- Products
- Learn
- Local User Groups
- Partners
- More
What's New in R82.10?
Watch HereWhen the Agents Attack
A Live Look at Agentic Exposure Validation
AI Security Masters E8:
Claude Mythos: New Era in Cyber Security
CheckMates Go:
CheckMates Fest
Hello
could you please guide me understanding how rule base checks are done with different layers?
for example i have one policy with 3 layers, 2 layers are shared. when the incoming connection comes will this mean it will first for thru first layer then second and third then get dropped or the first drop rule hit?
thank you
ismar
see this guide for clarity Layers in R80
see this guide for clarity Layers in R80
thank you great help
could you direct me to more detail explanation when defining Ordered layers?
do we only need clean up rule in last layer?
thank you
Please see the following guides for:
Regarding cleanup rules:
You don't have to define clean up rules explicitly. Each layer has an implicit cleanup rule - either any any accept, or any any drop.
In R7x SmartDashboard we had this generalized - implicit any any drop for the Firewall policy and implicit any any accept for the Application Control policy.
You can control the implicit cleanup rule when you edit a layer and go the the "Advanced" page:

Although it's usually a good best practice to create that cleanup rule explicitly on the rulebase.
And last thing from my on this topic, is it possibly to have 2 Firewall layers in one Policy?
Only for R80.10 GW's and above. Having more than 1 ordered layer for Firewall for pre-R80 GW's will fail policy installation.
Let me know if you have other questions for layers in R80. Other than the discussions that I've linked so far, you can also check the admin guide for general recommendations.
Is this also same for Inline Layer?
When will R80 be available for GW's?
Yes, inline layers have the same editor, and they have the same settings for the implicit cleanup rule.
Using inline layers requires an R80.10 GW, but because R80.10 will be a minor release, the Security Management server and SmartConsole applications are already prepared for designing this type of policies.
For R80.10 release date it is best to follow the Check Point Release Plan.
Leaderboard
Epsum factorial non deposit quid pro quo hic escorol.
| User | Count |
|---|---|
| 66 | |
| 22 | |
| 7 | |
| 6 | |
| 5 | |
| 4 | |
| 4 | |
| 3 | |
| 2 | |
| 2 |
Thu 09 Jul 2026 @ 10:00 AM (CEST)
Schutz souveräner Workloads: Check Point & die AWS European Sovereign CloudThu 09 Jul 2026 @ 11:00 AM (CEST)
The Cloud Architects Series: Check Point Edge Protection SD-WAN & SASEThu 09 Jul 2026 @ 11:00 AM (EDT)
Tips and Tricks 2026 #9 - What's New with Check Point Email SecurityFri 10 Jul 2026 @ 11:00 AM (IDT)
CheckMates Live Netherlands - Sessie 48: Nieuwe Check Point Workspace SecurityTue 14 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E11: READY OR NOT: Securing the AI Enterprise 3/5 - AI Workforce SecurityThu 30 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E12: READY OR NOT: Securing the AI Enterprise 4/5 - AI GatewayThu 09 Jul 2026 @ 11:00 AM (EDT)
Tips and Tricks 2026 #9 - What's New with Check Point Email SecurityFri 10 Jul 2026 @ 11:00 AM (IDT)
CheckMates Live Netherlands - Sessie 48: Nieuwe Check Point Workspace SecurityTue 14 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E11: READY OR NOT: Securing the AI Enterprise 3/5 - AI Workforce SecurityThu 30 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E12: READY OR NOT: Securing the AI Enterprise 4/5 - AI GatewayThu 20 Aug 2026 @ 10:00 AM (PDT)
AI Security Masters E13: READY OR NOT: Securing the AI Ent 5/5 - AI Research & Threat LandscapeAbout CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY