We have a client who is hesitant to block on threat signatures unless the signature has a high confidence that it will not create false positives. He says this is available in Checkpoint. I'm still searching for documentation on PA, but haven't found anything yet. Is this possible? Thank you!

Hi all, I need some of your expert advice. We have a PA in a Datacenter that has 5 ISP running OSPF with the firewall and is running perfectly fine. We now have a 6th ISP which is a link express route into azure. The option for this azure link is the lowest option, only allowing 4000 routes maximum anything exceeding this causes issues. BGP is established between the firewall and the 6th ISP, OSPF to BGP & BGP to OSPF redistribution is working perfectly fine. The issue having is to summarize the routes between the two protocols avoiding the advertising of more than 4000 routes over the express route (BGP) into Azure. Is this possible on both OSPF and BGP. Tried using the redistribution destination subnets on both does not seem to work with priorities, on BGP tried the aggregate summarization does not seem to work either also tried including Export in BGP matching prefixes. In the local rib can see the networks advertised, but not on RIB out when applying filters in the routing protocols changes.

Using Dynamic Groups - Autotagging - Use Cases Hello good afternoon, as always, thanks for your time, comments and good vibes. Thinking about automating and anticipating some possible blockages and denials using Dynamic Groups - Autotag can you support me and comment me with some use cases ? Also, if you have implemented it, has it brought you good results ? does it work as expected ? what is the main thing to keep in mind when implementing it ? Thanks, I remain attentive Best regards