SmartDefense Categories
420 Check Point UTM-1 Edge User Guide
In this field… Do this…
Enforce IGMP to
multicast addresses
According to the IGMP specification, IGMP packets must be sent to
multicast addresses. Sending IGMP packets to a unicast or broadcast
address might constitute and attack; therefore the UTM-1 appliance
blocks such packets.
Specify whether to allow or block IGMP packets that are sent to non-
multicast addresses, by selecting one of the following:
• Block. Block IGMP packets that are sent to non-multicast
addresses. This is the default.
• None. No action.
Peer-to-Peer
SmartDefense can block peer-to-peer file-sharing traffic, by identifying the proprietary
protocols and preventing the initial connection to the peer-to-peer networks. This prevents
not only downloads, but also search operations.
This category includes the following nodes:
• BitTorrent
• eMule
• Gnutella
• KaZaA
• Winny
Note: SmartDefense can detect peer-to-peer traffic regardless of the TCP port being
used to initiate the session.
To Next Page