This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
ISG-Network
Explorer
yesterday

move IKE implied from first rule to before last or disable

I would like to disable IKE rule from implied rules and would like to manage it via access-policies or move them to the before last. Is there a way we can do that?

0 Kudos
3 Replies
the_rock
Legend
Legend
yesterday

Personally, unless there is a really good reason to do this, I would NOT do it. Implied rules are there for a reason. However, if you do have a totally valid case for this, I would still confirm with TAC.

Andy

0 Kudos
AkosBakos
Leader Leader
Leader
yesterday

Hi @ISG-Network 

I the past, when the implied rules weren't logged, we did this to get log of them. So it was a valid scenario. Nowadays, i don't see the purpose of do this. What is the exact reason? 

A

----------------
\m/_(>_<)_\m/
0 Kudos
PhoneBoy
Admin
Admin
6 hours ago

Decryption actually happens before the Access Policy is applied, which is one of the reasons it is one of the first implied rules.
However, you can use rate limiting rules to control access:

https://community.checkpoint.com/t5/Security-Gateways/Block-VPN-Traffic-by-Country/m-p/172695#M31396

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events