This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Help

Who rated this post

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Timothy_Hall
MVP Gold
MVP Gold
‎2023-08-20 07:07 AM
In response to Jonathan

The issues you are experiencing are related to your use of the legacy "IPS" layer.  This layer was intended to be used only by R77.30 and earlier gateways and will work with newer gateways, but is inappropriate for use with a gateway running R80.10+ or later.  This IPS layer reflects the inherent limitations in the IPS feature on R77.30 and earlier gateways; the IPS capabilities and management were significantly overhauled and unified with the rest of Threat Prevention in R80.10+.

You've already encountered one of those limitations: R77.30 and earlier gateways did not have "Inactive" as a possibility for an exception so while it will let you set that in the SmartConsole, you get Detect anyway.  That type of exception will work correctly once you get rid of the legacy IPS layer.   Check out the two threads below for the procedure, and I've also included the page from my R81.20 IPS/AV/ABOT Immersion self-guided video course discussing the legacy IPS layer.

Move IPS profile rules to Threat Prevention layer

Difference IPS and ThreatPrevention

ips_layer.png

New Book: "Max Power 2026" Coming Soon
Check Point Firewall Performance Optimization

View solution in original post

(1)
Who rated this post