- Products
- Learn
- Local User Groups
- Partners
- More
What's New in R82.10?
Watch HereWhen the Agents Attack
A Live Look at Agentic Exposure Validation
AI Security Masters E8:
Claude Mythos: New Era in Cyber Security
CheckMates Go:
CheckMates Fest
Actually, this is expected behavior from R80.40.
See: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...
At a guess, that seems like something the zone might cause. Zones are complicated to resolve to specific addresses, so I wouldn't be surprised if the verification process treats them as not matching anything, or simply skips rules which use them.
Actually, this is expected behavior from R80.40.
See: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...
Wow. That's good to know. I have a few policies in my managements which I don't want anybody pushing (one with QoS, and a few are migrations in progress), so I intentionally break them with overlapping rules at the end. I'll have to confirm they have different actions. They might just be two drop rules in some.
Hi PhoneBoy ,
The feature with the overlapping rules and the verification was very useful for large environments with many may rules . It was helping to housekeep the rules . Also it was an extra for our environment when we migrate from Cisco ASA , to help us reduce the rules . I understand the need for others to have overlapping rules , but it would be better to be able to change it with some change to the GUI , and not all the procedure that the SK161574 (Advanced Technical Level) describes .
I believe the primary reason this was done was to reduce the overall policy compilation/installation time, also an issue in environments with many, many rules.
I would expect this process to take more time if this check is re-enabled.
Moving the setting to the UI would have to be addressed as an RFE.
I feel your frustration. I was thinking the same and policy verification for hide rules is very useful to prevent rulebase from growing unnecessary. In my opinion it is a shady way of speeding up policy installation time.
Leaderboard
Epsum factorial non deposit quid pro quo hic escorol.
| User | Count |
|---|---|
| 66 | |
| 22 | |
| 7 | |
| 6 | |
| 5 | |
| 4 | |
| 4 | |
| 3 | |
| 2 | |
| 2 |
Thu 09 Jul 2026 @ 10:00 AM (CEST)
Schutz souveräner Workloads: Check Point & die AWS European Sovereign CloudThu 09 Jul 2026 @ 11:00 AM (CEST)
The Cloud Architects Series: Check Point Edge Protection SD-WAN & SASEThu 09 Jul 2026 @ 11:00 AM (EDT)
Tips and Tricks 2026 #9 - What's New with Check Point Email SecurityFri 10 Jul 2026 @ 11:00 AM (IDT)
CheckMates Live Netherlands - Sessie 48: Nieuwe Check Point Workspace SecurityTue 14 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E11: READY OR NOT: Securing the AI Enterprise 3/5 - AI Workforce SecurityThu 30 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E12: READY OR NOT: Securing the AI Enterprise 4/5 - AI GatewayThu 09 Jul 2026 @ 11:00 AM (EDT)
Tips and Tricks 2026 #9 - What's New with Check Point Email SecurityFri 10 Jul 2026 @ 11:00 AM (IDT)
CheckMates Live Netherlands - Sessie 48: Nieuwe Check Point Workspace SecurityTue 14 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E11: READY OR NOT: Securing the AI Enterprise 3/5 - AI Workforce SecurityThu 30 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E12: READY OR NOT: Securing the AI Enterprise 4/5 - AI GatewayThu 20 Aug 2026 @ 10:00 AM (PDT)
AI Security Masters E13: READY OR NOT: Securing the AI Ent 5/5 - AI Research & Threat LandscapeAbout CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY