Re: Use the Harmony firewall to block all access t...

JulianAF · ‎2023-11-02

Hello,

i'm trying to found my way. We actually configure laptops with only access to Citrix. The laptop are hybrid azure AAD. We need to keep the access to Azure (Entra), Teams and Citrix.

The problem is if i block access to internet,the Checkpoint will be blocked too and can't be updated and the only solution is to uninstall it. I put the execption xxx.epmgmt.checkpoint.com in the rule with allow but the traffic not passing by this rule.

Others problem is to allow teams or Azure, actually we can't add address fqdn like *.microsoft.com , it seems mandatory to add each subdomain xxx.address.com (!!!).

Any idea to found a easy solution?

Thank you

G_W_Albrecht · ‎2023-11-02

I would ask CP TAC for the most easy and efficient way of achieving your goal.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

JulianAF · ‎2023-11-03

Thank you !

JulianAF · ‎2023-11-17

Hello any news?

scenarist · ‎2024-02-07

I would also appreciate if there is any news on this matter ?

JulianAF · ‎2024-02-07

Haha forgot this my friend.

scenarist · ‎2024-02-15

Hello,

I'm seeking advice on the most effective method to block all outgoing internet traffic except for a select few websites. Currently, I've configured outbound firewall rules to permit access to the Harmony server, domain controllers (DNS and DHCP), internal networks, and the domain www.edition.cnn.com. All other connections are blocked.

However, I've encountered two issues:

My anti-malware capabilities is unable to update, as it can't establish a connection to the server. I suspect that I need to add a rule for the Check Point Anti-Malware online database server?

2.The second problem pertains to the slow loading of the www.edition.cnn.com webpage or any URLs I've allowed. However, when I removed the "clean up out" rule, I experienced significantly faster loading times for web addresses.

I would greatly appreciate any suggestions or insights you could provide on these matters.

Thank you very much in advance.

Sigbjorn · ‎2024-02-15

The problem with slow loading is most likely because todays websites will load resources from a whole lot of different domains that you did not allow.

If you open web developer tools (F12) when loading edition.cnn.com you'll see that its fetching resources from all over the place.

scenarist · ‎2024-02-16

I assumed that, and there is no way to solve that matter because every website have a lot of external resources.

JulianAF · ‎2024-02-16

Hello to achieve this we use Cisco Umbrella and we can only permitt what we want. It's working very well.

scenarist · ‎2024-02-27

I can't believe that there is no way to solve this issue, and I will have to change the Harmony endpoint because of it.

G_W_Albrecht · ‎2024-02-27

What is the response from CP TAC ?

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

scenarist · ‎2024-02-27

Still nothing. I am still waiting...

Are you a member of CheckMates?

Use the Harmony firewall to block all access to internet but with exception