- CheckMates
- :
- Products
- :
- Quantum
- :
- Threat Prevention
- :
- The best solution for blocking malicious IP
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The best solution for blocking malicious IP
Hey All,
What would you recommend as the best manner to block malicious IP's with a list that can be updated manually / automatically?
Regards,
Adiel
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Custom IOC feed is nice, but it blocks only outbound and not inbound traffic. so take look on sk103154
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Check Points official recommendation (sk103154) is: Custom Intelligence Feeds - sk132193
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Custom IOC feed is nice, but it blocks only outbound and not inbound traffic. so take look on sk103154
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
That limitation in Custom IOC feeds will be removed in R81.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
hello, with sk103154 i see only inbound traffic dropped. What do i miss?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi
SK132193 -- is our recommendation.
Starting R81, IPs support IPv6 addresses AND they block inbound AND outbound.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello, ok R81 is not an option. We have R80.40 atm.
At SK132193 i see the limitation "Inbound traffic to a host behind the gateway does not get blocked...." -> R81 supports both directions - ok.
So that is the complete inverted situation?! With R80.40: SK103154 blocks only inbound and SK132193 blocks only outbound?
Can you show me a workaround with R80.40 to block inbound&outbound - can I mix SK103154 and SK132193?
Cheers,
David
