Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Ravindra_Katrag
Contributor

Admin Not to be Blocked in Case of DOS

Hi

I am running a Compliance Check on all of My Checkpoint Firewalls. I am running R77.30 on all appliances (Management + Gateway)

I would like to know if there is any way to Setup "Admin" not to be blocked in case of a DOS

0 Kudos
4 Replies
Tal_Paz-Fridman
Employee
Employee

Hi

If you are running the Security Management Server on a different appliance and not connecting through the Security Gateway, there should be a problem since the Security Management Server will be protected and not under load.

Tal

0 Kudos
Ravindra_Katrag
Contributor

My Management is a Separate Appliance

0 Kudos
Wolfgang
Authority
Authority

Ravindra_Katrag,

you can use priotity queues Firewall Priority Queues in R77.30 / R80.10 and above

###############################################################

Packets could be dropped by Firewall when CPU cores, on which Firewall runs, are fully utilized. Such packet loss might occur regardless of the connection's type (for example, local SSH or connection to Security Management Server server).

To help mitigate the above issue, Firewall Priority Queues feature was introduced in R77.30 Security Gateway.

################################################################

or if your gateway has enough CPUs you can use the new management plane feature in R80.30 to separate the .

See this thread from Danny New! R80.30 feature: Management Data Plane Separation (for gateways with 8+ cores)

 

Wolfgang

0 Kudos
Ravindra_Katrag
Contributor

Thank you

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events