Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
firewallAdmin
Explorer

Block uri on firewall

Dear Team,

Can we block  uri on checkpoint firewall.

 

For eg.

 

  ^/+dana/+meeting

  ^/+dana/+fb/+smb

/+dana-cached/+fb/+smb

    ^/+dana-ws/+namedusers

   ^/+dana-ws/+metric

 

 

Regards,

Vinay Adsul

0 Kudos
4 Replies
Cyber_Serge
Collaborator

First you need SSL Inspection on gateway; Second you can look up Check Point documentation on URL Filtering.

But according to the documentation from vendor, the mitigation should be applied on the server itself.

 

You can also choose to import the snort rule from fireeye into the Check Point gateway.
https://github.com/fireeye/pulsesecure_exploitation_countermeasures/

0 Kudos
firewallAdmin
Explorer

we need to block uri on checkpoint firewall , i going to this for first time on checkpoint firewall. qos has suggested to follow below document.but i need to create uri object there are multiple setting and where i need to call this object.

https://sc1.checkpoint.com/documents/R80/CP_R80_SmartDashboard_OLH/html_frameset.htm?topic=documents...

 

Uri that i need to block are related with Pulse vpn vernability. Need steps to block uri on checkpoint firewall.

0 Kudos
Cyber_Serge
Collaborator

Sounds like you are not familiar with such creation. Instead of trying to creating something to block it, why don't you just import the relevant snort rules?

0 Kudos
the_rock
Authority
Authority

Never tried doing that...you may want to open the case with TAC about it. I cant say for sure if that would work 100% even if ssl inspection is enabled on the gateway.

0 Kudos