The Policy Settings for Wi-Fi networks has been expanded to allow administrators to set the risk level for different kinds of man-in-the-middle attacks and to add additional external URLs used to detect man-in-the-middle attacks.
These settings can be configured by navigating to Settings > Policy Settings > WiFi Network.
The administrator can change the risk level for SSL Stripping, SSL Interception (Basic), and SSL Interception (Advanced) to one of the following levels:
| Term | Definition |
|---|---|
SSL Stripping | MitM attack that intercepts all network traffic redirection from HTTP to HTTPS and "strips" the HTTPS call leaving the traffic as HTTP. |
SSL Interception (Basic) | MitM attack that intercepts HTTPS traffic by using an invalid certificate that does not exist on the device's trusted certificates or not trusted by a root CA. |
SSL Interception (Advanced) | MitM attack that intercepts HTTPS traffic by using a valid certificate that does not match the certificate of the server. |
Man-in-the-middle attacks are detected by making https function calls from the device to a honeypot. In case an attacker managed to drop or intercept the connection to the known honeypot, the man-in-the-middle detection will fail to detect the attack. Allowing the administrator to enter additional external URLs to the inspection list, the man-in-the-middle detection is extended to check more websites, making it harder for attackers to circumvent the man-in-the-middle detection.
Adding websites used by your organization for day-to-day business is recommended.
Mon 25 Nov 2024 @ 02:00 PM (EST)
(Americas) AI Series Part 3: Maximizing AI to Drive Growth and EfficiencyTue 26 Nov 2024 @ 10:00 AM (CET)
EMEA Session: Automated Collaborative Prevention with 3rd Party Endpoint SolutionsTue 26 Nov 2024 @ 03:00 PM (CET)
Navigating NIS2: Practical Steps for Aligning Security and ComplianceTue 26 Nov 2024 @ 05:00 PM (CET)
Discover the Future of Cyber Security: What’s New in Check Point’s Quantum R82Tue 03 Dec 2024 @ 10:00 AM (GMT)
UK Community CNAPP Training Day 1: Cloud Risk Management WorkshopTue 03 Dec 2024 @ 05:00 PM (CET)
Americas CM Session: Automated Collaborative Prevention with 3rd Party Endpoint SolutionsMon 25 Nov 2024 @ 02:00 PM (EST)
(Americas) AI Series Part 3: Maximizing AI to Drive Growth and EfficiencyTue 26 Nov 2024 @ 10:00 AM (CET)
EMEA Session: Automated Collaborative Prevention with 3rd Party Endpoint SolutionsTue 26 Nov 2024 @ 03:00 PM (CET)
Navigating NIS2: Practical Steps for Aligning Security and ComplianceTue 26 Nov 2024 @ 05:00 PM (CET)
Discover the Future of Cyber Security: What’s New in Check Point’s Quantum R82Tue 03 Dec 2024 @ 05:00 PM (CET)
Americas CM Session: Automated Collaborative Prevention with 3rd Party Endpoint SolutionsTue 03 Dec 2024 @ 10:00 AM (GMT)
UK Community CNAPP Training Day 1: Cloud Risk Management WorkshopWed 04 Dec 2024 @ 10:00 AM (GMT)
UK Community CNAPP Training Day 2: Cloud Risk Management Workshop
