This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Ratnesh_Singh
Explorer
‎2018-09-04 02:43 AM

Rule base checking if Application control and URL filtering blade is enable?

Hello Everyone,

I have one question. Suppose we have  Application control and URL filtering blade is enable in checkpoint firewall.

So for any outbound access,whether we have to allow access in firewall rule base and Application rule base?

We know that in Application rule base we have any to any access allowed by default.But we have edited that rule and made it any to any ->drop. 

So in this case please let us know whether we have to allow access on both blade (Firewall and URL filtering) for outbound access.

Thanks

Ratnesh Singh

0 Kudos
4 Replies
Gaurav_Pandya
Advisor
‎2018-09-04 03:44 AM

Hi Ratnesh,

You need to allow access in both blades. 

Blade matching will be done from Left to Right and Rule base match will be done from Top to Bottom. So first it will check access rule and if it is allowed here then it will go to next blade. Hope this clarifies your query.

0 Kudos
Ratnesh_Singh
Explorer
‎2018-09-04 04:06 AM
In response to Gaurav_Pandya

Thanks you for the reply.

We are using R80.10 MGMT server and I did not get 1st line i.e Blade matching will be done from left to right?

Thanks

0 Kudos
Gaurav_Pandya
Advisor
‎2018-09-04 05:05 AM
In response to Ratnesh_Singh

Hi Ratnesh,

Got it. If you have R80.10 mgmt. then there are 2 approach. Ordered Layer and Inline Layer.

If you are going for ordered layer then it is tom to bottom approach for Layers and rule base as well. Here you need to allow traffic in access layer and then it will go to Application control or URL filtering. 

If you are going for Inline Layer then define parent rule first and inside that rule give specific applications.

For more clarification, you can see below video.

https://community.checkpoint.com/videos/5487

0 Kudos
PhoneBoy
Admin
Admin
‎2018-09-04 07:08 AM
In response to Gaurav_Pandya

Actually rulebase matching is a little different in R80.x:

Unified Policy Column-based Rule Matching

Still, when you have multiple ordered policy layers, the connection must match an Accept rule in each layer.

Also keep in mind that each layer can have a different implicit cleanup rule (either allow or block).

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events