https://community.checkpoint.com/t5/Firewall-and-Security-Management/HTTPS-Inspection-Bypass-and-Identity-Awareness/m-p/124645#M17985 <P>With R80.40 and up, both management and GWs, you can use Access Roles in HTTPSi policy, but not in R80.30 and below</P> Thu, 22 Jul 2021 07:32:37 GMT _Val_ 2021-07-22T07:32:37Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/HTTPS-Inspection-Bypass-and-Identity-Awareness/m-p/124581#M17969 <P>Can anyone tell me if R80.30 or R80.40 support HTTPS Inspection Bypass in conjunction with source User and Machine Identities?&nbsp; We are running R80.20 and have a need to selectively bypass some services but only for a subset of users/machines so wanted to know if upgrading to either of these versions would solve this need for us.</P> Wed, 21 Jul 2021 18:31:01 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/HTTPS-Inspection-Bypass-and-Identity-Awareness/m-p/124581#M17969 Gregory_Link 2021-07-21T18:31:01Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/HTTPS-Inspection-Bypass-and-Identity-Awareness/m-p/124586#M17972 <P><a href="https://community.checkpoint.com/t5/user/viewprofilepage/user-id/24856">@Gregory_Link</a>&nbsp;</P> <P>This is possible. You can define https inspection rules with access-roles as source or destination.</P> Wed, 21 Jul 2021 18:48:07 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/HTTPS-Inspection-Bypass-and-Identity-Awareness/m-p/124586#M17972 Wolfgang 2021-07-21T18:48:07Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/HTTPS-Inspection-Bypass-and-Identity-Awareness/m-p/124587#M17973 <P>Can I ask what versions currently support this functionality?</P> Wed, 21 Jul 2021 18:49:27 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/HTTPS-Inspection-Bypass-and-Identity-Awareness/m-p/124587#M17973 Gregory_Link 2021-07-21T18:49:27Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/HTTPS-Inspection-Bypass-and-Identity-Awareness/m-p/124589#M17975 <P>Good question, I don‘t remember from which version this was working. But because of some other problems with https inspection we upgraded all environments to R80.40 or higher if https inspection is used.</P> Wed, 21 Jul 2021 19:06:53 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/HTTPS-Inspection-Bypass-and-Identity-Awareness/m-p/124589#M17975 Wolfgang 2021-07-21T19:06:53Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/HTTPS-Inspection-Bypass-and-Identity-Awareness/m-p/124602#M17977 <P>R80.40 moves the HTTPS Inspection policy into SmartConsole, which I believe also gives you more options in terms of what objects can be used in the policy.</P> Wed, 21 Jul 2021 20:20:32 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/HTTPS-Inspection-Bypass-and-Identity-Awareness/m-p/124602#M17977 PhoneBoy 2021-07-21T20:20:32Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/HTTPS-Inspection-Bypass-and-Identity-Awareness/m-p/124645#M17985 <P>With R80.40 and up, both management and GWs, you can use Access Roles in HTTPSi policy, but not in R80.30 and below</P> Thu, 22 Jul 2021 07:32:37 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/HTTPS-Inspection-Bypass-and-Identity-Awareness/m-p/124645#M17985 _Val_ 2021-07-22T07:32:37Z