<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>topic Re: Block browser extensions on a CheckPoint firewall in General Topics</title>
    <link>https://community.checkpoint.com/t5/General-Topics/Block-browser-extensions-on-a-CheckPoint-firewall/m-p/278964#M46503</link>
    <description>&lt;P&gt;For those who have the same question I can suggest the following solution.&lt;BR /&gt;You can block the chromewebstore and control which extensions are allowed for your users.&lt;BR /&gt;SSL-inspection must be turned on.&lt;BR /&gt;Next, you need to create a Custom application/site without turning on definition as RegExp with these URLs:&lt;BR /&gt;-lh3.googleusercontent.com/&lt;BR /&gt;-www.gstatic.com/_/mss/boq-chrome-webstore/&lt;BR /&gt;-clients2.google.com/&lt;BR /&gt;-clients2.googleusercontent.com/&lt;BR /&gt;Then, you can add full URLs for extensions that are allowed in your organization.&lt;/P&gt;</description>
    <pubDate>Thu, 25 Jun 2026 11:28:01 GMT</pubDate>
    <dc:creator>MAX_0x07DF</dc:creator>
    <dc:date>2026-06-25T11:28:01Z</dc:date>
    <item>
      <title>Block browser extensions on a CheckPoint firewall</title>
      <link>https://community.checkpoint.com/t5/General-Topics/Block-browser-extensions-on-a-CheckPoint-firewall/m-p/237352#M39662</link>
      <description>&lt;P&gt;A while ago, I was thinking about how to block browser extensions on a CheckPoint firewall. Today's news, "16 Chrome Extensions Hacked in Large-Scale Credential Theft Scheme," reminded me that controlling browser plugins can be an important security measure for organizations. Has anyone tried blocking browser extensions with CheckPoint? Any ideas or suggestions?&lt;/P&gt;</description>
      <pubDate>Tue, 31 Dec 2024 21:31:37 GMT</pubDate>
      <guid>https://community.checkpoint.com/t5/General-Topics/Block-browser-extensions-on-a-CheckPoint-firewall/m-p/237352#M39662</guid>
      <dc:creator>SubZer0</dc:creator>
      <dc:date>2024-12-31T21:31:37Z</dc:date>
    </item>
    <item>
      <title>Re: Block browser extensions on a CheckPoint firewall</title>
      <link>https://community.checkpoint.com/t5/General-Topics/Block-browser-extensions-on-a-CheckPoint-firewall/m-p/237368#M39667</link>
      <description>&lt;P&gt;No there is no way on a firewall to do this.&lt;/P&gt;
&lt;P&gt;Best approach is:&lt;/P&gt;
&lt;P&gt;&lt;A href="https://support.google.com/chrome/a/answer/9296680?hl=en" target="_blank"&gt;https://support.google.com/chrome/a/answer/9296680?hl=en&lt;/A&gt;&lt;/P&gt;
&lt;P&gt;There are more ways like inTune / GPO etc. But from firewall point of view I am not aware of an option to do this.&amp;nbsp;&lt;/P&gt;</description>
      <pubDate>Wed, 01 Jan 2025 10:24:04 GMT</pubDate>
      <guid>https://community.checkpoint.com/t5/General-Topics/Block-browser-extensions-on-a-CheckPoint-firewall/m-p/237368#M39667</guid>
      <dc:creator>Lesley</dc:creator>
      <dc:date>2025-01-01T10:24:04Z</dc:date>
    </item>
    <item>
      <title>Re: Block browser extensions on a CheckPoint firewall</title>
      <link>https://community.checkpoint.com/t5/General-Topics/Block-browser-extensions-on-a-CheckPoint-firewall/m-p/237380#M39668</link>
      <description>&lt;P&gt;Best way I can think of is to block QUIC protocol.&lt;/P&gt;
&lt;P&gt;Andy&lt;/P&gt;</description>
      <pubDate>Wed, 01 Jan 2025 15:51:12 GMT</pubDate>
      <guid>https://community.checkpoint.com/t5/General-Topics/Block-browser-extensions-on-a-CheckPoint-firewall/m-p/237380#M39668</guid>
      <dc:creator>the_rock</dc:creator>
      <dc:date>2025-01-01T15:51:12Z</dc:date>
    </item>
    <item>
      <title>Re: Block browser extensions on a CheckPoint firewall</title>
      <link>https://community.checkpoint.com/t5/General-Topics/Block-browser-extensions-on-a-CheckPoint-firewall/m-p/237457#M39689</link>
      <description>&lt;P&gt;You can probably block chromewebstore.google.com with the firewall, though it may require HTTPS Inspection to be enabled.&lt;BR /&gt;The real solution is to implement this via GPO/MDM or via Google Enterprise.&lt;/P&gt;</description>
      <pubDate>Thu, 02 Jan 2025 19:05:14 GMT</pubDate>
      <guid>https://community.checkpoint.com/t5/General-Topics/Block-browser-extensions-on-a-CheckPoint-firewall/m-p/237457#M39689</guid>
      <dc:creator>PhoneBoy</dc:creator>
      <dc:date>2025-01-02T19:05:14Z</dc:date>
    </item>
    <item>
      <title>Re: Block browser extensions on a CheckPoint firewall</title>
      <link>https://community.checkpoint.com/t5/General-Topics/Block-browser-extensions-on-a-CheckPoint-firewall/m-p/278964#M46503</link>
      <description>&lt;P&gt;For those who have the same question I can suggest the following solution.&lt;BR /&gt;You can block the chromewebstore and control which extensions are allowed for your users.&lt;BR /&gt;SSL-inspection must be turned on.&lt;BR /&gt;Next, you need to create a Custom application/site without turning on definition as RegExp with these URLs:&lt;BR /&gt;-lh3.googleusercontent.com/&lt;BR /&gt;-www.gstatic.com/_/mss/boq-chrome-webstore/&lt;BR /&gt;-clients2.google.com/&lt;BR /&gt;-clients2.googleusercontent.com/&lt;BR /&gt;Then, you can add full URLs for extensions that are allowed in your organization.&lt;/P&gt;</description>
      <pubDate>Thu, 25 Jun 2026 11:28:01 GMT</pubDate>
      <guid>https://community.checkpoint.com/t5/General-Topics/Block-browser-extensions-on-a-CheckPoint-firewall/m-p/278964#M46503</guid>
      <dc:creator>MAX_0x07DF</dc:creator>
      <dc:date>2026-06-25T11:28:01Z</dc:date>
    </item>
    <item>
      <title>Re: Block browser extensions on a CheckPoint firewall</title>
      <link>https://community.checkpoint.com/t5/General-Topics/Block-browser-extensions-on-a-CheckPoint-firewall/m-p/278988#M46505</link>
      <description>&lt;P&gt;Applying controls on the firewall layer would be like playing whack-a-mole.&amp;nbsp; Rather enforce "at source".&amp;nbsp; Restrict the browsers that can be used on endpoints and centrally manage the browsers you allow. Both Edge and Chrome make this fairly easy to do, either via on-prem GPO or Intune CSP's.&lt;/P&gt;</description>
      <pubDate>Fri, 26 Jun 2026 06:04:13 GMT</pubDate>
      <guid>https://community.checkpoint.com/t5/General-Topics/Block-browser-extensions-on-a-CheckPoint-firewall/m-p/278988#M46505</guid>
      <dc:creator>Ruan_Kotze</dc:creator>
      <dc:date>2026-06-26T06:04:13Z</dc:date>
    </item>
  </channel>
</rss>

