We have issues some websites. Our perimeter FW is
Blades FW, APPC, URLF, IPS, AV, AB, TE and IA. Besides HTTPS INSPECTION enabled.
In windows hosts:
ESET endpoint security with Filter SSL/TLS functionality enabled (same as https inspection).
Issues: some websites load first time in web browser (edge, firefox, chrome), but in second time don't load o take it long time (2-10minutes) to load. It's worth to mentioned if we delete cookies in web browser, trouble's websites load again without problems..only first time.
Disable https inspection to such hosts (as source traffice) or to such websites (as destiny traffic)...or...
.... disable Eset Filter SSL/TLS on windows hosts, so it is no longer need to disable the FW HTTPS Inspection
Above means that both CP Https Inspection and ESET Filter SSL/TLS can't work at same time to such websites. Apparently cookies are tried or modified in some point in any way by unknown entity (for me), so ESET antivirus o CP FW refuse to allow traffic.
I did contact ESET support. Solution them bring me was bypass such websites in eset antivirus, but I don't like this solution because the number of websites is constantly growing, and over time I will end up with hundreds or thousands of bypassed websites, additional of security risks.
I did disable temporary threat prevention blades, so just enabled FW, APPC ad URLF, however problematic behavior persist.
Any suggestion before I contact checkpoint TAC support?