cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post

Move Reject action in rulebase

When working with rulebases that are assigned to internal zone firewalls (not exposed directly to the internet) it makes sense to use action reject in stead of drop.

R80.10 has moved reject from directly accessible in the dropdown on the action column to the more... menu. This makes working with new rules harder. 

I would like you to either move this option back permanently or on a preference basis. 

Now I either have to copy a template/existing rule with reject or use the api when I want to add multiple reject rules as a work around. This is not very user friendly, it worked well in R77.30 SmartDashboard. Why change it for changes sake?

0 Kudos
4 Replies

Re: Move Reject action in rulebase

This rather sounds like a RFE - tell CP about it here:

Products and Feature Suggestions

Note the RFE Number and hand it to your local SE to get more support for it.

0 Kudos
Admin
Admin

Re: Move Reject action in rulebase

While we still support using Reject as an action, it's generally not Best Practice to do so.

I suppose by moving it to a "More" menu, we are encouraging this Best Practice more directly Smiley Happy

In any case, it's good feedback.

0 Kudos

Re: Move Reject action in rulebase

In the OP I explained the rationale on why we use reject in stead of drop. When Check Point creates best practices you do not take into account a lot of issues that occur in datacenters with legacy applications. 

So my request is valid, please take this into account.

0 Kudos
Admin
Admin

Re: Move Reject action in rulebase

I didn't say your request was not valid.

In fact, I even said it was good feedback Smiley Happy

I was merely explaining the rationale.

We can certainly consider it for a later release.

An RFE like Guenther suggested probably wouldn't hurt. 

0 Kudos