- Products
- Learn
- Local User Groups
- Partners
- More
On-Premise SD-WAN Management
Register HereWhat's New in R82.10?
Watch Here AI Security Masters E8:
Claude Mythos: New Era in Cyber Security
CheckMates Go:
The Moment Before
Hi, In a scenario with 3rd party web proxy(bluecoat) in place, how would the https traffic be handled by sandblast appliance. Considering bluecoat itself is doing https inspection first.
Hi,
Have a look at sk111306 and install JHF 284 or newer which includes the ICAP server feature.
HTH,
Christian
There is not much information, how you want (or have) implemented the Sandblast appliance.
So just to keep it general:
If you want the https traffic to be inspected there has to be ssl-inspection active. Detail configuration for that depends on the implementation (sandblast before proxy or after).
Other way would be to use ICAP-client on proxy to speak with ICAP-server on Sandblast appliance.
Hi Norbert,
I wish to implement the sandblast appliance to intercept https traffic for Sandboxing. I would like to deploy the Sandblast appliance after proxy towards internet and using fail open card.
Regards,
Biju Nair
Sent from my iPhone
Hmmm. So you want two devices to break open SSL traffic independently?
This is the sort of stuff I would advise if you want nightmares.
It will be slow to the users and the likely hood you will get into negotiate trouble is big.
I can only say that Hugo is right here and ICAP is the much better way to move forward!
Thanks Hugo.
Hi Norbert,
If we plan for ICAP then the proxy will act as a ICAP client and will send the traffic to sandblast(ICAP server).
But how would the https traffic work in ICAP scenario. Will proxy send the decrypted packet to sandblast and wait for verdict from sandblast by holding the connection.
Regards,
Biju Nair
Sent from my iPhone
That's the basic idea.
Hi,
Have a look at sk111306 and install JHF 284 or newer which includes the ICAP server feature.
HTH,
Christian
Leaderboard
Epsum factorial non deposit quid pro quo hic escorol.
| User | Count |
|---|---|
| 95 | |
| 42 | |
| 9 | |
| 7 | |
| 6 | |
| 6 | |
| 5 | |
| 4 | |
| 4 | |
| 3 |
Tue 28 Jul 2026 @ 11:00 AM (EDT)
Under the Hood - Check Point and Illumio – Modern Network Defense Against AI-Based ThreatsThu 30 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E12: READY OR NOT: Securing the AI Enterprise 4/5 - AI GatewayThu 20 Aug 2026 @ 10:00 AM (PDT)
AI Security Masters E13: READY OR NOT: Securing the AI Ent 5/5 - AI Research & Threat LandscapeTue 28 Jul 2026 @ 11:00 AM (EDT)
Under the Hood - Check Point and Illumio – Modern Network Defense Against AI-Based ThreatsThu 30 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E12: READY OR NOT: Securing the AI Enterprise 4/5 - AI GatewayThu 20 Aug 2026 @ 10:00 AM (PDT)
AI Security Masters E13: READY OR NOT: Securing the AI Ent 5/5 - AI Research & Threat LandscapeAbout CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY