Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Adiel_Ashrov
Employee Alumnus
Employee Alumnus
Jump to solution

The best solution for blocking malicious IP

Hey All,

What would you recommend as the best manner to block malicious IP's with a list that can be updated manually / automatically?

Regards,

Adiel

0 Kudos
1 Solution

Accepted Solutions
Martin_Valenta
Advisor

Custom IOC feed is nice, but it blocks only outbound and not inbound traffic. so take look on sk103154

View solution in original post

0 Kudos
6 Replies
Danny
Champion Champion
Champion

Check Points official recommendation (sk103154) is: Custom Intelligence Feeds - sk132193

0 Kudos
Martin_Valenta
Advisor

Custom IOC feed is nice, but it blocks only outbound and not inbound traffic. so take look on sk103154

0 Kudos
PhoneBoy
Admin
Admin

That limitation in Custom IOC feeds will be removed in R81.

0 Kudos
D_W
Advisor

hello, with sk103154 i see only inbound traffic dropped. What do i miss?

0 Kudos
TP_Master
Employee
Employee

Hi

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

SK132193 -- is our recommendation.

Starting R81, IPs support IPv6 addresses AND they block inbound AND outbound

 

0 Kudos
D_W
Advisor

Hello, ok R81 is not an option. We have R80.40 atm.

At SK132193 i see the limitation "Inbound traffic to a host behind the gateway does not get blocked...." -> R81 supports both directions - ok.

So that is the complete inverted situation?! With R80.40: SK103154 blocks only inbound and SK132193 blocks only outbound?
Can you show me a workaround with R80.40 to block inbound&outbound - can I mix SK103154 and SK132193?

Cheers,
David

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events