This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
handiansudianto
Advisor
‎2023-02-02 06:20 PM
Jump to solution

Checkpoint Policy

Hello..

 

For checkpoint network and application policy ist should be paired, example i want to allow traffic from LAN to Azure Site2Site so should i make like attached picture?

 

Cp1.png
Preview file
42 KB
Cp2.png
Preview file
49 KB
1 Solution

Accepted Solutions
the_rock
Legend
Legend
‎2023-02-02 08:44 PM
In response to handiansudianto
Jump to solution

For vpn, rule 1 is fine in network layer. If you have another ordered layer with urlf+appc blades enabled, then rule 2 would belong in that layer.

View solution in original post

0 Kudos
5 Replies
the_rock
Legend
Legend
‎2023-02-02 06:35 PM
Jump to solution

If its traffic via s2s vpn, then forst picture example is good enough. What is the 2nd one for? (CP2)

0 Kudos
handiansudianto
Advisor
‎2023-02-02 06:50 PM
In response to the_rock
Jump to solution

2nd pc is policy for application, should be paired also?

 

the_rock
Legend
Legend
‎2023-02-02 06:57 PM
In response to handiansudianto
Jump to solution

Ok, if its totally seperate rule for app control, then yes. But if you wanted to add 2nd rule for s2s vpn tunnel, you dont need it, just 1st rule is good.

0 Kudos
handiansudianto
Advisor
‎2023-02-02 07:37 PM
In response to the_rock
Jump to solution

hello, so for Network Policy i can remove 2nd rule and for Application policy both rule is used, am i right?

the_rock
Legend
Legend
‎2023-02-02 08:44 PM
In response to handiansudianto
Jump to solution

For vpn, rule 1 is fine in network layer. If you have another ordered layer with urlf+appc blades enabled, then rule 2 would belong in that layer.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    li.common.scroll-to.top