This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Tomer_Sole
Mentor
Mentor
‎2018-02-08 10:35 PM

How many IPS Profiles do you use?

Tell us how you do your IPS. 

Are you satified with the default definitions?

Do you start with the default Check Point profiles and customize? If so, what do you typically change? Do you change the default levels of confidence/severity/performance? Do you add Additional Inspection By Tags? Change the Threat Emulation/Threat Extraction settings? Disable Staging? Please share.

Please note I am referring to changing the profile, not disabling individual protections.

Just the Check Point "Recommended" Profile1
Just the R80.10 Check Point "Optimized" Profile2
Few of the Check Point Profiles ("Optimized", "Strict", "Basic" and "Recommended")0
1-2 profiles which I cloned from the default and customized.6
3-5 profiles which I customized7
6-9 customized profiles0
10+ customized profiles1
0 Kudos
2 Replies
Tomer_Sole
Mentor
Mentor
‎2018-02-08 10:36 PM

Small tip: the IPS Protections page, where you can disable individual protections, by default only shows you profiles which are in use by your threat prevention policy. So if you ever created a bunch of profiles but never really used them, they will not be displayed in the IPS Protections view by default, to save you some screen real estate. But you can change it though.

If these are the profiles which I use in my policy:

Then these are the columns that I will see in the IPS Protections page:

(By the way, I haven't updated IPS lately. We now have over 8,600 protections)

You can change the columns here:

0 Kudos
Manuel_Kuback
Contributor
‎2018-02-09 12:03 AM

In our case this heavily depends on our customers needs. Some have just one profile - so we clone the recommended one and customize it to fit the customers applications etc.

Others do have a border, core, dmz firewall so we do have some more profiles to customize.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events