AnsweredAssumed Answered

Threat Prevention Policy Layers

Question asked by Demith Samaraweera on Jul 18, 2018
Latest reply on Oct 14, 2018 by Demith Samaraweera

Hi All

We have a situation where R80.10 Mgmt/GW we have created multiple Threat Prevention (TP) rules, each rule with different blade (Profile) enable, 

e.g.

Rule 1- IPS

Rule 2 - AV

Rule 3 - Threat Prevention

Isn't Check Point supposed to go through each and every rule and execute all blades?

What we see it just hits the first rule (IPS) blade and other rules has no hits, for example TP has no hits or files uploaded to CP cloud for analysis, same with AV

If I edit the first rule and configure it enable all the blades it works.

 

Is this normal behavior?

Outcomes