topic Re: Need port based access - inline rule APP URL in General Topics

Need port based access - inline rule APP URL

Harmesh_Yadav — Tue, 16 Mar 2021 12:06:48 GMT

Dear Team ,

I have created Application and URL Filtering Inline rule

In service and Application i need to add Application , URL categories and Services

I have created multiple policy and allowed some URL categories for legitimate traffic .

Added Block categories which should be block as per organization compliance .

Actually i am little bit confuse with Port based access .

if i need to give specific service like HTTP HTTPS DNS and other required service and rest of services should be block . so how can i achieve my requirement from inline rule please let us know .

Either i create new rule or Add services in existing rule how it will work ?

Regards,

Harmesh Yadav

Re: Need port based access - inline rule APP URL

_Val_ — Thu, 18 Mar 2021 12:58:29 GMT

Start here: https://community.checkpoint.com/t5/Management/How-to-use-the-unified-policy/m-p/1568/highlight/true
and here: https://community.checkpoint.com/t5/Management/Unified-Policy-Column-based-Rule-Matching/td-p/9888

Re: Need port based access - inline rule APP URL

the_rock — Thu, 18 Mar 2021 13:21:33 GMT

Personally, I find that for urlf, you are just better off create normal rules on top of your rulebase and NOT use inline or ordered layer for it. I find the way TAC recommends to place any any allow at the bottom makes no logical sense to me. Here is why I say that...say you create ORDERED url layer, ok fine, but then if you put inline layer in it, it would probably cause issues where say traffic in network layer is dropped, but that would be accepted on any any allow at the bottom of url layer (because thats what TAC recommends based on the sk)

Honestly, if I were you, I would do it this way...slap everything in one ordered layer with url rules on top...works fine for me, never an issue!

Happy to do remote session and help you with this.

Andy