https://community.checkpoint.com/t5/General-Topics/Issues-between-Checkpoint-FW-and-ESET-antivirus/m-p/124370#M22989 <P>Hello everyone.</P><P>We have issues <STRONG>some</STRONG> websites. Our perimeter FW is</P><P>R80.40, standalone<BR />Blades FW, APPC, URLF, IPS, AV, AB, TE and IA. Besides HTTPS INSPECTION enabled.<BR />In windows hosts:</P><P>ESET endpoint security with Filter SSL/TLS functionality enabled (same as https inspection).</P><P><BR />Issues: some websites load first time in web browser (edge, firefox, chrome), but in second time don't load o take it long time (2-10minutes) to load. It's worth to mentioned if we delete cookies in web browser, trouble's websites load again without problems..only first time.</P><P>Workarounds:</P><P>Disable https inspection to such hosts (as source traffice) or to such websites (as destiny traffic)...or...<BR />.... disable Eset Filter SSL/TLS on windows hosts, so&nbsp;it is no longer need to disable the FW HTTPS Inspection<BR />Above means that both CP Https Inspection and ESET Filter SSL/TLS can't work at same time<STRONG> to such websites</STRONG>. Apparently cookies are tried or modified in some point in any way by unknown entity (for me), so&nbsp; ESET antivirus o CP FW refuse to allow traffic.</P><P>I did contact ESET support. Solution them bring me was bypass such websites in eset antivirus, but I don't like this solution because&nbsp;the number of websites is constantly growing, and over time I will end up with hundreds or thousands of bypassed websites, additional of security risks.</P><P>&nbsp;</P><P>I did disable temporary threat prevention blades, so just enabled FW, APPC ad URLF, however problematic behavior persist.</P><P>&nbsp;</P><P>Any suggestion before I contact checkpoint TAC support?</P><P>&nbsp;</P><P>Thanks.</P> Mon, 19 Jul 2021 20:00:35 GMT LuisSP 2021-07-19T20:00:35Z https://community.checkpoint.com/t5/General-Topics/Issues-between-Checkpoint-FW-and-ESET-antivirus/m-p/124370#M22989 <P>Hello everyone.</P><P>We have issues <STRONG>some</STRONG> websites. Our perimeter FW is</P><P>R80.40, standalone<BR />Blades FW, APPC, URLF, IPS, AV, AB, TE and IA. Besides HTTPS INSPECTION enabled.<BR />In windows hosts:</P><P>ESET endpoint security with Filter SSL/TLS functionality enabled (same as https inspection).</P><P><BR />Issues: some websites load first time in web browser (edge, firefox, chrome), but in second time don't load o take it long time (2-10minutes) to load. It's worth to mentioned if we delete cookies in web browser, trouble's websites load again without problems..only first time.</P><P>Workarounds:</P><P>Disable https inspection to such hosts (as source traffice) or to such websites (as destiny traffic)...or...<BR />.... disable Eset Filter SSL/TLS on windows hosts, so&nbsp;it is no longer need to disable the FW HTTPS Inspection<BR />Above means that both CP Https Inspection and ESET Filter SSL/TLS can't work at same time<STRONG> to such websites</STRONG>. Apparently cookies are tried or modified in some point in any way by unknown entity (for me), so&nbsp; ESET antivirus o CP FW refuse to allow traffic.</P><P>I did contact ESET support. Solution them bring me was bypass such websites in eset antivirus, but I don't like this solution because&nbsp;the number of websites is constantly growing, and over time I will end up with hundreds or thousands of bypassed websites, additional of security risks.</P><P>&nbsp;</P><P>I did disable temporary threat prevention blades, so just enabled FW, APPC ad URLF, however problematic behavior persist.</P><P>&nbsp;</P><P>Any suggestion before I contact checkpoint TAC support?</P><P>&nbsp;</P><P>Thanks.</P> Mon, 19 Jul 2021 20:00:35 GMT https://community.checkpoint.com/t5/General-Topics/Issues-between-Checkpoint-FW-and-ESET-antivirus/m-p/124370#M22989 LuisSP 2021-07-19T20:00:35Z https://community.checkpoint.com/t5/General-Topics/Issues-between-Checkpoint-FW-and-ESET-antivirus/m-p/124374#M22990 <P>Double HTTPS Inspection will probably cause some issues, particularly if you don’t install the relevant CA certificates as trusted in ESET and Check Point.<BR />Anything in the logs that you can see or through packet capture?<BR />TAC can certainly help with debugging HTTPS Inspection.&nbsp;</P> Mon, 19 Jul 2021 20:12:22 GMT https://community.checkpoint.com/t5/General-Topics/Issues-between-Checkpoint-FW-and-ESET-antivirus/m-p/124374#M22990 PhoneBoy 2021-07-19T20:12:22Z