Hello Checkpoint Gurus,
When does it make sense to have multiple policies?
Our current environment is the following:
- a 4600 cluster(r77.30) - main office
- a 5400 cluster(r80.10) - in testing to replace the 4600 cluster in the main office
- a 5400 (r80.10) - DR data center
- a 3200 cluster (r80.10) remote office
- some 1180(r77.20) for remote offices - that are going to be migrated to 3200's (r80.10)
- a 410 mgmt appliance (r80.10)
We are running IPS on everything, except a few of the 1180's, and have plans on using IPS on the replacement 3200's.
I was thinking the following would make sense:
- a policy for all the r77.x
- a policy for all the r80.10
Any suggestions, comments or critiques are greatly welcomed and appreciated.
Thanks in advance.