This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
SAROU237
Explorer
‎2020-12-15 12:40 PM

Threat prevention policy

For access control policy:

When a packet arrives at the gateway, the gateway checks it against the rules in the top Policy Layer, sequentially from top to bottom, and enforces the first rule that matches a packet.

 

For threat prevention policy what is the step?

First IPS, after threat emulation after ?

Could you please explain me the step

0 Kudos
2 Replies
PhoneBoy
Admin
Admin
‎2020-12-15 03:19 PM

It's a little more complicated than that.
But in general, Access Control is first, then Threat Prevention, which happens as part of the Content Inspection process that involves multiple blades.
You can see a representation of the logical packet flow here: https://community.checkpoint.com/t5/General-Topics/R80-x-Security-Gateway-Architecture-Logical-Pack... 

0 Kudos
_Val_
Admin
Admin
‎2020-12-16 12:28 AM

This is a rough but pretty accurate visualisation for the layered policy enforcement

Screenshot 2020-12-16 at 09.26.02.png

Mind, with Unified Policy, you might conditionally match several rules, before the final AC/URLF decision is made. 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events
    Top