https://community.checkpoint.com/t5/Firewall-and-Security-Management/Chromium-Edge-object-in-App-Control-URL-Filtering/m-p/244749#M47637 <P>In the end, the customer didn't have the time to dig into this so the TAC case was closed, but as far as we could see the Edge Chromium object allowed everything, even beyond Microsoft services, and they have full hTTPS Inspection.</P> <P>To be continued. <span class="lia-unicode-emoji" title=":grinning_face:">😀</span></P> Wed, 26 Mar 2025 05:32:17 GMT Alex- 2025-03-26T05:32:17Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Chromium-Edge-object-in-App-Control-URL-Filtering/m-p/243878#M47438 <P>R1.20 T98</P> <P>A customer has a strict APPI/URLF policy and wanted to go further by only allowing MS Edge (Chromium engineering) using the relevant object in the policy.</P> <P>While I don't have the exact details, it worked as intended.</P> <P>Fast forward to now, the customer had to remove that object as it was effectively allowing everything. That probably because of the broad category it's sitting in.</P> <P>For a while we tried that object to allow Edge updates but even than it acted more like a catch-all for ay kind of traffic.</P> <P>Two questions:</P> <P>a) What is the Chromium Edge object supposed to cover?</P> <P>b) Is there a way to use it in the policy to allow Edge as web agent?</P> <P>An SR is open for clarification.</P> Sun, 16 Mar 2025 19:04:07 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Chromium-Edge-object-in-App-Control-URL-Filtering/m-p/243878#M47438 Alex- 2025-03-16T19:04:07Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Chromium-Edge-object-in-App-Control-URL-Filtering/m-p/243881#M47440 <P>Let us know what TAC says.</P> <P>Andy</P> Sun, 16 Mar 2025 20:25:59 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Chromium-Edge-object-in-App-Control-URL-Filtering/m-p/243881#M47440 the_rock 2025-03-16T20:25:59Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Chromium-Edge-object-in-App-Control-URL-Filtering/m-p/244749#M47637 <P>In the end, the customer didn't have the time to dig into this so the TAC case was closed, but as far as we could see the Edge Chromium object allowed everything, even beyond Microsoft services, and they have full hTTPS Inspection.</P> <P>To be continued. <span class="lia-unicode-emoji" title=":grinning_face:">😀</span></P> Wed, 26 Mar 2025 05:32:17 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Chromium-Edge-object-in-App-Control-URL-Filtering/m-p/244749#M47637 Alex- 2025-03-26T05:32:17Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Chromium-Edge-object-in-App-Control-URL-Filtering/m-p/244836#M47647 <P>I know you can use the <A href="https://support.checkpoint.com/results/sk/sk103051" target="_self">Application Control Signature Tool</A> to create a signature for specific User Agent strings, which is what I assume our native signature for EDGE should be doing.<BR />TAC would be needed to figure out if the built-in signature is actually working correctly or not.</P> Wed, 26 Mar 2025 13:38:51 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Chromium-Edge-object-in-App-Control-URL-Filtering/m-p/244836#M47647 PhoneBoy 2025-03-26T13:38:51Z