This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Olga_Kuts
Advisor
‎2017-10-27 01:30 AM

Anti-Virus deep scanning reccomendation

Hello!

Are there any Check Point recommendations for Anti-Virus deep scanning enabling? In terms of performance we understand that performance impact is increasing, but what about security side? Are there some best practices about this?

Thanks!

0 Kudos
2 Replies
Kiran_Naidu1
Participant
‎2017-10-30 12:21 AM

Please refer the sk100633  (Best Practices - threats investigation using Threat Prevention Software Blades).
Following  Presentation: Investigative Best Practices with Threat Prevention in the sk will help you in better utilization of the threat prevention blades as per your environment.

Regards

Kiran Naidu

0 Kudos
Timothy_Hall
Legend Legend
Legend
‎2017-10-31 04:47 AM

First off, AV Deep Scanning invokes components that were created by Kaspersky Labs:

sk118539: How to disable and remove Kaspersky Labs components from Check Point Security Gateway

From a performance perspective, deep scanning invokes additional inspection that takes place outside the kernel of the firewall in process space.  Any trip between the firewall's kernel and process space will cause a fair amount of extra overhead, I refer to these trips as the firewall's "fourth path" (in addition to SXL, PXL, F2F).

--
My book "Max Power: Check Point Firewall Performance Optimization"
now available via http://maxpowerfirewalls.com.

Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events