topic Re: Enable/Disable Categorize HTTPs websites per policy or Appliance Type in General Topics

Enable/Disable Categorize HTTPs websites per policy or Appliance Type

Us4r — Tue, 31 Mar 2020 06:58:07 GMT

Hello,

I know that "categorize HTTPS websites" can be globally enabled / disabled.

Is there any chance to control this behavior per policy or Appliance type?

Background is that sometimes UserCheck Block Message won't be shown on Checkpoint SMB 1400 / 1500 - Appliances when "categorize HTTPS websites" and "HTTPS Inspection" is enabled. One example for that is if you try to access ebay.

If categorize HTTPS websites is disabled, block message works fine.

Thanks

Florian

Re: Enable/Disable Categorize HTTPs websites per policy or Appliance Type

G_W_Albrecht — Tue, 31 Mar 2020 10:03:39 GMT

I would assume that categorize HTTPS websites could be disabled completely when HTTPS inspection is used - its function was to provide control over HTTPS websites access without HTTPS inspection...

Re: Enable/Disable Categorize HTTPs websites per policy or Appliance Type

Us4r — Tue, 31 Mar 2020 11:42:29 GMT

We have a lot of different devices and at the moment we haven't HTTPS Inspection enabled on all of them...
Because of that I want to try if I can HTTPS URL Categorization only disable on devices which have HTTPS Inspection enabled.

Re: Enable/Disable Categorize HTTPs websites per policy or Appliance Type

PhoneBoy — Thu, 02 Apr 2020 04:03:06 GMT

Categorize HTTPS Sites and HTTPS Inspection can only be used together as of R80.20, if I remember correctly.
Which means they definitely cannot be used on 1400 Series (Based onnR77.20), but it should work on a 1500 Series, which is based on R80.20.
It's, unfortunately, a global setting within a management domain.