Are you a member of CheckMates?
×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Packet mode search through a security policy searches as if a packet is travelling through it. With inline layer rules it becomes more interesting. This examples shows a match on an inline layer rule that should have not been matched as far as I know.
Example from lab: Packet mode search string:
mode:Packet src:"HP-desktop" dst:any app:TeamViewer action:Accept
Result:
We see here a match on rule 156.2 but the source HP-desktop is not part of the network group that is used as source in rule 156. Therefore it should not have gone further down to rule 156.2 and matched on any. Is this a known limitation with packet mode search and inline layers?
