI GatewayThu 09 Jul 2026 @ 11:00 AM (EDT)
Tips and Tricks 2026 #9 - What's New with Check Point Email SecurityFri 10 Jul 2026 @ 11:00 AM (IDT)
CheckMates Live Netherlands - Sessie 48: Nieuwe Check Point Workspace SecurityTue 14 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E11: READY OR NOT: Securing the AI Enterprise 3/5 - AI Workforce SecurityThu 30 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E12: READY OR NOT: Securing the AI Enterprise 4/5 - AI GatewayThu 20 Aug 2026 @ 10:00 AM (PDT)
AI Security Masters E13: READY OR NOT: Securing the AI Ent 5/5 - AI Research & Threat LandscapeAbout CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY