Solved: Harmony endpoint url filtering

007_mjn · ‎2023-04-21

Hi All,

I'm using harmony endpoint cloud based for my 1000 users. I have a basic license for this endpoint.

I have enabled only firewall, application control, compliance and VPN blade for my endpoint clients.

I have also enabled anti-bot, url filtering, threat emulation, behavioral guard and forensics and anti-ransomware just for testing on my few clients.

Can I enable only url filtering blade for my users?

I have set url filtering mode into prevent. And I have selected category is social networking. But I have to excluded facebook from this but still facebook blocked by url filtering.

I have attached images for this you can check this.

007_mjn · ‎2023-04-23

yes, you are right. Now its working with *facebook*.

View solution in original post

PhoneBoy · ‎2023-04-21

Pretty sure you have to deploy Anti-Bot for URL Filtering to be active.
That's based on the user-level documentation for the client: https://sc1.checkpoint.com/documents/HarmonyEndpoint/Endpoint_Security_Clients_for_Windows_UserGuide...

Also, they likely use similar infrastructure on the Endpoint similar to how it works on a gateway.
If you want URL Filtering only, then you might want to look at Harmony Browse.

007_mjn · ‎2023-04-22

Anti-bot is enabled too. Still it block it. is this the correct domain to exclude like *.facebook.com

the_rock · ‎2023-04-22

That looks right, though me personally, I ALWAYS use an example, such as *facebook* and I never have an issue.

007_mjn · ‎2023-04-25

Thanks for the reply.

I have a question for application control.

I want to use application control blade for endpoint devices. I have run the appscan software on my desktop and it successfully scanned the application on my desktop of c:\ drive program files but it can't generate the xml files.

why it can't generate xml file?

why I can' make many rule for application control on SmartEndpoint server?

I have shared some screenshot you can check it.

PhoneBoy · ‎2023-04-26

I recommend a TAC case for this: https://help.checkpoint.com

anstelios · ‎2023-04-22

There are examples in the UI about how URL exceptions are defined: http?://*.facebook.com etc..

the_rock · ‎2023-04-22

Keep in mind...all the examples given in guides and UI itself dont always work...I worked with TAC (tier2,3, escalation team) numerous times on this and literally every time, we ended up doing my suggestion, which was *fqdn*...so say *facebook*, *youtube*...etc

Is it perfect? Of course NOT, but, every customer I know would rather do it that way and call it a day then spend hours on end trying to make it work recommended way and not succeed.

007_mjn · ‎2023-04-23

yes, you are right. Now its working with *facebook*.

the_rock · ‎2023-04-24

I am 100% sure that will always work...as I said, not perfect solution, but at least, it is somewhat good "workaround"

Andy

007_mjn · ‎2023-04-25

Thanks @the_rock

I have a question for application control.

I want to use application control blade for endpoint devices. I have run appscan software on my desktop and it successfully scanned the application on my desktop of c:\ drive program files but it can't generate the xml files.

why it can't generate xml file?

why I can' make many rule for application control on SmartEndpoint server?

I have shared some screenshot you can check it.

the_rock · ‎2023-04-25

Questions are free mate @007_mjn , all good :- )

Answer may cost you money...just kidding : ). But, in all seriousness, Im not that familiar with endpoint side, I mostly deal with firewalls, so I dont want to BS you and try to give you answer to something I have no clue about. Maybe someone else can confirm or you can double check with TAC on it.

Are you a member of CheckMates?

Harmony endpoint url filtering