- Products
- Learn
- Local User Groups
- Partners
- More
Access Control and Threat Prevention Best Practices
5 November @ 5pm CET / 11am ET
Ask Check Point Threat Intelligence Anything!
October 28th, 9am ET / 3pm CET
Check Point Named Leader
2025 Gartner® Magic Quadrant™ for Hybrid Mesh Firewall
HTTPS Inspection
Help us to understand your needs better
CheckMates Go:
Spark Management Portal and More!
Let me add here what you should STOP using.
1. Install-on field on rules.
Create a separate policy for each security gateway/cluster.
2. Manual NAT-rules
Use manual NAT only for complex NAT where you will have to translate source and destination or port.
In all other cases use automatic NAT. It keeps your environment a lot less complex.
3. Rules that have tens of objects
Consolidate rules when possible, use simple object groups (avoid nested groups though) and allow access based on identities instead of IP-addresses.
4. Large policies with no structure
Use unified policies with inline layers, use section headers and add a comment to each rule.
5. Ordered layers
Use unified policies rather than having a separate policy for every access control blade
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY