This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Roshan_Sinha
Explorer
‎2022-12-12 06:27 PM

IPS signature fine tune

Hi Team,

Recently i have enabled IDS for Low confidence IPS protections, just to analyze what all attacks are hitting to our firewall. As soon as I enabled IDS, i have strated receiving many attack events which are Internal servers to servers legitimate traffic however its detecting as attack with high severity but low confidence. 

Need your suggestion, on this scenario, what should be the best solution I have to apply to avoid events for legitimate traffic.

Not sure if I have to create exception list for particular source and destination to avoid unnecessary events.

All suggestions will be appreciable !!

Regards,

Roshan Sinha

 

Labels
0 Kudos
7 Replies
This widget could not be displayed.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫