- Products
- Learn
- Local User Groups
- Partners
- More
Check Point Jump-Start Online Training
Now Available on CheckMates for Beginners!
Why do Hackers Love IoT Devices so Much?
Join our TechTalk on Aug 17, at 5PM CET | 11AM EST
Welcome to Maestro Masters!
Talk to Masters, Engage with Masters, Be a Maestro Master!
ZTNA Buyer’s Guide
Zero Trust essentials for your most valuable assets
The SMB Cyber Master
Boost your knowledge on Quantum Spark SMB gateways!
As YOU DESERVE THE BEST SECURITY
Upgrade to our latest GA Jumbo
CheckFlix!
All Videos In One Space
R80.10 - Why some of IPS signatures showing as inactive?
IPS Signatures
This is the profile configuration.
I have gone through the one of post as given below:-
https://community.checkpoint.com/t5/Policy-Management/IPS-Protections-in-Detect-Staging/td-p/15373
But my profile setting is not anything in inactive mode. So trying to understand why few signatures still as in inactive.
Thanks & Regards
Amit
All IPS signatures showing as Inactive in your screenshot have a performance impact rating of High or Critical. Your TP profile states that all signatures with a performance impact of Medium or lower should be activated, thus inactivating all signatures with a High or Critical performance impact. Activating IPS signatures with a High or Critical performance impact can have an adverse effect on firewall CPU load, as IPS signatures with a performance rating of High are handled approximately 50% in the Medium Path/PXL and 50% in the Firewall Path/F2F, while signatures with a Critical performance impact are handled 100% in the Firewall Path/F2F. This adverse performance impact can be particularly noticeable on firewalls with less than 8 cores.
All IPS signatures showing as Inactive in your screenshot have a performance impact rating of High or Critical. Your TP profile states that all signatures with a performance impact of Medium or lower should be activated, thus inactivating all signatures with a High or Critical performance impact. Activating IPS signatures with a High or Critical performance impact can have an adverse effect on firewall CPU load, as IPS signatures with a performance rating of High are handled approximately 50% in the Medium Path/PXL and 50% in the Firewall Path/F2F, while signatures with a Critical performance impact are handled 100% in the Firewall Path/F2F. This adverse performance impact can be particularly noticeable on firewalls with less than 8 cores.
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY