Products: CheckPoint - Firewall and VPN
| Rule ID | Rule Name |
|---|---|
| MATCH-S00553 | Allowed Inbound RDP Traffic |
| LEGACY-S00013 | Connection to High Entropy Domain |
| THRESHOLD-S00074 | Excessive Firewall Denies |
| THRESHOLD-S00085 | Excessive Outbound Firewall Blocks |
| MATCH-S00454 | Firewall Allowed SMB Traffic |
| FIRST-S00030 | First Seen Outbound Connection to External IP Address on Port 445 from IP Address |
| FIRST-S00025 | First Seen SMB Allowed Traffic From IP |
| LEGACY-S00039 | GitHub Raw URL Resource Request |
| THRESHOLD-S00079 | Inbound Port Scan |
| THRESHOLD-S00080 | Internal Port Scan |
| THRESHOLD-S00081 | Internal Port Sweep |
| MATCH-S00554 | Outbound IRC Traffic |
| THRESHOLD-S00048 | Outbound Traffic to Countries Outside the United States |
| MATCH-S00835 | Possible Dynamic URL Domain |
| MATCH-S00558 | Potential Inbound VNC Traffic |
| MATCH-S00502 | RDP Traffic to Unexpected Host |
| MATCH-S00560 | SMTP Traffic from Non-SMTP Servers |
| OUTLIER-S00001 | Spike in Login Failures from a User |
| MATCH-S00555 | Threat Intel - Inbound Traffic Context |
| LEGACY-S00107 | Threat Intel Match - IP Address |
| Log Mapper ID | Log Mapper Name |
|---|---|
| 2f71feec-72e2-40cf-af6f-19c9dc3c1277 | Check Point ACCEPT |
| 54694e35-15f9-436c-b7b0-829640b0d601 | Check Point Allow |
| 1fdbfae1-89ee-4a12-a43e-983e3cb60ecc | Check Point Authorize Logs |
| 04d956ea-d444-4cfc-8b72-f849b6b5d743 | Check Point Block |
| 00d82464-50b6-46ef-8802-60cc0da03be0 | Check Point Bypass |
| 8bfbab0c-29dc-48e8-88bb-92a1115fb818 | Check Point Catch All |
| d48ad788-160c-462f-933f-31bc7939d692 | Check Point Deauthorize Logs |
| 56673afa-162e-4712-9aec-c2f9f5646bec | Check Point Decrypt Logs |
| bc02f421-24e9-4537-9eed-59f25ef5d736 | Check Point Detect |
| bc80861f-64f6-4eaa-87c5-f51540ccac27 | Check Point Drop |
| 7201eb2a-73a4-4d6f-b387-c4ccdbc17590 | Check Point Encrypt Logs |
| 911005b2-a055-42df-a3fa-f327745905a1 | Check Point Failed Log In |
| 9bde738e-d6b5-4397-abad-67d12a9db015 | Check Point HTTPS Bypass Logs |
| bd605be0-fa8e-4e57-8aac-6801edc90cbc | Check Point HTTPS Logs |
| 1ee00a7c-3767-4288-b361-1a611cc9bf21 | Check Point Key Install |
| e25a5e18-6d53-4301-a8d4-b8b2fb47983e | Check Point Log In |
| 4f79cd08-df6e-4763-8f02-e93218cc8935 | Check Point Log Out |
| 767b81f2-f052-44cc-823f-a4ff26faded7 | Check Point Prevent |
| 88383f45-4b56-45e4-b0da-03be50c845e7 | Check Point REJECT |
| 6a9feb6e-acfb-4f7b-ab8d-e0f9606aced2 | Check Point Redirect |
| 05b36bcd-1123-45f7-adbd-3c3ce997e638 | Check Point Update |
| b9134055-e5c4-4590-91f8-f260c183367b | Check Point VPN Routing |