Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Harald_Hansen
Advisor
Advisor

Move Reject action in rulebase

When working with rulebases that are assigned to internal zone firewalls (not exposed directly to the internet) it makes sense to use action reject in stead of drop.

R80.10 has moved reject from directly accessible in the dropdown on the action column to the more... menu. This makes working with new rules harder. 

I would like you to either move this option back permanently or on a preference basis. 

Now I either have to copy a template/existing rule with reject or use the api when I want to add multiple reject rules as a work around. This is not very user friendly, it worked well in R77.30 SmartDashboard. Why change it for changes sake?

0 Kudos
4 Replies
G_W_Albrecht
Legend
Legend

This rather sounds like a RFE - tell CP about it here:

Products and Feature Suggestions

Note the RFE Number and hand it to your local SE to get more support for it.

CCSE CCTE CCSM SMB Specialist
0 Kudos
PhoneBoy
Admin
Admin

While we still support using Reject as an action, it's generally not Best Practice to do so.

I suppose by moving it to a "More" menu, we are encouraging this Best Practice more directly Smiley Happy

In any case, it's good feedback.

0 Kudos
Harald_Hansen
Advisor
Advisor

In the OP I explained the rationale on why we use reject in stead of drop. When Check Point creates best practices you do not take into account a lot of issues that occur in datacenters with legacy applications. 

So my request is valid, please take this into account.

0 Kudos
PhoneBoy
Admin
Admin

I didn't say your request was not valid.

In fact, I even said it was good feedback Smiley Happy

I was merely explaining the rationale.

We can certainly consider it for a later release.

An RFE like Guenther suggested probably wouldn't hurt. 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events