https://community.checkpoint.com/t5/Endpoint/HTTPS-categorization-on-non-standard-ports-ie-not-80-or-443/m-p/32944#M820 <HTML><HEAD></HEAD><BODY><P>R77.30 and earlier are not quite as flexible, but there is an option to perform HTTP Inspection on non-standard ports:</P><P></P><P><IMG class="image-1 jive-image" src="https://community.checkpoint.com/legacyfs/online/checkpoint/66616_pastedImage_1.png" /></P></BODY></HTML> Thu, 21 Jun 2018 16:37:43 GMT PhoneBoy 2018-06-21T16:37:43Z https://community.checkpoint.com/t5/Endpoint/HTTPS-categorization-on-non-standard-ports-ie-not-80-or-443/m-p/32941#M817 <HTML><HEAD></HEAD><BODY><P>Does HTTPS categorization work on non-standard ports? How does the gateway decide that it has to or can categorize a site?&nbsp;</P></BODY></HTML> Thu, 21 Jun 2018 02:45:53 GMT https://community.checkpoint.com/t5/Endpoint/HTTPS-categorization-on-non-standard-ports-ie-not-80-or-443/m-p/32941#M817 Colin_Campbell1 2018-06-21T02:45:53Z https://community.checkpoint.com/t5/Endpoint/HTTPS-categorization-on-non-standard-ports-ie-not-80-or-443/m-p/32942#M818 <HTML><HEAD></HEAD><BODY><P>The list of services defined under Application Control Web Browsing Services would be the safest bet.</P><P><IMG class="image-1 jive-image" src="https://community.checkpoint.com/legacyfs/online/checkpoint/66576_pastedImage_1.png" /></P></BODY></HTML> Thu, 21 Jun 2018 03:42:44 GMT https://community.checkpoint.com/t5/Endpoint/HTTPS-categorization-on-non-standard-ports-ie-not-80-or-443/m-p/32942#M818 PhoneBoy 2018-06-21T03:42:44Z https://community.checkpoint.com/t5/Endpoint/HTTPS-categorization-on-non-standard-ports-ie-not-80-or-443/m-p/32943#M819 <HTML><HEAD></HEAD><BODY><P>HI,</P><P></P><P>Please excuse my newbiness but where would I find the equivalent in R77? Is it in the services listed in the HTTPS Inspection policy?</P></BODY></HTML> Thu, 21 Jun 2018 04:10:59 GMT https://community.checkpoint.com/t5/Endpoint/HTTPS-categorization-on-non-standard-ports-ie-not-80-or-443/m-p/32943#M819 Colin_Campbell1 2018-06-21T04:10:59Z https://community.checkpoint.com/t5/Endpoint/HTTPS-categorization-on-non-standard-ports-ie-not-80-or-443/m-p/32944#M820 <HTML><HEAD></HEAD><BODY><P>R77.30 and earlier are not quite as flexible, but there is an option to perform HTTP Inspection on non-standard ports:</P><P></P><P><IMG class="image-1 jive-image" src="https://community.checkpoint.com/legacyfs/online/checkpoint/66616_pastedImage_1.png" /></P></BODY></HTML> Thu, 21 Jun 2018 16:37:43 GMT https://community.checkpoint.com/t5/Endpoint/HTTPS-categorization-on-non-standard-ports-ie-not-80-or-443/m-p/32944#M820 PhoneBoy 2018-06-21T16:37:43Z https://community.checkpoint.com/t5/Endpoint/HTTPS-categorization-on-non-standard-ports-ie-not-80-or-443/m-p/32945#M821 <HTML><HEAD></HEAD><BODY><P>HI,</P><P></P><P>I think I may have answered my own question. I decided to RTFM (Application Control and URL Filtering Guide) and found "urlf_ssl_cn_enc_http_services_only" which is documented under fine tuning HTTPS Categorization. It's a system property that controls which ports are monitored for SSL signatures. The default value is "False" which means "The Security Gateway listens for SSL signatures on all ports". If "True" it only monitors services defined as "ENC-HTTP" in the protocol section.</P></BODY></HTML> Thu, 21 Jun 2018 22:05:17 GMT https://community.checkpoint.com/t5/Endpoint/HTTPS-categorization-on-non-standard-ports-ie-not-80-or-443/m-p/32945#M821 Colin_Campbell1 2018-06-21T22:05:17Z https://community.checkpoint.com/t5/Endpoint/HTTPS-categorization-on-non-standard-ports-ie-not-80-or-443/m-p/32946#M822 <HTML><HEAD></HEAD><BODY><P>Ah well there you go <img id="smileyhappy" class="emoticon emoticon-smileyhappy" src="https://community.checkpoint.com/i/smilies/16x16_smiley-happy.png" alt="Smiley Happy" title="Smiley Happy" /></P></BODY></HTML> Thu, 21 Jun 2018 22:10:34 GMT https://community.checkpoint.com/t5/Endpoint/HTTPS-categorization-on-non-standard-ports-ie-not-80-or-443/m-p/32946#M822 PhoneBoy 2018-06-21T22:10:34Z