This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have one, create one now for free!
bign
Explorer
‎2020-05-07 06:05 AM

Allow my vulnerability scanner through gateway

Jump to solution

Hi mates,

I've had a lot of trouble allowing a vulnerability scanner to scan my environment. Even after I allow the scanner in through firewall access control, IPS exception, General Inspection settings exception, and Application Control policy, I still some of the scanner's activity blocked. (Running R80.20 on all gateways)

Does anyone have a good way to allow, even temporarily, a scanner to have its way with an asset on the other side of the gateway?

Thanks very much everyone,

 

Aaron

0 Kudos
1 Solution

Accepted Solutions
HeikoAnkenbrand
Champion
Champion
‎2020-05-07 08:44 AM

Jump to solution

Solution:

- create IPS, ... exception
- create "Fast Acceleration Rule"

The Fast Acceleration (picture 2 green) feature lets you define trusted connections to allow bypassing deep packet inspection on R80.20 Take 103/ R80.30 Take 107 and above gateways. This feature significantly improves throughput for these trusted high volume connections and reduces CPU consumption.

Fast_Accel_Rule.PNG

More read here:
R80.x - Performance Tuning Tip - Control SecureXL / CoreXL Paths

View solution in original post

1 Reply
HeikoAnkenbrand
Champion
Champion
‎2020-05-07 08:44 AM

Jump to solution

Solution:

- create IPS, ... exception
- create "Fast Acceleration Rule"

The Fast Acceleration (picture 2 green) feature lets you define trusted connections to allow bypassing deep packet inspection on R80.20 Take 103/ R80.30 Take 107 and above gateways. This feature significantly improves throughput for these trusted high volume connections and reduces CPU consumption.

Fast_Accel_Rule.PNG

More read here:
R80.x - Performance Tuning Tip - Control SecureXL / CoreXL Paths