Prev Question
Next Question

On the following graphic, you will find layers of policies.

What is a precedence of traffic inspection for the defined polices?

A.
A packet arrives at the gateway, it is checked against the rules in the networks policy layer and then if
implicit Drop Rule drops the packet, it comes next to IPS layer and then after accepting the packet it passes
to Threat Prevention layer.

B.
A packet arrives at the gateway, it is checked against the rules in the networks policy layer and then if there
is any rule which accepts the packet, it comes next to IPS layer and then after accepting the packet it
passes to Threat Prevention layer

C.
A packet arrives at the gateway, it is checked against the rules in the networks policy layer and then if there
is any rule which accepts the packet, it comes next to Threat Prevention layer and then after accepting the
packet it passes to IPS layer.

D.
A packet arrives at the gateway, it is checked against the rules in IPS policy layer and then it comes next to
the Network policy layer and then after accepting the packet it passes to Threat Prevention layer.

Explanation:
To simplify Policy management, R80 organizes the policy into Policy Layers. A layer is a set of
rules, or a Rule Base.
For example, when you upgrade to R80 from earlier versions:
Gateways that have the Firewall and the Application Control Software Blades enabled will have their Access
Control Policy split into two ordered layers: Network and Applications.
When the gateway matches a rule in a layer, it starts to evaluate the rules in the next layer.Gateways that have the IPS and Threat Emulation Software Blades enabled will have their Threat
Prevention policies split into two parallel layers: IPS and Threat Prevention.
All layers are evaluated in parallel
https://sc1.checkpoint.com/documents/R80/CP_R80_SecMGMT/html_frameset.htm?
topic=documents/R80/CP_R80_SecMGMT/126197

Prev Question
Next Question

Leave a Reply

Your email address will not be published. Required fields are marked *