- Products
- Learn
- Local User Groups
- Partners
- More
Welcome to Maestro Masters!
Talk to Masters, Engage with Masters, Be a Maestro Master!
Join our TechTalk: Malware 2021 to Present Day
Building a Preventative Cyber Program
Be a CloudMate!
Check out our cloud security exclusive space!
Check Point's Cyber Park is Now Open
Let the Games Begin!
As YOU DESERVE THE BEST SECURITY
Upgrade to our latest GA Jumbo
CheckFlix!
All Videos In One Space
I set the below protection to "Prevent" override but the IPS Profile action (detect) is still taking precedence, in other words it seems like the override option is not working as expected any ideas?
Protection
Apache logging package Log4j 2 versions 2.14.1 and below (CVE-2021-44228
Did you reinstall the Threat Prevention policy? Not just Access Control...
Also make sure you do not have some kind of broad-ranging exception switching the action to Detect.
Just to clarify are we saying? If the FW cluster IPS Activation Mode is set to Detect only (NOT according to TP policy) and we change the Log4J protection override to "Prevent" this will drop Log4j despite the gateway cluster being in Detect? Many Thanks
See my response here, what you want is possible but not easy:
Set Activation as Staging Mode
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY