Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Logesh_Kumar_Ma
Participant

Migrating from Trend Micro IPS to Checkpoint IPS

Hi,

Is it right solution to migrate from trend micro IPS to checkpoint IPS blade. If yes, what are the step needs to consider.

 

thank you, 

0 Kudos
8 Replies
AlejandroH
Ambassador
Ambassador

Are you asking if its a good decision to use the Check Point IPS instead of using Trend Micro?  Yes, yes it is. 

I would make sure to look at all the signatures that are being hit on that trend to determine what is being seen in that network.  There is not a one-for-one signature from one to the other.  Check Point signatures are built on different parameters than others.  There are Threat Cloud enabled signatures, live and updated and they are found and core.  Core will be your base types of attacks that match a technique regardless of the technology which leverages it.  Also if there is a certificate for SSL inspection that is not being done on the Check Point gateway, you will need that certificate to see the traffic unless you are passing it already decrypted. 

https://dl3.checkpoint.com/paid/7d/7d779295a3a3989e81ead539b5f086b0/CP_R80.10_ThreatPrevention_Admin...

0 Kudos
Logesh_Kumar_Ma
Participant

Hi Aherrera, Thank you for your reply. My actual question was, we have tipping point IPS appliance 6200 and 5200. we are planning to migrate it to 5600 checkpoint appliance. my concern is, will 5600 work without any performance issue.

0 Kudos
AlejandroH
Ambassador
Ambassador

What kind of traffic are you going to be passing through them.  Is it only going to be used as a threat sensor or will it also be a FW/HTTPS/AV... etc?

0 Kudos
Logesh_Kumar_Ma
Participant

Hi,

FW and IPS.

0 Kudos
Timothy_Hall
Champion
Champion

Well considering that the Tipping Point 6200 is rated for 10Gbps IPS throughput and and the Tipping Point 5200 is rated for 5Gbps throughput, and you are replacing both with a single Check Point 5600 that is rated for 5.5 Gbps IPS throughput with the "Optimized" profile, my guess would be probably not.  However this is dependent on a lot of other factors.

New 2021 IPS/AV/ABOT Immersion Self-Guided Video Series
now available at http://www.maxpowerfirewalls.com
0 Kudos
Logesh_Kumar_Ma
Participant

Hi,

Nope, I am planning to replace one to one, which means 5200nx  appliance to 5600 checkpoint appliance. Moreover 5200 IPS appliance have 1 ge port.

0 Kudos
PhoneBoy
Admin
Admin

I would discuss your exact deployment strategy with your local Check Point office.
If you truly need 10 gigs of inline IPS throughput, a 5600 probably won't cut it.
0 Kudos
Logesh_Kumar_Ma
Participant

hi,

you are right, But i come know that Tipping Point IPS appliance have 1 ge port currently. I believe in this case 5600 will work without any performance issue.

0 Kudos