- CheckMates
- :
- Products
- :
- Quantum
- :
- Threat Prevention
- :
- Re: Will IPS inspect decrypted traffic on a gatewa...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Will IPS inspect decrypted traffic on a gateway with site-to-site VPN?
I am trying to figure out IPS workflow on an R80.10 gateway with site-to-site VPN. Does it inspect the traffic after it is decrypted or just the encrypted traffic which probably won't have much to be inspected. Thanks.
1 Reply
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
On an R77.30 gateway traffic decrypted from a VPN will only be inspected if the Protection Scope setting is set to "Perform IPS inspection on all traffic", assuming the VPN tunnel is terminating on an external interface.
For an R80.10+ gateway, IPS will inspect the traffic after decryption assuming a TP rule matches the decrypted traffic attributes, and the Profile in the matching TP rule's Action column calls for IPS inspection.
Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com
now available at maxpowerfirewalls.com