very basic Threat policy config and we have tried adding the cluster object to the protected scope. We originally had this MTA issue on Azure policy deployment and now it appears when pushing policy to 5900 HA cluster on R80.10 Take 24. Looks like a mgmt bug to me as we can fetch the threat prevention policy and access control policy successfully from CLI of each firewall Gateway.
This is a bridge mode deployment with only Mgmt Sync and Eth6 (direct link to Email Gateway) in Topology. So not sure we can do anything about this warning.
We have two bridges configured br1 = eth1 & eth2 br2= eth3 & eth4.
- Threat Prevention requires topology to be defined.
At least one internal, one external, and no undefined interfaces are required.
Incorrectly defined topology impacts performance and security.
Please install both Access Control and Threat Prevention policies after fixing the topology.
Gateway: Checkpoint-A
Policy: Standard
Status: Failed
- Checkpoint-A has MTA enabled, but it is not in the scope of any of the Threat Prevention policy rules.
- gen_amw_rulebase: amw_gen_mta_info() failed
- gen_amw_rulebase_tables: gen_amw_rulebase failed
- amw_load: gen_amw_rulebase_tables failed
- tp_load: amw_load() failed
- tp_load_main: Failed to load Threat Prevention policy
- Checkpoint-A has MTA enabled, but it is not in the scope of any of the Threat Prevention policy rules.
- main: Errors while loading Threat Prevention policy
- Operation was unsuccessful.
- Threat Prevention requires topology to be defined.
At least one internal, one external, and no undefined interfaces are required.
Incorrectly defined topology impacts performance and security.
Please install both Access Control and Threat Prevention policies after fixing the topology.
| User | Count |
|---|---|
| 4 | |
| 3 | |
| 2 | |
| 2 | |
| 1 | |
| 1 | |
| 1 |
Tue 05 Nov 2024 @ 10:00 AM (CET)
EMEA CM LIVE: 30 Years for the CISSP certification - why it is still on topTue 05 Nov 2024 @ 05:00 PM (CET)
Americas CM LIVE: - 30 Years for the CISSP certification - why it is still on topThu 07 Nov 2024 @ 05:00 PM (CET)
What's New in CloudGuard - Priorities, Trends and Roadmap InnovationsTue 05 Nov 2024 @ 10:00 AM (CET)
EMEA CM LIVE: 30 Years for the CISSP certification - why it is still on topTue 05 Nov 2024 @ 05:00 PM (CET)
Americas CM LIVE: - 30 Years for the CISSP certification - why it is still on topTue 12 Nov 2024 @ 03:00 PM (AEDT)
Topic No Suits, No Ties: From Calm to Chaos: the sudden impact of ransomware and its effects (APAC)Wed 20 Nov 2024 @ 05:00 PM (CET)
Under the Hood: DO NOT Renew your WAF without watching THIS!!Tue 19 Nov 2024 @ 12:00 PM (MST)
Salt Lake City: Infinity External Risk Management and Harmony SaaSWed 20 Nov 2024 @ 02:00 PM (MST)
Denver South: Infinity External Risk Management and Harmony SaaS
