This website uses cookies. By clicking OK, you consent to the use of cookies. Click Here to learn more about how we use cookies.
OK
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
Vladimir
Champion
Champion
‎2018-07-13 09:17 AM

Create and maintain Shared IPS Layer with R80.X gateways ?

I have a customer who's sole reason to stick with the MDS is the ability to have common IPS policy across multiple gateways that have individual Access Control, URLF and App Control policies.

Is there a way to have common IPS or threat prevention policy (with obvious caveats that MTAs will be excluded) in SMS?

Since we have the ability to create custom profiles containing rules that could be selectively installed on particular gateways or clusters, this feature seem to be a very logical one to have.

Thank you,

Vladimir

6 Replies
_Val_
Admin
Admin
‎2018-07-14 10:53 AM

MDS allows applying the same global IPS policy to multiple GWs belonging to different security domains. There is no problem assigning the same Threat Prevention profile to multiple GWs under the same management. 

0 Kudos
Vladimir
Champion
Champion
‎2018-07-15 05:49 AM
In response to _Val_

Valeri,

Let me clarify what I am trying to achieve:

Using SMS with different policy packages, where each policy package is applied to a number of gateways or clusters, I would like to use common IPS or TP policy across all of them.

Yes, we can use common profile for multiple policy packages, but this will necessitate multiple installations of the TP policies, one for each policy package. 

The idea is to have same capability in regards to TP/IPS in SMS as presently exists in MDS only: single policy that could be installed to multiple targets irrespective to their policy package membership.

Regards,

Vladimir

Tomer_Sole
Mod
Mod
‎2018-07-15 07:05 AM
In response to Vladimir

Hi Vladimir, this is available starting with R80.20.M1 - you can share a Threat Prevention Layer across multiple policies, both in Multi-Domain and Security Management Servers. Raz Shlomo

(colors are different because it's taken off the more advanced R80.20 EA, but you can do that with R80.20.M1)

Vladimir
Champion
Champion
‎2018-07-15 07:10 AM
In response to Tomer_Sole

Thank you Tomer!

This is exactly what I had in mind.

0 Kudos
_Val_
Admin
Admin
‎2018-07-17 05:42 AM
In response to Vladimir

Okay, it is clear now. I see Tomer is already providing you with the info you need. Please do join our webinar tomorrow, you will hear about this and other interesting features coming up with the new management release update.

0 Kudos
Vladimir
Champion
Champion
‎2018-07-17 06:56 AM
In response to _Val_

Thank you Valeri, I'll be on it tomorrow.

0 Kudos