- Products
- Learn
- Local User Groups
- Partners
- More
Check Point Jump-Start Online Training
Now Available on CheckMates for Beginners!
Why do Hackers Love IoT Devices so Much?
Join our TechTalk on Aug 17, at 5PM CET | 11AM EST
Welcome to Maestro Masters!
Talk to Masters, Engage with Masters, Be a Maestro Master!
ZTNA Buyer’s Guide
Zero Trust essentials for your most valuable assets
The SMB Cyber Master
Boost your knowledge on Quantum Spark SMB gateways!
As YOU DESERVE THE BEST SECURITY
Upgrade to our latest GA Jumbo
CheckFlix!
All Videos In One Space
Hello,
I would like to ask if it's possible to set up a setting for specific Protections that allows to automatically block the IP that triggered a specific Protection, like for example for Scans - we would like to be able to automatically block IP's that triggered specific scanning signatures - as in adding them to a blacklist temporarily or until someone removes the ip from it, is that possible?
If you have a SmartEvent license you can do that pretty easily. You have to create a Event definition with the Protection you want to trigger:
In our case this was used for the Log4j issue. With the automatic reactions you can block the IP for a desired time (max. 4 weeks I believe).
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY