Who rated this post

cancel
Showing results for 
Search instead for 
Did you mean: 
Danny
Champion Champion
Champion

I recommend to search for /clients/MyCRL or simply mycrl in order to identify those malicious http post requests.

Non compliant http post requests are blocked by Access Control:
image.png

Compliant http post requests might be shown as prevented by IPS but keep in mind that this will only secure Check Point VPN gateways behind an IPS gateway. If your VPN blade is on the same system as your IPS blade, the http post requests will be successful even if the log shows prevent.
image.png

(1)
Who rated this post