This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Sorin_Gogean
Advisor
‎2022-10-12 01:30 AM
Jump to solution

Migration to Autonomous Threat Prevention

Hello everyone,

 

We are currently using Threat Prevention with specific policies as per our environment.

In order to reduce the workload and improve the adoption speed of the new protections, we were thinking to adopt the Autonomous Threat Prevention .

If you have a recommendation on this step(s), would be appreciated 😊 .

 

Now the first question we have, is in regards to the Exceptions we currently have. As per our understanding, the Global Exceptions will remain, as for specific Exceptions that we have per IPS/Threat Policies, those will have to be moved either to the new Autonomous Policy or to Global Exception one.

 

Secondly, in regards to different IPS protections (and not only those) that our Cyber Security Team had enabled, what would be the easiest way to export the ACTIVE protections from current policies, so we can compare with the Autonomous active ones, as CyberSec might go that path and state that they would enable certain protections with or without any actual reason (don't ask 😊)

 

Any other hint we should pay attention to ?

 

Thank you,

0 Kudos
1 Solution

Accepted Solutions
3 Replies
G_W_Albrecht
Legend Legend
Legend
‎2022-10-12 01:52 AM
Jump to solution

sk163593: Autonomous Threat Prevention Management

sk169952: ATRG - Autonomous Threat Prevention

sk167109: Autonomous Threat Prevention Management integration Release Updates

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Sorin_Gogean
Advisor
‎2022-10-12 02:35 AM
In response to G_W_Albrecht
Jump to solution

thank you @G_W_Albrecht , I was following the sk163593 and sk167109 but didn't seen yet the sk169952 .

So I'll go over that and see if we'll clarify our questions or others arise 🙂.

 

thank you,

0 Kudos
Timothy_Hall
Legend Legend
Legend
‎2022-10-14 09:22 AM
In response to Sorin_Gogean
Jump to solution

Here are some of the pages covering Autonomous Threat Prevention in my IPS/AV/ABOT Immersion course you may find helpful, the pages below have been updated slightly from the R80.40 version of the document available for purchase at the moment.

 

ATP1.jpgATP2.jpgATP3.jpg

Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events