This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Danny
MVP Gold
MVP Gold
Wednesday

Factory-reset of Threat Prevention profiles?

I got a R81.20 environment and noticed that the Threat Prevention policy still contains a large number of legacy TP profiles from previous versions. These profiles are no longer in use, but unfortunately, they cannot be deleted easily – attempting to remove them causes the Publish operation to hang for hours and eventually fail with a timeout.

I would ideally like to reset the Threat Prevention profiles to the R8x factory defaults, meaning just the standard Basic, Optimized, and Strict profiles. However, I haven’t found a clean way to do this without performing a full management server reset, which I’d prefer to avoid.

I’ve already opened a SR with TAC, but I wanted to check here in case anyone has encountered a similar issue and found a workaround. Maybe it's possible to migrate-export to R82 without any Threat Prevention profiles or temporarily switch to Autonomous Threat Prevention to get rid of the legacy profiles?

Thanks in advance for any ideas or shared experiences!

0 Kudos
3 Replies
the_rock
MVP Gold
MVP Gold
Wednesday

Maybe autonomous threat profile?

Best,
Andy
0 Kudos
Tal_Paz-Fridman
MVP Silver CHKP MVP Silver CHKP
MVP Silver CHKP
Thursday

Maybe deleting or "hiding" them using Database Tool (GuiDBEdit)?

Still, I would wait for official response from TAC.

0 Kudos
Wolfgang
MVP Gold
MVP Gold
Thursday

@Danny we had a similar problem in the past. Our solution:

- first remove all exceptions related to the TP profile you want to delete and publish

- remove only one TP profile at time and publish

 

I remember removing a profile took about 15min and publish another 10min. Some Smartconsole freeze during the process but the TP profile was deleted after that long time.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events