Implementing HTTPS Inspection in a Multi-Tenant VSX Setup — What’s the Industry Standard?

abutayyab — Thu, 04 Sep 2025 17:25:44 GMT

Hey,

I am deploying a Check Point cluster in VSX VSLS mode for an MSSP solution, which we're offering to our customers. Every virtual-system connects to the customer network via a site-to-site VPN. And I have enabled blades like APPI, URLF, TE & TEX, SSL_INSPECT, IPS, AV & ABOT. I would like to inspect a certain amount of customer traffic using HTTPS Inspection and gradually tweak this setting after observing the resource utilization over a period of time. What is the golden standard for deploying HTTPS Inspection? What web categories and sites should I always opt to inspect, keeping in mind the security posture?

Since every customer would have a different environment, and I don't want to have a generic solution that would fit everyone. But I would like to understand where I can start to begin with?

Moreover, is there a utility out there that I can put to use to measure how efficiently my gateway is inspecting all this traffic?

Thanks!

Abdul Tayyeb R.

Re: Implementing HTTPS Inspection in a Multi-Tenant VSX Setup — What’s the Industry Standard?

_Val_ — Mon, 08 Sep 2025 09:50:28 GMT

Please read https://support.checkpoint.com/results/sk/sk108202

Re: Implementing HTTPS Inspection in a Multi-Tenant VSX Setup — What’s the Industry Standard?

_Val_ — Wed, 17 Sep 2025 11:53:24 GMT

@abutayyab I take it that you foud what you needed. Let us know if you need any additional assistance.

topic Re: Implementing HTTPS Inspection in a Multi-Tenant VSX Setup — What’s the Industry Standard? in Firewall and Security Management

Implementing HTTPS Inspection in a Multi-Tenant VSX Setup — What’s the Industry Standard?

Re: Implementing HTTPS Inspection in a Multi-Tenant VSX Setup — What’s the Industry Standard?

Re: Implementing HTTPS Inspection in a Multi-Tenant VSX Setup — What’s the Industry Standard?