- Products
- Learn
- Local User Groups
- Partners
- More
Welcome to Maestro Masters!
Talk to Masters, Engage with Masters, Be a Maestro Master!
Join our TechTalk: Malware 2021 to Present Day
Building a Preventative Cyber Program
Be a CloudMate!
Check out our cloud security exclusive space!
Check Point's Cyber Park is Now Open
Let the Games Begin!
As YOU DESERVE THE BEST SECURITY
Upgrade to our latest GA Jumbo
CheckFlix!
All Videos In One Space
Hi mates,
I've had a lot of trouble allowing a vulnerability scanner to scan my environment. Even after I allow the scanner in through firewall access control, IPS exception, General Inspection settings exception, and Application Control policy, I still some of the scanner's activity blocked. (Running R80.20 on all gateways)
Does anyone have a good way to allow, even temporarily, a scanner to have its way with an asset on the other side of the gateway?
Thanks very much everyone,
Aaron
Solution:
- create IPS, ... exception
- create "Fast Acceleration Rule"
The Fast Acceleration (picture 2 green) feature lets you define trusted connections to allow bypassing deep packet inspection on R80.20 Take 103/ R80.30 Take 107 and above gateways. This feature significantly improves throughput for these trusted high volume connections and reduces CPU consumption.
More read here:
R80.x - Performance Tuning Tip - Control SecureXL / CoreXL Paths
Solution:
- create IPS, ... exception
- create "Fast Acceleration Rule"
The Fast Acceleration (picture 2 green) feature lets you define trusted connections to allow bypassing deep packet inspection on R80.20 Take 103/ R80.30 Take 107 and above gateways. This feature significantly improves throughput for these trusted high volume connections and reduces CPU consumption.
More read here:
R80.x - Performance Tuning Tip - Control SecureXL / CoreXL Paths
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY