This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Jake_Williams
Participant
‎2019-08-15 09:43 PM

Inline layer vs separate rules

I finally got my firewalls all updated to R80.20 so now I'm looking at taking advantage of the layer options. One thing that occurred to me and I haven't been able to find an answer so far is how to best optimize rules when taking the inline layers into account.

For example, say I have a firewall management rule section that allows certain traffic to the firewall. One rule for SSH/HTTPS from managers, one for DHCP requests to the firewalls, one for SNMP from our monitoring servers, etc. Is there a reason not to make those an inline policy with the main policy just src: Any dst: Firewalls svc: Any? Would doing it as an inline layer speed up the firewall itself, or does it split it out into the separate layers when it pushes policy (the inline layers are just for management ease of use/reuse)?

Thanks!
Jake

0 Kudos
1 Reply
Danny
Champion Champion
Champion
‎2019-08-15 11:03 PM

The three main reasons for inline layer policies are:

  • performance improvements
  • ease of re-use
  • delegation

So your example would be valid under the terms of performance improvement. Makes the biggest sense with traffic causing the most performance impact on your Firewall. Typically web-traffic. You‘ll find a good example for this in SmartConsole R80.20 Demo Mode (rules 4 -> 4.9).

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    li.common.scroll-to.top