This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
r1der
Advisor
‎2020-12-23 09:27 AM
Jump to solution

Windows Update Delivery Optimization PORT 7680

Researching around, I didn't find much about sk166899 or port 7680 with what others were doing with this traffic.
I don't believe its affecting CPU, VPN, etc, like how it is in the SK, but I noticed a lot of these logs are being blocked by our firewall due to the cleanup rule.
A lot of the traffic go to non-pingable IP addresses (e.g. 10.0.0.105 and 10.0.0.246) , so I'm not seeing it being effective anyhow. 

I'm thinking about creating a group policy to block it, but was wondering what is the general consensus on these traffic/update, or what do you do in your organization about these?

0 Kudos
1 Solution

Accepted Solutions
r1der
Advisor
‎2021-02-03 03:15 PM
Jump to solution

Found the fix for this. Its not an issue with CP, but it can be an issue if you start to see a large amount of firewall logs for this port from domain computers.

Setting Delivery Optimization with GPO seemed to be the fix here. Set download mode to Group (2), Source of group ID (1 -ad site), seemed to do the trick.

I no longer am seeing traffic on port 7680 coming from workstations to the firewall, after placing them in the group policy. 

 

View solution in original post

0 Kudos
3 Replies
r1der
Advisor
‎2020-12-24 10:28 AM
Jump to solution

Bump, just curious if anyone perhaps just makes a rule to not log these or are you actually turning them off in GPO?

0 Kudos
Chris_Atkinson
Employee Employee
Employee
‎2020-12-26 10:48 PM
Jump to solution

Reminds me of the perils of AD sites & services not being set correctly and the resultant update traffic crushing WAN links back in the day...

CCSM R77/R80/ELITE
r1der
Advisor
‎2021-02-03 03:15 PM
Jump to solution

Found the fix for this. Its not an issue with CP, but it can be an issue if you start to see a large amount of firewall logs for this port from domain computers.

Setting Delivery Optimization with GPO seemed to be the fix here. Set download mode to Group (2), Source of group ID (1 -ad site), seemed to do the trick.

I no longer am seeing traffic on port 7680 coming from workstations to the firewall, after placing them in the group policy. 

 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events