Policy Mode

Policy mode allows you to:

  • Quickly configure a Threat Prevention policy by selecting a predefined policy mode (Detect only, Tuning and Optimized). Check Point automatically sets the appropriate operation mode (Detect, Prevent, Off) and Advanced Settings options for each capability.

  • Manually set the operation mode (Detect, Prevent, Off) and Advanced Settings options for each capability (Custom).

Notes:

  • The Detect only mode provides the basic protection. We recommend that you use the Detect only policy mode for the first few days to gather, monitor and analyze the data. Based on the analysis, you must switch to Tuning, Optimized or configure a Custom policy mode for enhanced protection. If you use the Detect only policy mode for the Default settings for the entire organization rule (default) for more than two days, the system shows a banner as a reminder to configure a stricter policy mode.

    If you click Dismiss, the system stops the notification only for you while it continues to appears for other users.

  • If you modify a predefined policy mode, it automatically changes to Custom.

To select a mode for a policy:

  1. Go to Policy > Threat Prevention > Policy Capabilities.
  2. Select the policy in the table.
  3. In the Capabilities and Exclusion pane, from the Policy Mode list:
    • Select a predefined mode:

      • Detect only

      • Tuning

      • Optimized

      The table shows the appropriate operation mode set for each capability for a policy mode.

    • Select Custom and set the operation mode manually. For more information, see .

  4. Click Save.
  5. Click Save & Install.

Updating a Predefined Policy Mode

Based on internal analysis and research, Check Point may suitably modify the operation mode or Advanced Settings of a predefined policy mode. If a predefined mode is updated, a notification appears.

  • Click Align to accept the updates. The system automatically updates to the new settings for the predefined mode.

  • Click Keep to retain the current settings. The policy mode changes to Custom.