Inbound HTTPS inspection from external users not supported on SMB appliances?

Beagle15 — Wed, 25 Aug 2021 22:49:27 GMT

Hello,

Can someone confirm that inbound only HTTPS inspection and decryption from external users is not supported on R80.30 running on the SMB appliances?

(Inbound decrypt is defined as only inspection of external users traffic to inbound servers. e.g an internally hosted web server for example).

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk159772#Known%20Limitations

If this is correct can someone advise why it is not supported and if it is needed is the only solution to go to an appliance that supports the full Gaia OS rather than just the embedded Gaia OS in the SMB range please?

Many thanks.

Re: Inbound HTTPS inspection from external users not supported on SMB appliances?

PhoneBoy — Thu, 26 Aug 2021 01:36:37 GMT

I assume you mean R80.20.30, not R80.30, which does not run on SMB appliances.
Also, the SK tells you the answer: Inbound HTTPS Inspection is not supported on the SMB appliances.
I do not know if this planned or the precise reason this was not included.
And yes, if you do require this functionality, you'll need to use something that runs regular Gaia.

topic Re: Inbound HTTPS inspection from external users not supported on SMB appliances? in Spark Firewall (SMB)

Inbound HTTPS inspection from external users not supported on SMB appliances?

Re: Inbound HTTPS inspection from external users not supported on SMB appliances?