This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
JulianAF
Explorer
‎2023-11-02 08:43 AM

Use the Harmony firewall to block all access to internet but with exception

Hello,

i'm trying to found my way. We actually configure laptops with only access to Citrix. The laptop are hybrid azure AAD. We need to keep the access to Azure (Entra), Teams and Citrix.

The problem is if i block access to internet,the Checkpoint will be blocked too and can't be updated and the only solution is to uninstall it. I put the execption xxx.epmgmt.checkpoint.com in the rule with allow but the traffic not passing by this rule.

Others problem is to allow teams or Azure, actually we can't add address fqdn like *.microsoft.com , it seems mandatory to add each subdomain xxx.address.com (!!!). 

Any idea to found a easy solution? 

 

Thank you 

Labels
0 Kudos
12 Replies
G_W_Albrecht
MVP Silver
MVP Silver
‎2023-11-02 09:01 AM

I would ask CP TAC for the most easy and efficient way of achieving your goal.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
JulianAF
Explorer
‎2023-11-03 02:01 AM
In response to G_W_Albrecht

Thank you !

0 Kudos
JulianAF
Explorer
‎2023-11-17 12:57 AM
In response to G_W_Albrecht

Hello any news? 

0 Kudos
scenarist
Contributor
‎2024-02-07 05:17 AM
In response to G_W_Albrecht

I would also appreciate if there is any news on this matter ?

0 Kudos
JulianAF
Explorer
‎2024-02-07 06:07 AM
In response to scenarist

Haha forgot this my friend. 

0 Kudos
scenarist
Contributor
‎2024-02-15 06:20 AM
In response to JulianAF

Hello,

I'm seeking advice on the most effective method to block all outgoing internet traffic except for a select few websites. Currently, I've configured outbound firewall rules to permit access to the Harmony server, domain controllers (DNS and DHCP), internal networks, and the domain www.edition.cnn.com. All other connections are blocked.

344.png

However, I've encountered two issues:

  1. My anti-malware capabilities is unable to update, as it can't establish a connection to the server. I suspect that I need to add a rule for the Check Point Anti-Malware online database server?

343.png

2.The second problem pertains to the slow loading of the www.edition.cnn.com webpage or any URLs I've allowed. However, when I removed the "clean up out" rule, I experienced significantly faster loading times for web addresses.

I would greatly appreciate any suggestions or insights you could provide on these matters.

Thank you very much in advance.

0 Kudos
Sigbjorn
Advisor
Advisor
‎2024-02-15 10:32 PM
In response to scenarist

The problem with slow loading is most likely because todays websites will load resources from a whole lot of different domains that you did not allow. 

If you open web developer tools (F12) when loading edition.cnn.com you'll see that its fetching resources from all over the place.

 

0 Kudos
scenarist
Contributor
‎2024-02-16 06:01 AM
In response to Sigbjorn

I assumed that, and there is no way to solve that matter because every website have a lot of external resources. 

0 Kudos
JulianAF
Explorer
‎2024-02-16 06:07 AM
In response to scenarist

Hello to achieve this we use Cisco Umbrella and we can only permitt what we want. It's working very well.

0 Kudos
scenarist
Contributor
‎2024-02-27 12:22 AM
In response to JulianAF

I can't believe that there is no way to solve this issue, and I will have to change the Harmony endpoint because of it. 

 

0 Kudos
G_W_Albrecht
MVP Silver
MVP Silver
‎2024-02-27 01:00 AM
In response to scenarist

What is the response from CP TAC ?

 

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
scenarist
Contributor
‎2024-02-27 01:15 AM
In response to G_W_Albrecht

Still nothing. I am still waiting...

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events