This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Logesh_Kumar_Ma
Participant
‎2020-06-23 04:48 AM

Migrating from Trend Micro IPS to Checkpoint IPS

Hi,

Is it right solution to migrate from trend micro IPS to checkpoint IPS blade. If yes, what are the step needs to consider.

 

thank you, 

0 Kudos
8 Replies
AlejandroH
Ambassador
Ambassador
‎2020-06-23 05:30 PM

Are you asking if its a good decision to use the Check Point IPS instead of using Trend Micro?  Yes, yes it is. 

I would make sure to look at all the signatures that are being hit on that trend to determine what is being seen in that network.  There is not a one-for-one signature from one to the other.  Check Point signatures are built on different parameters than others.  There are Threat Cloud enabled signatures, live and updated and they are found and core.  Core will be your base types of attacks that match a technique regardless of the technology which leverages it.  Also if there is a certificate for SSL inspection that is not being done on the Check Point gateway, you will need that certificate to see the traffic unless you are passing it already decrypted. 

https://dl3.checkpoint.com/paid/7d/7d779295a3a3989e81ead539b5f086b0/CP_R80.10_ThreatPrevention_Admin...

0 Kudos
Logesh_Kumar_Ma
Participant
‎2020-06-24 01:06 AM
In response to AlejandroH

Hi Aherrera, Thank you for your reply. My actual question was, we have tipping point IPS appliance 6200 and 5200. we are planning to migrate it to 5600 checkpoint appliance. my concern is, will 5600 work without any performance issue.

0 Kudos
AlejandroH
Ambassador
Ambassador
‎2020-06-24 07:17 AM
In response to Logesh_Kumar_Ma

What kind of traffic are you going to be passing through them.  Is it only going to be used as a threat sensor or will it also be a FW/HTTPS/AV... etc?

0 Kudos
Logesh_Kumar_Ma
Participant
‎2020-06-24 10:40 PM
In response to AlejandroH

Hi,

FW and IPS.

0 Kudos
Timothy_Hall
Legend Legend
Legend
‎2020-06-24 09:55 AM
In response to Logesh_Kumar_Ma

Well considering that the Tipping Point 6200 is rated for 10Gbps IPS throughput and and the Tipping Point 5200 is rated for 5Gbps throughput, and you are replacing both with a single Check Point 5600 that is rated for 5.5 Gbps IPS throughput with the "Optimized" profile, my guess would be probably not.  However this is dependent on a lot of other factors.

Attend my Gateway Performance Optimization R81.20 course
CET (Europe) Timezone Course Scheduled for July 1-2
0 Kudos
Logesh_Kumar_Ma
Participant
‎2020-06-24 10:39 PM
In response to Timothy_Hall

Hi,

Nope, I am planning to replace one to one, which means 5200nx  appliance to 5600 checkpoint appliance. Moreover 5200 IPS appliance have 1 ge port.

0 Kudos
PhoneBoy
Admin
Admin
‎2020-06-24 09:30 PM
In response to Logesh_Kumar_Ma

I would discuss your exact deployment strategy with your local Check Point office.
If you truly need 10 gigs of inline IPS throughput, a 5600 probably won't cut it.
0 Kudos
Logesh_Kumar_Ma
Participant
‎2020-06-24 10:36 PM
In response to PhoneBoy

hi,

you are right, But i come know that Tipping Point IPS appliance have 1 ge port currently. I believe in this case 5600 will work without any performance issue.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events
    Top