This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Sunandan_Banerj
Employee Alumnus
Employee Alumnus
‎2019-03-22 02:50 AM
Jump to solution

SSH decryption in Check Point R80.20

Hi,

Do we support SSH decryption ? If yes pls share URL/Link for reference.

If No, do we have any workaround ?

Regards,

Sunandan

0 Kudos
1 Solution

Accepted Solutions
Norbert_Bohusch
Advisor
‎2019-03-22 02:53 AM
Jump to solution

SSH Inspection is already available as custom fix.

It can be requested through local office.

 

Following features are supported:

SSH:

  • Decryption/Encryption
  • PK client authentication
  • Client password authentication
  • Clients and servers command line keys management tool.

 

IPS protections:

  • SSH Brute Force Login Attempt
  • Weak Credentials over SSH
  • SSH Weak Cipher
  • Non SSH over SSH Port

 

AntiVirus:

  • Extract of files transferred through SCP and SFTP protocols.

View solution in original post

7 Replies
Norbert_Bohusch
Advisor
‎2019-03-22 02:53 AM
Jump to solution

SSH Inspection is already available as custom fix.

It can be requested through local office.

 

Following features are supported:

SSH:

  • Decryption/Encryption
  • PK client authentication
  • Client password authentication
  • Clients and servers command line keys management tool.

 

IPS protections:

  • SSH Brute Force Login Attempt
  • Weak Credentials over SSH
  • SSH Weak Cipher
  • Non SSH over SSH Port

 

AntiVirus:

  • Extract of files transferred through SCP and SFTP protocols.
Sunandan_Banerj
Employee Alumnus
Employee Alumnus
‎2019-03-22 03:34 AM
In response to Norbert_Bohusch
Jump to solution

Thanks Norbert.

0 Kudos
Omar_Retamozo
Explorer
‎2019-09-10 02:47 PM
In response to Norbert_Bohusch
Jump to solution

Thank You. Do you have the URL, Link o document that support it

0 Kudos
PhoneBoy
Admin
Admin
‎2019-09-10 03:27 PM
In response to Omar_Retamozo
Jump to solution

As this is a customer specific release, there isn’t public documentation.
It can be provided through your local Check Point office.
Note there is also a similar customer release for R80.30.
Daniel_Kavan
MVP Gold
MVP Gold
‎2020-01-17 11:16 AM
Jump to solution

I have a request to block certain SFTP users.   Currently, traffic comes in on a reverse proxy, haproxy, then to the sftp server.    With our current set up,  I can't identify specific USERS.  I'm thinking about the old client authentication now...  We're getting too many  bogus requests from random users.   

0 Kudos
PhoneBoy
Admin
Admin
‎2020-01-20 02:15 PM
In response to Daniel_Kavan
Jump to solution

You're going to have issues identifying users if more than one user is coming from what appears to be the same IP address.
In this case, the only real solution is a proxy.
0 Kudos
_Val_
Admin
Admin
‎2020-01-21 12:15 AM
In response to Daniel_Kavan
Jump to solution

We have SSH Inspection capabilities in our road map. This feature will be added to one of the upcoming releases. Stay tuned

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events