- Products
- Learn
- Local User Groups
- Partners
- More
The State of Ransomware Q1 2026
Key Trends and Their Impact
Good, Better, Best:
Prioritizing Defenses Against Credential Abuse
AI Security Masters E7:
How CPR Broke ChatGPT's Isolation and What It Means for You
Blueprint Architecture for Securing
The AI Factory & AI Data Center
Call For Papers
Your Expertise. Our Stage
CheckMates Go:
CheckMates Fest
OK, let's say your rule is: Source: 10.1.1.0/24 ; Dest: apple.com ; Service: https
If the gateway sees HTTPS traffic from a source 172.16.1.1 to any IP, the gateway does not do a lookup on the FQDN because the source cannot match the rule.
If the gateway sees SSH traffic from 10.1.1.1 to any IP, the gateway does not do a lookup on the FQDN because the service cannot match the rule.
If the gateway sees HTTPS traffic from 10.1.1.1 to any IP, the gateway DOES do a lookup for apple.com, because the connection could match the rule. If the destination IP matches the returned IP address from the lookup, the rule is matched. If it does not match, the rule matching continues down the policy.
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY
