cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question

how can i disable default all drop and protections?

how can i disable  default all drop and protections? CP default protection features block or dropping. because my internet very slow and some web sites cannot load......

Tags (1)
0 Kudos
3 Replies

Re: how can i disable default all drop and protections?

if you are talking about ips , you can put your profile in troubleshooting mode , all protection will be set as detect , at least in 77.30 Smiley Happy

0 Kudos

Re: how can i disable  default all drop and protections?

It depends. Check Point rulebase drops all connections that are not matched to explicit and implied rules. For that matter, the best practice is to put any-any-any-log-drop rule at the end of it, to see the logs for all dropped traffic. If you change that rule to accept connections (which is a terrible security practice), rulebase will not drop them anymore.

as for any other protections, such as IPS, AVI, etc, you can just put them to detect only mode or to disable completely by removing corresponding software blades settings from your GW object.

That said, how do you know it is FW issue and not something external?

0 Kudos

Re: how can i disable default all drop and protections?

For IPS in particular you can just run ips off on the gateway to instantly turn it off.  If policy is reinstalled or the firewall rebooted IPS will be back on, current state can be checked with ips stat.

For the other elements of Threat Prevention I suppose you could unload the TP policy on the gateway with fw amw unload but be warned I have not tried doing this on a production firewall.

For Application Control and URL Filtering, I don't think there is a way to disable these on the fly without a policy reinstall to the gateway.

Then of course if you just want to turn your firewall into a pure router with no enforcement, no NAT, no antispoofing etc you could always do this which will cause an outage:

fw unloadlocal

echo 1 > /proc/sys/net/ipv4/ip_forward

--
My book "Max Power: Check Point Firewall Performance Optimization"
now available via http://maxpowerfirewalls.com.

"IPS Immersion Training" Self-paced Video Class
Now Available at http://www.maxpowerfirewalls.com