Print Download Documentation Send Feedback

Previous

Next

Threat Prevention Engine Settings - General

What can I do here?

Use this window advanced settings for Threat Prevention such as:

Getting Here

Getting Here - Manage & Settings > Blades > Threat Prevention > Advanced Settings > Threat Prevention Engine Settings window > General page

Engine Settings

Fail Mode

Select the behavior of the ThreatSpect engine if it is overloaded or fails during inspection. For example, if the Anti-Bot inspection is terminated in the middle because of an internal failure. By default, in such a situation all traffic is allowed.

Check Point Online Web Service

The Check Point Online Web Service is used by the ThreatSpect engine for updated resource categorization. The responses the Security Gateway gets are cached locally to optimize performance.

Connection Unification

Gateway traffic generates a large amount of activity. To make sure that the amount of logs is manageable, by default, logs are consolidated by session. A session is a period that starts when a user first accesses an application or site. During a session, the gateway records one log for each application or site that a user accesses. All activity that the user does within the session is included in the log.

For connections that are allowed or blocked in the Anti-Bot and Anti-Virus Rule Base, the default session is 10 hours (600 minutes). To change this, click Session Timeout and enter a different value.

HTTP Inspection

Enable HTTP inspection on non-standard ports for Threat Prevention blades.