hi,

we have the same issue since today.

Hello,

same issue here. It started around 04:12 AM CEST.

Same here. Any comments from Check Point?

Just raised   

thank you Val,

hope you will sort it out

I will update this post once we have a definitive fix.

Thank you for your quick response!

Is it possible that you provide a status update in this thread as soon as you get the news that the issue has been resolved? That would would be amazing.

Appreciate you and best regards

I'm experiencing the same issue since this mornig. 

Hey @_Val_.

This issue has caused disruption, and it raises a question about communication. While we understand technical problems occur, many partners rely on prompt notifications from Check Point to address such situations effectively.

I'd like to inquire why there wasn't a more immediate communication effort to partners regarding this miscategorization issue. Timely updates would have significantly aided troubleshooting and minimized disruption for many organizations. Are there plans to improve communication protocols for future occurrences?

In addition to the previous questions, I'm also interested in:

• Any recommended workarounds or mitigation strategies in the meantime.
• Whether there's an estimated timeframe for a resolution.

Thank you for your time and any information you can share.

Sincerely,
Nenad Vijatov

Please can we have an update and ETA on the issue this is causing significant disruption for our staff and CP are being frustratingly quiet. the website reports there will be an update every 30 minutes but I do not see any posts regarding this?

This is not the case. We do not use full ssl inspect and are still impacted. 

Question to Check Point, when can we expect an official statement?

Thanks for sharing.
It's strange because we have many customers but don't experience this issue with only HTTPS categorization... Note we do have Anonymizers to be blocked in the policy.

Not so weird at all. The detection is based on a perceived header. Without HTTPS inspection you will not be able to look into that traffic to match this.

Not 100% what you mean by this but we have multiple environments impacted that are not decrypting one bit of SSL. In other words, SSL inspection is not a pre-requisite to experience this issue. 

HTTPS categorization is enabled.

Thanks all for the insight 🙂
I was just wondering because that we have more than hundreds of customers, but only 3-4 reports from the field experiencing this issue, and it was just that all of those 3-4 customers had Full SSLINS enabled.

Btw, I just noticed there was a APPI package update No.110424_1 with just "X-VPN" updated.
Maybe the issue was addressed?🤔

if you meant this one it does not help still traffic is x-vpn categorized

Where do you see that "X-VPN" was updated?

I recieved a mail from APPWIKI_UPDATES just around an hour ago. I haven't checked on MGMT yet... probably the package is still not distributed to the update servers?

Seems a bit more complicated than that. Incoming traffic to our own website's webservers with HTTPS-inspection and IPS also gets frequently blocked as X-VPN, but not all, even when the same URL's are requested. Not every browser triggers this protection, but mostly Chrome and MS Edge do.
Not all users are impacted by the issue, or many hours after others were inpacted by the issue. Hopefully it is NOT something that get's distributed to pc's with (cloud) shared/synchronized browser profiles, such as google and microsoft stored browser profiles.

Stefan, Did you open a service request yet? As you seem to be seeing this 2 to 3 days before most other see it.

And this is the sort of additional insight that might help finding a root cause.