This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have one, create one now for free!
Tomer_Sole
Employee Alumnus
Employee Alumnus
‎2018-02-08 10:35 PM

How many IPS Profiles do you use?

Tell us how you do your IPS. 

Are you satified with the default definitions?

Do you start with the default Check Point profiles and customize? If so, what do you typically change? Do you change the default levels of confidence/severity/performance? Do you add Additional Inspection By Tags? Change the Threat Emulation/Threat Extraction settings? Disable Staging? Please share.

Please note I am referring to changing the profile, not disabling individual protections.

Just the Check Point "Recommended" Profile1
Just the R80.10 Check Point "Optimized" Profile2
Few of the Check Point Profiles ("Optimized", "Strict", "Basic" and "Recommended")0
1-2 profiles which I cloned from the default and customized.6
3-5 profiles which I customized7
6-9 customized profiles0
10+ customized profiles1
0 Kudos
2 Replies
Tomer_Sole
Employee Alumnus
Employee Alumnus
‎2018-02-08 10:36 PM

Small tip: the IPS Protections page, where you can disable individual protections, by default only shows you profiles which are in use by your threat prevention policy. So if you ever created a bunch of profiles but never really used them, they will not be displayed in the IPS Protections view by default, to save you some screen real estate. But you can change it though.

If these are the profiles which I use in my policy:

Then these are the columns that I will see in the IPS Protections page:

(By the way, I haven't updated IPS lately. We now have over 8,600 protections)

You can change the columns here:

0 Kudos
Manuel_Kuback
Contributor
‎2018-02-09 12:03 AM

In our case this heavily depends on our customers needs. Some have just one profile - so we clone the recommended one and customize it to fit the customers applications etc.

Others do have a border, core, dmz firewall so we do have some more profiles to customize.

0 Kudos