This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Ihenock1011
Advisor
3 hours ago

Optimizing Threat Prevention best practice on Inspection Setting

Hi All,

We have a Check Point R81.10 Security Gateway, and we aim to fine-tune our Threat Prevention to ensure optimal configuration and adhere to best practices. We seek guidance on which features to activate in the inspection settings, located under Manage & Settings > Blades > Inspection Settings.

Thanks,

0 Kudos
4 Replies
AkosBakos
Advisor
Advisor
2 hours ago

Hi @Ihenock1011 

There are two way's, I think:

1: https://support.checkpoint.com/results/sk/sk95193

2: https://community.checkpoint.com/t5/Security-Gateways/Announcement-Max-Power-2020-Check-Point-Firewa...

@Timothy_Hall's book is really worth the money. This book helped me a lot!

Akos

----------------
\m/_(>_<)_\m/
the_rock
Legend
Legend
2 hours ago
In response to AkosBakos

Absolutely, book is fantastic!

Andy

Chris_Atkinson
Employee Employee
Employee
2 hours ago

Optimize for performance or protection a balance?

The Threat Prevention guide has sections on "Optimizing IPS" e.g. https://sc1.checkpoint.com/documents/R81.20/WebAdminGuides/EN/CP_R81.20_ThreatPrevention_AdminGuide/...

For some environments adopting Autonomous Threat Prevention might be a good approach.

HCP also has specific Threat Prevention tests that you can enable.

CCSM R77/R80/ELITE
the_rock
Legend
Legend
2 hours ago

Hey bro,

Nice to see you here again! Btw, I would make sure you have this configured as per below screenshot. Having recommended protection for inspection setting is better for ddos protection, BUT, it could cause other issues, so maybe better dont change it.

Andy

 

Screenshot_1.png

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events