Manualshelf

User guide

ManualsBrandsCheck Point Software Technologies ManualsNetworkingSafe@Office 1000NW
481482483484485486487488489490
SmartDefense Categories
468 Check Point Safe@Office User Guide
IP Fragments
When an IP packet is too big to be transported by a network link, it is split into several
smaller IP packets and transmitted in fragments. To conceal a known attack or exploit, an
attacker might imitate this common behavior and break the data section of a single packet
into several fragmented packets. Without reassembling the fragments, it is not always
possible to detect such an attack. Therefore, the Safe@Office appliance always
reassembles all the fragments of a given IP packet, before inspecting it to make sure there
are no attacks or exploits in the packet.
You can configure how fragmented packets should be handled.