This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Netadmin2020
Collaborator
‎2022-03-24 09:58 PM

Issue on matching rules after upgrading to 81.10

Hello guys,

after upgrading our gateways and secure management server to 81.10, there is suddenly a matching issue. I am attaching images.

Rules we working appropriate before the update. What are you proposing in this case? (images attached)

photo1.PNG

photo2.PNG

 

and in some cases I am seeing these:

 

photo3.PNG

photo4.PNG

 

 

 

  

0 Kudos
6 Replies
Netadmin2020
Collaborator
‎2022-03-24 03:21 PM

after going to 81.10, I am experiencing a new issue. Suddenly the is a matching issue on many destinations.Images attached.

Rules were working appropriate on 80.40...

 

Preview file
34 KB
Preview file
11 KB
0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2022-03-25 01:15 AM

I would suggest to contact TAC !

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
PhoneBoy
Admin
Admin
‎2022-03-25 06:03 AM

Those drops are probably: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...
The ones with HTTPS Inspection are probably related to the SNI probing we do to validate SNI (which can be spoofed).

0 Kudos
Naama_Specktor
Employee
Employee
‎2022-03-27 12:24 AM

Hi @Netadmin2020 

M name is  Naama Specktor and I am checkpoint employee ,

 

If you opened a TAC SR , I will appreciate it if you will share the number .

 

thanks,

 

Naama 

0 Kudos
Netadmin2020
Collaborator
‎2022-03-27 12:53 AM
In response to Naama_Specktor

I have already inform our partner for the current issue. I am little bit confused about https inspection and sni.Which is the best practice?

I am on 81.10, your proposal is to apply https bypass to everything and leave the sni to do the job?

 

0 Kudos
PhoneBoy
Admin
Admin
‎2022-03-28 04:51 PM
In response to Netadmin2020

HTTPS Inspection is needed to do full threat prevention and content inspection on encrypted traffic.

SNI is used to identify domains you are accessing without decrypting the connection.
It can also be used to determine whether or not a connection requires full HTTPS Inspection (i.e. as part of a bypass rule).

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    In-Person

    Tue 07 Oct 2025 @ 09:30 AM (CEST)

    CheckMates Live Denmark!
    CheckMates Events