This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Di_Junior
Advisor
‎2017-12-04 07:48 AM

Software Blade

Hi Guys,

I have a doubt about IPS software blade. I would like to know if it is possible to limit the number of connections to an internal host using the IPS software blade.

0 Kudos
4 Replies
KennyManrique
Advisor
‎2017-12-04 11:53 AM

Hi Dialu,

Of course you can, please check the following IPS Protections (and Inspection Settings on R80.X):

  • Network Quota (limit the number of connections allowed from the same source)
  • Review the "Web Servers Flooding Denial of Service" protections (for HTTP, UDP and SSL)
  • Review the "Denial of Service" protections in general (some of them allow you to configure parameters of inspection)

Regards.

Timothy_Hall
Champion
Champion
‎2017-12-04 03:11 PM
In response to KennyManrique

If SecureXL is enabled the best way to do this is using the Rate Limiting feature described in the R77 Security Gateway Technical Administration Guide.  Command is fw samp add quota as shown here:

Using the IPS Network Quota signature will work as well, but will pretty much eliminate any chance of SecureXL accelerating anything whatsoever on the firewall.

--
My Book "Max Power: Check Point Firewall Performance Optimization"
Second Edition Coming Soon

Watch My 2023 CPX360 Speech Titled "Max Power
Reloaded: R81+ Gateway Performance Innovations"
Di_Junior
Advisor
‎2017-12-05 12:18 AM
In response to Timothy_Hall

Thank you

0 Kudos
Di_Junior
Advisor
‎2017-12-05 12:18 AM
In response to KennyManrique

Thank you.

0 Kudos