This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Sn00pDoug
Explorer
‎2020-01-02 08:28 PM

MDS vs CMA policies

Hello Community!

Is there a recommended way to manage multiple domains in terms of where best to apply any policies/objects etc, globally or on the CMA directly. Obviously some objects and access/threat policies will be relevant to single CMAs but its easier/neater to manage globally so its in one place and assign to each domain.

For example I've been doing a lot of IPS exceptions on noisy false positives, which are typically relevant to a particular CMA. Unfortunately doing so requires creating objects on the MDS, essentially duplicating the objects on the CMA just with a different name. Which got me thinking, would it be better to just have all the objects globally? Or perhaps I should just keep my IPS exceptions per CMA? Thanks

 

0 Kudos
2 Replies
Maarten_Sjouw
Champion
Champion
‎2020-01-03 01:11 AM

There is no simple answer here, the thing is that it depends on how you use the MDS setup. When your environment is a 1 customer multiple security domains / areas, then it could make sense to create a lot of objects globally as they would be used in most of the domains anyway.
When you are a company servicing a lot of different customers, there is only the monitoring and management systems that are common between the domains and should be setup globally.

Hope this answers your question?
Regards, Maarten
Sn00pDoug
Explorer
‎2020-01-05 05:29 PM
In response to Maarten_Sjouw

Thanks Maarten,

 

Its all the same company with different domains for each site. Makes sense, just want to ensure there is no performance/config dependency disadvantages (or other surprises) from managing globally.

 

Cheers, 

Doug

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events