https://community.checkpoint.com/t5/General-Topics/Deploy-HTTPS-Inspection/m-p/183161#M30548 <P><a href="https://community.checkpoint.com/t5/user/viewprofilepage/user-id/91437">@Luciano_Cirino</a>&nbsp;&nbsp;if you want to secure &nbsp;your web application &nbsp;( traffic from external to your web application host) as I understand you need inbound HTTPS inspection. <A title="Configuring Inbound HTTPS Inspection" href="https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_ThreatPrevention_AdminGuide/Topics-TPG/Using_Threat_Prevention_with_HTTPS_Traffic.htm?tocpath=HTTPS%20Inspection%7CConfiguring%20Security%20Gateways%20to%20inspect%20outbound%20and%20inbound%20HTTPS%20traffic%7C_____7#Configuring_Inbound_HTTPS_Inspection" target="_blank" rel="noopener">Configuring Inbound HTTPS Inspection</A>&nbsp;</P> <P>With HTTPS inspection enabled for access to your webserver you can use IPS, Antivirus,Antibot, Threat Emulation .. to inspect the traffic for malicious code. With this you get a WAF solution based on Check Point software.&nbsp;<BR />If your web application is cloud based you should use&nbsp;<A title="CloudGuard for Application Security" href="https://www.checkpoint.com/cloudguard/appsec/" target="_blank" rel="noopener">CloudGuard for Application Security</A>&nbsp;as WAF.</P> <P>And there are other vendors with specialized solutions for WAF.</P> Sun, 04 Jun 2023 19:43:25 GMT Wolfgang 2023-06-04T19:43:25Z https://community.checkpoint.com/t5/General-Topics/Deploy-HTTPS-Inspection/m-p/183123#M30541 <P>Hello everyone,</P><P>I hope you're all doing well.</P><P>I'm looking to deploy HTTPS Inspection for a specific web application, but I'm unsure where to start. Could someone please assist me? I'm in need of guidance on this matter.</P><P>Thank you in advance.</P> Fri, 02 Jun 2023 21:33:57 GMT https://community.checkpoint.com/t5/General-Topics/Deploy-HTTPS-Inspection/m-p/183123#M30541 Luciano_Cirino 2023-06-02T21:33:57Z https://community.checkpoint.com/t5/General-Topics/Deploy-HTTPS-Inspection/m-p/183125#M30543 <P>I would start below (last 3 links)</P> <P>Andy</P> <P><A href="https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_NextGenSecurityGateway_Guide/Topics-FWG/HTTPS-Inspection.htm?TocPath=_____24" target="_blank">https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_NextGenSecurityGateway_Guide/Topics-FWG/HTTPS-Inspection.htm?TocPath=_____24</A></P> Fri, 02 Jun 2023 21:48:58 GMT https://community.checkpoint.com/t5/General-Topics/Deploy-HTTPS-Inspection/m-p/183125#M30543 the_rock 2023-06-02T21:48:58Z https://community.checkpoint.com/t5/General-Topics/Deploy-HTTPS-Inspection/m-p/183146#M30545 <P>Hey, Bro.</P> <P>&nbsp;</P> <P>HTTPS Inspection, it's for LAN to WAN traffic, right?</P> <P>&nbsp;</P> <P>Or does it work in reverse as well?</P> <P>&nbsp;</P> <P>Although if it were in reverse, to protect my LAN traffic, I think it would be better to use a WAF.</P> <P>&nbsp;</P> <P>Greetings.</P> Sun, 04 Jun 2023 01:54:34 GMT https://community.checkpoint.com/t5/General-Topics/Deploy-HTTPS-Inspection/m-p/183146#M30545 Matlu 2023-06-04T01:54:34Z https://community.checkpoint.com/t5/General-Topics/Deploy-HTTPS-Inspection/m-p/183153#M30546 <P>Hey man,</P> <P>So there is inbound and outbound https inspection. Most people would use outbound (LAN to WAN), but as you said, in reverse, you can also use WAF.</P> <P>Andy</P> Sun, 04 Jun 2023 15:10:23 GMT https://community.checkpoint.com/t5/General-Topics/Deploy-HTTPS-Inspection/m-p/183153#M30546 the_rock 2023-06-04T15:10:23Z https://community.checkpoint.com/t5/General-Topics/Deploy-HTTPS-Inspection/m-p/183161#M30548 <P><a href="https://community.checkpoint.com/t5/user/viewprofilepage/user-id/91437">@Luciano_Cirino</a>&nbsp;&nbsp;if you want to secure &nbsp;your web application &nbsp;( traffic from external to your web application host) as I understand you need inbound HTTPS inspection. <A title="Configuring Inbound HTTPS Inspection" href="https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_ThreatPrevention_AdminGuide/Topics-TPG/Using_Threat_Prevention_with_HTTPS_Traffic.htm?tocpath=HTTPS%20Inspection%7CConfiguring%20Security%20Gateways%20to%20inspect%20outbound%20and%20inbound%20HTTPS%20traffic%7C_____7#Configuring_Inbound_HTTPS_Inspection" target="_blank" rel="noopener">Configuring Inbound HTTPS Inspection</A>&nbsp;</P> <P>With HTTPS inspection enabled for access to your webserver you can use IPS, Antivirus,Antibot, Threat Emulation .. to inspect the traffic for malicious code. With this you get a WAF solution based on Check Point software.&nbsp;<BR />If your web application is cloud based you should use&nbsp;<A title="CloudGuard for Application Security" href="https://www.checkpoint.com/cloudguard/appsec/" target="_blank" rel="noopener">CloudGuard for Application Security</A>&nbsp;as WAF.</P> <P>And there are other vendors with specialized solutions for WAF.</P> Sun, 04 Jun 2023 19:43:25 GMT https://community.checkpoint.com/t5/General-Topics/Deploy-HTTPS-Inspection/m-p/183161#M30548 Wolfgang 2023-06-04T19:43:25Z https://community.checkpoint.com/t5/General-Topics/Deploy-HTTPS-Inspection/m-p/183162#M30549 <P>Good doc given to me by Sales...I believe it was created by one of their diamond engineers.</P> Sun, 04 Jun 2023 19:44:59 GMT https://community.checkpoint.com/t5/General-Topics/Deploy-HTTPS-Inspection/m-p/183162#M30549 the_rock 2023-06-04T19:44:59Z https://community.checkpoint.com/t5/General-Topics/Deploy-HTTPS-Inspection/m-p/183231#M30556 <P>In our local user groups, we do HTTPS Inspection Best Practice sessions.<BR />You can see the last one I did here:&nbsp;<A href="https://community.checkpoint.com/t5/Southeast-US/HTTPS-Inspection-Best-Practices-South-March-2023/m-p/175649#M79" target="_blank">https://community.checkpoint.com/t5/Southeast-US/HTTPS-Inspection-Best-Practices-South-March-2023/m-p/175649#M79</A><BR />(Note, you will need to join the group in order to see the video and slides)</P> <P>Perhaps that will be helpful.</P> Mon, 05 Jun 2023 15:47:35 GMT https://community.checkpoint.com/t5/General-Topics/Deploy-HTTPS-Inspection/m-p/183231#M30556 PhoneBoy 2023-06-05T15:47:35Z