I have been working with several customers on their Threat Emulation deployment. Check Point has been very aggressive with updating the file types that this Software Blade supports. There was an update a week and a half ago which included
I suppose there is something to be said for “turnkey” solutions like the 2012 Appliances. Wonder how long it will take me to figure this one out.
So I have been updating the Check Point IPS signatures in my lab more aggressively lately, and flipped (almost all) of them into “protect” mode. I have noticed some of the signatures are detecting issues with some well known products