Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Olga_Kuts
Advisor

Anti-Virus deep scanning reccomendation

Hello!

Are there any Check Point recommendations for Anti-Virus deep scanning enabling? In terms of performance we understand that performance impact is increasing, but what about security side? Are there some best practices about this?

Thanks!

0 Kudos
2 Replies
Kiran_Naidu1
Participant

Please refer the sk100633  (Best Practices - threats investigation using Threat Prevention Software Blades).
Following  Presentation: Investigative Best Practices with Threat Prevention in the sk will help you in better utilization of the threat prevention blades as per your environment.

Regards

Kiran Naidu

0 Kudos
Timothy_Hall
Champion
Champion

First off, AV Deep Scanning invokes components that were created by Kaspersky Labs:

sk118539: How to disable and remove Kaspersky Labs components from Check Point Security Gateway

From a performance perspective, deep scanning invokes additional inspection that takes place outside the kernel of the firewall in process space.  Any trip between the firewall's kernel and process space will cause a fair amount of extra overhead, I refer to these trips as the firewall's "fourth path" (in addition to SXL, PXL, F2F).

--
My book "Max Power: Check Point Firewall Performance Optimization"
now available via http://maxpowerfirewalls.com.

Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events