Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
MRossi92
Participant

IPS - Basics Protections

Hello

I want to know if there are some specific information about basic IPS Signatures.

We have an external IPS (Main) but we need to enable some signatures in CheckPoint Firewall to protect if any signature escaped from the main IPS.

Thanks.

Regards.

0 Kudos
6 Replies
PhoneBoy
Admin
Admin

Not clear on what your question is.
0 Kudos
FedericoMeiners
Advisor

We have like 9000 signatures (or more maybe). I highly suggest you to check which protections are enabled the IPS default profile.

You can also use filters or categories to see specific signatures (ie: linux, wordpress, etc)

Hope it helps

_____

____________
https://www.linkedin.com/in/federicomeiners/
0 Kudos
MRossi92
Participant

Thank you Federico.

And from the Inspection Settings from "Shared Policies". I would like to protect my infraestructure from attacks like SYN FLOOD.

How its works de Inspection Settings signatures? 

Thank you

 

0 Kudos
Timothy_Hall
Champion
Champion

First off, I'm assuming that you are using R80.10 or later on your gateway.  In R80.10+ there are essentially four separate types of signatures/protections that were formerly all part of IPS in R77.30 and earlier:

  1. IPS ThreatCloud Protections (part of Threat Prevention)
  2. Core Protections (part of Access Control...sort of)
  3. Inspection Settings (part of Access Control)
  4. Geo Policy (part of Access Control)

If you still have R77.30 or earlier gateways management of IPS is much more complicated.  I'm happy to answer specific questions about IPS that were covered in my IPS Immersion course, but I'd suggest reading the relevant Check Point IPS documentation first as this is a rather large topic.

 

Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com
0 Kudos
MRossi92
Participant

My version of gateway is R80.20SP and the managment also.

We have a 64000 appliance. My specific question is for Inspection Settings (part of Access Control).

 

 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events