https://community.checkpoint.com/t5/Firewall-and-Security-Management/URL-filtering/m-p/144964#M22616 <P>Hi all,</P><P>anyone can share me the best practice URL filtering on Checkpoint&nbsp;</P><P>it is possible if the url/app&nbsp; layer allows specific sources and destination with specific service&nbsp;</P><P>The cleanup rule at url/ app layer&nbsp;<STRONG> drop any&nbsp;</STRONG></P><P>&nbsp;</P><P>---&gt;&gt; Based on my experience&nbsp;</P><P>at URL and APP layer&nbsp;</P><P>Deny specific destination URL or app&nbsp;</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Screenshot_1.png" style="width: 999px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/15869i8E2ECDBDA6A49DBD/image-size/large?v=v2&amp;px=999" role="button" title="Screenshot_1.png" alt="Screenshot_1.png" /></span></P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Capture.PNG" style="width: 853px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/15866i8B26AE1A23DDCA61/image-size/large?v=v2&amp;px=999" role="button" title="Capture.PNG" alt="Capture.PNG" /></span></P><DIV class="">&nbsp;</DIV><DIV class="">I hope everyone can understand what I descript here.</DIV><DIV class="">&nbsp;</DIV><DIV class="">Thanks</DIV><P>&nbsp;</P> Tue, 29 Mar 2022 09:56:48 GMT leangm 2022-03-29T09:56:48Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/URL-filtering/m-p/144964#M22616 <P>Hi all,</P><P>anyone can share me the best practice URL filtering on Checkpoint&nbsp;</P><P>it is possible if the url/app&nbsp; layer allows specific sources and destination with specific service&nbsp;</P><P>The cleanup rule at url/ app layer&nbsp;<STRONG> drop any&nbsp;</STRONG></P><P>&nbsp;</P><P>---&gt;&gt; Based on my experience&nbsp;</P><P>at URL and APP layer&nbsp;</P><P>Deny specific destination URL or app&nbsp;</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Screenshot_1.png" style="width: 999px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/15869i8E2ECDBDA6A49DBD/image-size/large?v=v2&amp;px=999" role="button" title="Screenshot_1.png" alt="Screenshot_1.png" /></span></P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Capture.PNG" style="width: 853px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/15866i8B26AE1A23DDCA61/image-size/large?v=v2&amp;px=999" role="button" title="Capture.PNG" alt="Capture.PNG" /></span></P><DIV class="">&nbsp;</DIV><DIV class="">I hope everyone can understand what I descript here.</DIV><DIV class="">&nbsp;</DIV><DIV class="">Thanks</DIV><P>&nbsp;</P> Tue, 29 Mar 2022 09:56:48 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/URL-filtering/m-p/144964#M22616 leangm 2022-03-29T09:56:48Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/URL-filtering/m-p/144966#M22617 <P>Do NOT do that...all traffic will be dropped. When you have more than 1 ordered layer, traffic has to be accepted on every ordered layer, see below:</P> <P><A href="https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_SecurityManagement_AdminGuide/Topics-SECMG/Ordered-Layers-and-Inline-Layers.htm" target="_blank">https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_SecurityManagement_AdminGuide/Topics-SECMG/Ordered-Layers-and-Inline-Layers.htm</A></P> <P>Also, see link below, best practice for app control / url filtering and access control:</P> <P><A href="https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_SecurityManagement_AdminGuide/Topics-SECMG/Best-Practices-for-Access-Control-Rules.htm" target="_blank">https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_SecurityManagement_AdminGuide/Topics-SECMG/Best-Practices-for-Access-Control-Rules.htm</A></P> <P><A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk112249&amp;partition=Basic&amp;product=Application" target="_blank">https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk112249&amp;partition=Basic&amp;product=Application</A></P> <P>&nbsp;</P> Tue, 29 Mar 2022 09:50:24 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/URL-filtering/m-p/144966#M22617 the_rock 2022-03-29T09:50:24Z