Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Phill_Lunt
Participant

Check Point Proxy

Hi!

I wonder if anyone has any experience with running Check Point as an HTTP/S proxy?  We currently have this configured in our environment and I have a couple of queries:

Has anyone experienced issues when running as a proxy?

Does proxied traffic get processed by blades as per standard, non-proxy traffic?

Many thanks!

Phill

0 Kudos
3 Replies
Jerry
Mentor
Mentor

see sk110013

all works as it should unless you are about to have multiply exceptions on access rules ...  

I've tested that SSL interception with 3rd party public SSL  Certificate and it just works brilliant utilizing as well URL/APPC blades.

all depends what level of """cashing""" you're a bout to aiming for or rather, what is your level of understanding mentioned in SK limitations

Jerry
0 Kudos
Jerry
Mentor
Mentor

also would be great to acknowledge following one: sk112939

should you plan to use non-standard port plus utilizing URL/APPC blades on the same GW.

to be completely honest CP Proxy is far from calling it "proxy server" as such for large enterprise and scalable designs (i'd say there are much better once on the market) but in terms of the SSL interception it does the job very well, all depends what you're about to take a hit on in terms of the performance and capabilities of the solution for users Smiley Happy 

Jerry
Phill_Lunt
Participant

Many thanks Jerry!  I have looked at the SK and that makes sense.  We have a non-transparent proxy configured and I find that when I do not use the proxy I encounter problems trying to bypass HTTPS inspection.  I will raise an SR with support for the particular site that we are having a problem with.  Thank you for your help, much appreciated.

Phill

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events