- Products
- Learn
- Local User Groups
- Partners
- More
What's New in R82.10?
Watch HereWhen the Agents Attack
A Live Look at Agentic Exposure Validation
AI Security Masters E8:
Claude Mythos: New Era in Cyber Security
CheckMates Go:
CheckMates Fest
Hi All,
Good morning !! We are currently using MDS with multiple CMAs running on R80.40. Currently, the plan is to create Global Rule (push to all domain/CMA) along with we plan to create another global Rule named as DC and push only to 3 primary DC GW's. Could someone please confirm if this is viable option to have kind of two global Rules one push to all GW whereas the other one mainly for DC (3 GW) part ?
@Vincent_Bacher has the best answer 🙂
Else you can always create different global policies per domain if it helps and your GWs are separated that way:
I think this is described in MDM admin guide in section "Applying Global Rules to Security Gateways by Function".
We don't use that but from my perspective that should be viable.
@Vincent_Bacher has the best answer 🙂
Else you can always create different global policies per domain if it helps and your GWs are separated that way:
As Kaspars example points out, as I think I understand what you are asking, one policy per domain. So I was thinking you were asking if you could do a cumulative push of A + B? I have not seen that that will work. But since you are in the same domain (Global), copy-paste works and add part b's specific rules.
But I may not have followed what you mean.
Hi ,
Thanks all for your response.. I strongly feel the way Kaspars suggested would work and easy method though. Will test it out in couple of weeks.
Another option is to use Global dynamic objects, this makes a policy very much more dynamic. You create the object in the global policy and name it GBL-name_global, the '_global' part is mandatory. Now in the global rulebase you could use a global dynamic named GBL-DC-GWs_global in an install on column.
In the normal rulebase you create a Simple Network Group with the exact same name GBL-DC-GWs_global and add the 3 DC GWs to it. Now assign the new global policy to the domain and you will see the group will show on that one global rule you added it to and the simple network group will be linked to the Dynamic global object.
Hop I explained it clear enough, if not I can always try to do better.
Leaderboard
Epsum factorial non deposit quid pro quo hic escorol.
| User | Count |
|---|---|
| 13 | |
| 12 | |
| 9 | |
| 7 | |
| 7 | |
| 4 | |
| 3 | |
| 3 | |
| 3 | |
| 3 |
Thu 02 Jul 2026 @ 06:00 PM (CST)
Revolucionando la Seguridad con IA Generativa: Prevención Inteligente en Tiempo RealThu 09 Jul 2026 @ 10:00 AM (CEST)
Schutz souveräner Workloads: Check Point & die AWS European Sovereign CloudThu 09 Jul 2026 @ 11:00 AM (CEST)
The Cloud Architects Series: Check Point Edge Protection SD-WAN & SASETue 14 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E11: READY OR NOT: Securing the AI Enterprise 3/5 - AI Workforce SecurityThu 30 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E12: READY OR NOT: Securing the AI Enterprise 4/5 - AI GatewayThu 20 Aug 2026 @ 10:00 AM (PDT)
AI Security Masters E13: READY OR NOT: Securing the AI Ent 5/5 - AI Research & Threat LandscapeTue 14 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E11: READY OR NOT: Securing the AI Enterprise 3/5 - AI Workforce SecurityThu 30 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E12: READY OR NOT: Securing the AI Enterprise 4/5 - AI GatewayThu 20 Aug 2026 @ 10:00 AM (PDT)
AI Security Masters E13: READY OR NOT: Securing the AI Ent 5/5 - AI Research & Threat LandscapeThu 02 Jul 2026 @ 06:00 PM (CST)
Revolucionando la Seguridad con IA Generativa: Prevención Inteligente en Tiempo RealAbout CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY