How to block "Proxy" included all search engine re...

batmunkh_unubuk · ‎2016-03-14

how can i block to spell or word ? my workers find proxy in google.com then after access to any web by proxy. how can i block "proxy" word include any search engine and web sites?

Tomer_Sole · ‎2016-03-20

It sounds like a problem in the URL Filtering blade. I have forwarded your question to the relevant R&D team and they will contact you privately.

Sumedh_Gujar · ‎2018-01-24

Hi Tomar, Is there any solution on this? We are using R77.30 and we are also looking to block specific words in search engines.

PhoneBoy · ‎2018-01-26

Blocking a word in a search result won't be enough to solve the problem IMO.

You are better off restricting exactly what ports and applications can access the Internet.

Specifically, you should look at blocking anonymizers, as shown here: https://community.checkpoint.com/message/13286-anonymizer-matches-all-traffic?sr=search&searchId=b74...‌

While this shows an R80.10 rulebase, you can implement a similar rulebase in R77.30.

Sumedh_Gujar · ‎2018-01-30

Hi,

Actually this is not related to any specific application where as our requirement is to block word like sports, films so that they can not see any content related to that specific word. I know we have option to block specific categories but still in case checkpoint has option to restrict specific word then please let me know.

Thanks in advance.

PhoneBoy · ‎2018-01-30

As far as I know, that's not a capability we have currently.

Sumedh_Gujar · ‎2018-01-31

OK, Thanks for your revert.

Amir_Rehman · ‎2019-02-09

Hi There,

Ready this post above it seems Checkpoint still don't have feature in R80.10 to control web content by blocking a specific words or patterns.

We have a requirement in our school district to block anything related to word "Momo" (note its not a url just a word). I there a way to do it ?

PhoneBoy · ‎2019-02-09

I was apparently incorrect before.

There are actually two ways to do it:

DLP (applies to all versions), which is an add-on feature
Content Awareness (applies to R80.10+ gateways), which is included

Note that in both cases, HTTPS Inspection will be required.

DLP Screenshots:

Content Awareness Screenshots:

Amir_Rehman · ‎2019-02-10

Thanks for your reply. Have you tested your rule ? Does it work for you ?

I got the similar rule in place for content filtering but doesn't work for me. I have tried with keyword, regex etc but no luck. I am attaching some screenshots for content filtering. I think it looks into data type not into the html body.

PhoneBoy · ‎2019-02-10

Didn't personally try it, but it should work this way.

Recommend opening a TAC case so we can troubleshoot.

How To Open a Case with TAC and/or Account Services‌

Amir_Rehman · ‎2019-02-11

Thank you, will open a TAC case.

Just for your info I am attaching logs for both blades (content awareness and DLP) . Logs pretty much show the request was blocked but perhaps it looks into some other file/data types within the payload.

Content Awareness log

DLP log

Haris_Chaudhry · ‎2020-01-07

sorry to bump an old thread but did you end up getting this working ?

More specifically with Content Awareness ?

Are you a member of CheckMates?

How to block "Proxy" included all search engine result and web sites