Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Participant

Pure NGIPS Capability for Check Point Security Gateway

Hi All,

Is it possible to only activate IPS feature in Check Point Security Gateway and achieving pure IPS capability? By "pure IPS capability" in this context also means that we need network module with Fail Open (Bypass) capability. 

I already done some research about the network module with Bypass capability by referring the following link and so far I also already have an idea about the appliance type that can support this kind of network module:

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

But still, the question about "is it possible to activate only IPS feature" still lingers in my mind. Can you please help me clarify this thing?

Appreciate your help, thanks!!

 

Cheers,

Yedi

 

0 Kudos
2 Replies
Highlighted
Admin
Admin

You can't really disable the firewall but you can configure it with an any any accept policy.
And you can just enable IPS, thus you can basically run as an IPS.
That said, you will miss out on other elements of Threat Prevention by using only IPS.

If you're looking for a Threat Prevention focused solution without access control, I recommend checking out SandBlast Now, which uses regular appliances with fail open NICs and is managed from the cloud.
The cost is no different than a regular NGTX subscription.
0 Kudos
Highlighted
Champion
Champion

I have a customer that runs a box with 8 ports running 4 transparent paths that only has IPS enabled on top of the FW module, which cannot be disabled, just make sure to allow any to any with any port and the same above it with service X11.
Regards, Maarten
0 Kudos