Solved: Allow my vulnerability scanner through gateway

bign · ‎2020-05-07

Hi mates,

I've had a lot of trouble allowing a vulnerability scanner to scan my environment. Even after I allow the scanner in through firewall access control, IPS exception, General Inspection settings exception, and Application Control policy, I still some of the scanner's activity blocked. (Running R80.20 on all gateways)

Does anyone have a good way to allow, even temporarily, a scanner to have its way with an asset on the other side of the gateway?

Thanks very much everyone,

Aaron

HeikoAnkenbrand · ‎2020-05-07

Solution:

- create IPS, ... exception
- create "Fast Acceleration Rule"

The Fast Acceleration (picture 2 green) feature lets you define trusted connections to allow bypassing deep packet inspection on R80.20 Take 103/ R80.30 Take 107 and above gateways. This feature significantly improves throughput for these trusted high volume connections and reduces CPU consumption.

More read here:
R80.x - Performance Tuning Tip - Control SecureXL / CoreXL Paths

➜ CCSM Elite, CCME, CCTE

View solution in original post

HeikoAnkenbrand · ‎2020-05-07

Solution:

- create IPS, ... exception
- create "Fast Acceleration Rule"

The Fast Acceleration (picture 2 green) feature lets you define trusted connections to allow bypassing deep packet inspection on R80.20 Take 103/ R80.30 Take 107 and above gateways. This feature significantly improves throughput for these trusted high volume connections and reduces CPU consumption.

More read here:
R80.x - Performance Tuning Tip - Control SecureXL / CoreXL Paths

➜ CCSM Elite, CCME, CCTE

Allow my vulnerability scanner through gateway

PBR source port or fwrule

Problem creating the interfaces for a vpn on an FW...

Turn off UserCheck email

Routemap in OSPF and BGP

firewall vulnerability

Are you a member of CheckMates?