This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
David_Levine
Contributor
‎2020-06-25 01:29 PM
Jump to solution

Using URLF in Endpoint Security Client

Hi,

I am looking at policy in SmartEndpoint. There is a section for URL Filtering, however I don't see anything about URL filtering in the documentation? 

 

How / where is URLF policy defined? And how is it enforced? Is a security gateway required? Can URLF be  enforced on an endpoint client that is not on the corporate network?

Thanks, 

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin
‎2020-06-25 05:05 PM
Jump to solution

There is a URL Filtering feature in Endpoint that is not included in any of the SBA SKUs.
In fact, it's a hidden SKU you must purchase separately and requires what can best be described as "unique" implementation process requiring configuration in the Network Access Policy (not SmartEndpoint).
That version is...being deprecated.
We have a new implementation of URL Filtering that is built into the SBA browser plugin that is included in the regular SBA SKUs.
This is currently in Early Availability, and only supported in Chrome and only with Endpoint Management as a Service (not on-prem management).

View solution in original post

10 Replies
PhoneBoy
Admin
Admin
‎2020-06-25 05:05 PM
Jump to solution

There is a URL Filtering feature in Endpoint that is not included in any of the SBA SKUs.
In fact, it's a hidden SKU you must purchase separately and requires what can best be described as "unique" implementation process requiring configuration in the Network Access Policy (not SmartEndpoint).
That version is...being deprecated.
We have a new implementation of URL Filtering that is built into the SBA browser plugin that is included in the regular SBA SKUs.
This is currently in Early Availability, and only supported in Chrome and only with Endpoint Management as a Service (not on-prem management).
David_Levine
Contributor
‎2020-06-26 12:09 PM
In response to PhoneBoy
Jump to solution

Thanks for the reply. 

So do you think that - for endpoint - the preferred future might be specifically for cloud based management? Is on-prem management for it only going to support a subset of features? 

0 Kudos
PhoneBoy
Admin
Admin
‎2020-06-27 04:39 PM
In response to David_Levine
Jump to solution

My guess is that it will ultimately be supported for on-premise management as well with the same features.
Or at least I haven't heard it won't be.
Lior_Arzi
Employee Alumnus
Employee Alumnus
‎2020-06-27 10:57 PM
In response to David_Levine
Jump to solution

We are aiming for feature parity between cloud management and on on-prem. In some cases there might be temporary gaps, until we complete support on both, but this is the goal.

In the future, on-prem will even be managed by the same web UI which you see today on the cloud management

 

Having said that, I do recommend organizations to use the cloud if they can.

Even if the features are the same, there are large operational benefits you get from using the cloud management:

 

On the cloud environment, it is our task to maintain the server, keeping it healthy and happy. This is a load we are taking off your hands. Saving you time and money.

Also, as we manage thousands of such environments, there is a very high chance that any issue that will happen on your env. is something we have already seen before and know how to fix. Or even better, something we already seen before and therefor mitigated it on your env. before it even happened.

We understand some orgs can’t move to cloud management due to regulations or internal constrains and therefore we will keep giving them a similar on-prem capabilities.

 

Lior

0 Kudos
Kobie_Bendalak
Employee Alumnus
Employee Alumnus
‎2020-06-27 10:29 PM
Jump to solution

This is our old URLF, we have a new one that can be enabled through our web management - https://sc1.checkpoint.com/documents/Infinity_Portal/WebAdminGuides/EN/SandBlast-Agent-Management-Pl...

You don't need a GW to use it, it will be enforced on the agent's level and is based on our browser extension.

For on-prem deployments, it will be rolling out as part of our next release "R81", yet again it will be available only through our web management interface.

0 Kudos
techmstr
Explorer
‎2020-06-29 06:30 AM
Jump to solution

The biggest issue is having to use the plugins for browsers due to the fact that if the end user picks a browser not supported then they can go to any site they want and the URL filtering will not work.  Enterprise URL filtering really needs a method that is not dependent on browser version or type.  

PhoneBoy
Admin
Admin
‎2020-06-29 08:09 AM
In response to techmstr
Jump to solution

As noted, this is in EA and we are planning to support additional browsers.

Chrome is, by far, the most popular browser, though, and you can enforce browser plugin usage with GPO and similar.

As to whether the Filtering is only done in the plugin or its merely used to provide a better experience to the end user, I'll leave that to @Kobie_Bendalak and others to answer.

0 Kudos
David_Levine
Contributor
‎2020-06-29 09:42 AM
In response to PhoneBoy
Jump to solution

Using a browser extension for URLF is a pretty solid way to go... aside from some proxy / pac or other shim... and it should work nicely for http and https sites alike.

From a enforcement perspective, hopefully it will be an easier pill to swallow now that Chrome and Edge run on the same engine. I assume Firefox will be supported also? As for the continued use of Internet Explorer... I hope it goes away soon. It's 2020 people. Yeesh 😉

For managing the SBA version of URLF, it is web-based.... and once it is made available for on-prem management (R81), it will still be web-managed... meaning that there will be a web portal to admin the feature opposed to using SmartConsole or SmartEndpoint. (just making sure I understand this right)

For endpoint management in general though, SaaS based management is recommended unless there is some regulation or other rule requiring on-prem management. I get this, as - with the little experience I have so far - managing management can sometimes be a barrier - or a slow down maybe -  to managing security policy / enforcement. Especially when  we are a small team and responsible for all IT admin stuff.

For this though - if our internal "roadmap" was to get gateways and management (network and endpoint) all rolling into SmartEvent - how would SaaS management impact that?

Thanks!
~D

0 Kudos
PhoneBoy
Admin
Admin
‎2020-06-29 05:46 PM
In response to David_Levine
Jump to solution

First of all, SmartEvent should be part of the "Management as a Service" offerings. 🙂
I believe you can export the logs from here to an on-premise SmartEvent as well.
0 Kudos
David_Levine
Contributor
‎2020-06-30 07:01 AM
In response to PhoneBoy
Jump to solution

Gotcha. Thanks for the help!
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events