- CheckMates
- :
- Products
- :
- Quantum
- :
- Management
- :
- Re: Unable to remove IPS Shared Layer
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Unable to remove IPS Shared Layer
Hi everyone! I am trying to investigate an environment that was upgraded from version 77.30 to version 81.10 some time ago. The environment is using MDS.
On one of the domains, I have encountered a problem that there is an IPS Shared Layer in Threat Prevention that cannot be removed.
I saw an article that relates to this case https://support.checkpoint.com/results/sk/sk129232, however there are no 77.30 devices in the environment right now.
Does anyone know how to resolve this issue? Any help would be appreciated!
- Labels:
-
Multi-Domain
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you very much for your reply! The problem was solved by clearing the IPS Shared Layer rules settings in Smartconsole, after which the layer was removed.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
What values do you have in the global assignments?
Is it similar to other domains?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you very much for your answer! I will check it out
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
If that does not work, I would say log in guidbedit and then search there and see if it can be removed that way.
Andy
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you very much for the advice!
Could you tell me in which section of GuiDBedit I can find information related to IPS shared layer? I tried to search for information about the layer by layer name, rule name in the layer and the word "IPS" and did not find any suitable objects. I even added a layer with a custom name (like ips_aaa) and added some rules to see if I'll be able to find them, but to no avail.
If I manage to find them, then simply deleting them and installing policy will be enough?
I would be very grateful for recommendations!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Let me check it in the lab, after I create another test IPS layer.
Andy
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hey,
So I tested in R81.20 lab and when I created new TP layer, installed policy, it did not find it in guidbedit, but it let me delete it from smart console. What happens if you try remove it from smart dashboard?
Andy
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you very much for your reply! The problem was solved by clearing the IPS Shared Layer rules settings in Smartconsole, after which the layer was removed.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Great job!