Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Di_Junior
Advisor

Software Blade

Hi Guys,

I have a doubt about IPS software blade. I would like to know if it is possible to limit the number of connections to an internal host using the IPS software blade.

0 Kudos
4 Replies
KennyManrique
Advisor

Hi Dialu,

Of course you can, please check the following IPS Protections (and Inspection Settings on R80.X):

  • Network Quota (limit the number of connections allowed from the same source)
  • Review the "Web Servers Flooding Denial of Service" protections (for HTTP, UDP and SSL)
  • Review the "Denial of Service" protections in general (some of them allow you to configure parameters of inspection)

Regards.

Timothy_Hall
Champion
Champion

If SecureXL is enabled the best way to do this is using the Rate Limiting feature described in the R77 Security Gateway Technical Administration Guide.  Command is fw samp add quota as shown here:

Using the IPS Network Quota signature will work as well, but will pretty much eliminate any chance of SecureXL accelerating anything whatsoever on the firewall.

--
My Book "Max Power: Check Point Firewall Performance Optimization"
Second Edition Coming Soon

Watch My 2023 CPX360 Speech Titled "Max Power
Reloaded: R81+ Gateway Performance Innovations"
Di_Junior
Advisor

Thank you

0 Kudos
Di_Junior
Advisor

Thank you.

0 Kudos