Hello,

Checkpoint Anti Malware blade logs some reasons, as far as I understood, these logs mean as anti malware could not process the trafic, and because action is "accept" we need to manually control (or rely on other security products) if these traffic is malicious or not?

Could you please share the list of these reasons and definitions?

Example log:

<13>Sep 18 09:19:58 192.168.100.253 18Sep2019 09:19:58 accept x.x.x.x product: Anti Malware; src: y.y.y.y; s_port: 58780; dst: z.z.z.z; service: 25; proto: tcp; rule: ;LastUpdateTime: 1568787659;Suppressed logs: 1;__policy_id_tag: product=VPN-1 & FireWall-1[db_tag={.............};mgmt=xxxxxx;date=1568709586;policy_name=xxxxxxxxx];has_accounting: 0;i/f_dir: outbound;i/f_name: eth2-03;is_first_for_luuid: 0;logId: -1;log_id: 2;log_sequence_num: 59;log_type: log;log_version: 5;origin_sic_name: CN=xxxxxxxxxxxxxxxx-fw,O=xxxxxxxxxxxxxx..nmyete;reason: Mail processing timeout;received_bytes: 691;sent_bytes: 0;session_id: ;severity: 1;

some of Anti malware reasons:

Mail processing timeout, 

CFCHttpClient::ReadResponse() - Request timeout

Connection to center failed: Internal Server Error