Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
handiansudianto
Collaborator
Jump to solution

Checkpoint Policy

Hello..

 

For checkpoint network and application policy ist should be paired, example i want to allow traffic from LAN to Azure Site2Site so should i make like attached picture?

 

1 Solution

Accepted Solutions
the_rock
Legend
Legend

For vpn, rule 1 is fine in network layer. If you have another ordered layer with urlf+appc blades enabled, then rule 2 would belong in that layer.

View solution in original post

0 Kudos
5 Replies
the_rock
Legend
Legend

If its traffic via s2s vpn, then forst picture example is good enough. What is the 2nd one for? (CP2)

0 Kudos
handiansudianto
Collaborator

2nd pc is policy for application, should be paired also?

 

the_rock
Legend
Legend

Ok, if its totally seperate rule for app control, then yes. But if you wanted to add 2nd rule for s2s vpn tunnel, you dont need it, just 1st rule is good.

0 Kudos
handiansudianto
Collaborator

hello, so for Network Policy i can remove 2nd rule and for Application policy both rule is used, am i right?

the_rock
Legend
Legend

For vpn, rule 1 is fine in network layer. If you have another ordered layer with urlf+appc blades enabled, then rule 2 would belong in that layer.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events