This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
carl_t
Contributor
‎2022-05-19 01:40 AM

Threat Prevention - IPS policy

Jump to solution

Hi All

Can anyone clarify for me the below

1.Under the Threat Prevention, I see IPS and threat prevention layers, yet IPS is enabled on the Threat Prevention profile anyway.

Is the IPS layer just there for pre R80 or R77 software from when it was upgraded and is no longer needed?

 

2.Under the Threat prevention rule, if we click on the arrow, we get E-1.1 etc, are these just all the exceptions which also can be accessed under the Exceptions menu also?

 

cheers

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin
‎2022-05-19 06:28 PM

Jump to solution

If you don’t manage any pre-R80 gateways, you can remove the IPS layer.

The Threat Prevention exceptions may or not be listed as rules in the policy as the policy can be more granular.

View solution in original post

2 Replies
PhoneBoy
Admin
Admin
‎2022-05-19 06:28 PM

Jump to solution

If you don’t manage any pre-R80 gateways, you can remove the IPS layer.

The Threat Prevention exceptions may or not be listed as rules in the policy as the policy can be more granular.

Timothy_Hall
Champion
Champion
‎2022-05-20 05:38 AM

Jump to solution

To further expand on what PhoneBoy said, here is the relevant page from my IPS/AV/ABOT video series that fully explains the Legacy IPS layer and how to get rid of it:

IPS_Legacy.png

New 2021 IPS/AV/ABOT Immersion Self-Guided Video Series
now available at http://www.maxpowerfirewalls.com
0 Kudos