Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Adiel_Ashrov
Employee Alumnus
Employee Alumnus
Jump to solution

The best solution for blocking malicious IP

Hey All,

What would you recommend as the best manner to block malicious IP's with a list that can be updated manually / automatically?

Regards,

Adiel

1 Solution

Accepted Solutions
Martin_Valenta
Advisor

Custom IOC feed is nice, but it blocks only outbound and not inbound traffic. so take look on sk103154

View solution in original post

6 Replies
Danny
Champion Champion
Champion

Check Points official recommendation (sk103154) is: Custom Intelligence Feeds - sk132193

Martin_Valenta
Advisor

Custom IOC feed is nice, but it blocks only outbound and not inbound traffic. so take look on sk103154

PhoneBoy
Admin
Admin

That limitation in Custom IOC feeds will be removed in R81.

D_W
Advisor

hello, with sk103154 i see only inbound traffic dropped. What do i miss?

TP_Master
Employee
Employee

Hi

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

SK132193 -- is our recommendation.

Starting R81, IPs support IPv6 addresses AND they block inbound AND outbound

 

D_W
Advisor

Hello, ok R81 is not an option. We have R80.40 atm.

At SK132193 i see the limitation "Inbound traffic to a host behind the gateway does not get blocked...." -> R81 supports both directions - ok.

So that is the complete inverted situation?! With R80.40: SK103154 blocks only inbound and SK132193 blocks only outbound?
Can you show me a workaround with R80.40 to block inbound&outbound - can I mix SK103154 and SK132193?

Cheers,
David

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    Tue 18 Mar 2025 @ 09:30 AM (EET)

    CheckMates Live Greece

    Tue 25 Mar 2025 @ 12:00 PM (MDT)

    Salt Lake City: CPX 2025 Recap

    Tue 08 Apr 2025 @ 12:00 PM (MDT)

    Denver: CPX 2025 Recap
    CheckMates Events