- Products
- Learn
- Local User Groups
- Partners
- More
Access Control and Threat Prevention Best Practices
5 November @ 5pm CET / 11am ET
Ask Check Point Threat Intelligence Anything!
October 28th, 9am ET / 3pm CET
Check Point Named Leader
2025 Gartner® Magic Quadrant™ for Hybrid Mesh Firewall
HTTPS Inspection
Help us to understand your needs better
CheckMates Go:
Spark Management Portal and More!
Hello Team,
We are trying to monitor the application usage for your users.
HTTPS Inspection is enabled.
I have attached a afileand you can see from the screenshot provided, that some applications that we have in the rule explicitly work correctly, but something like Facebook, does not.
From what we have observed, we need to explicitly place the application in the application section. Since Facebook was not, but Evernote was, Evernote was logged in, but not Facebook.
I hope I can find somebody here to confirm that.
Regards
screenshots are much too small to be able to see anything, and i do not understand your question !
I have attached a screenshot of the both rules.
But what is your question ? This rule does not make sense to me, as you allow something, and in next rule, allow all ?
I can see neither evernote nor faceboog here...
We are trying to monitor the application usage for your users and my intention was to create only one rule (the second in the picture) and I have created both rule for the following test
- If we gain access to “evernote” or “gmail”, the rule 1 of layer “Application” log correctly field “Application Control”
- If we gain access to another “Application Control” (Like Facebook), the rule 2 of layer “Application” does not log the field “Application Control”.
Look into https://sc1.checkpoint.com/documents/R80.10/WebAdminGuides/EN/CP_R80.10_NexGenSecurityGateway_Guide/... on how to do this! As long as no services and applications are added to the column, rule will not match, also see sk73220 ATRG: Application Control for details of matching.
I'm going to read sk73220 ATRG again, maybe I forgot something.
Precision: the rule 2 match for others applications (Those not specified in the rule 1), but the logs related to this rule 2 haven't got the information related to "Application Control"
You can ask TAC and let them explain it to you 8)
Set the Track for Rule 2 to be Detailed Log as otherwise it is not necessary for App Control to be active for this rule to be enforced otherwise.
I have tried set the track for rule 2 to be Detailed Log and the result is the same: this rule match but I still haven't got the information related to "Application Control"
are you look at logs with blade: Application Control?
Yes!
Show us the rules you are trying to hit and the exact log you are actually hitting.
The solution consist to select "Detailed Log" in the field Track
Leaderboard
Epsum factorial non deposit quid pro quo hic escorol.
| User | Count |
|---|---|
| 21 | |
| 12 | |
| 7 | |
| 6 | |
| 4 | |
| 4 | |
| 4 | |
| 3 | |
| 3 | |
| 2 |
Tue 28 Oct 2025 @ 11:00 AM (EDT)
Under the Hood: CloudGuard Network Security for Google Cloud Network Security Integration - OverviewTue 28 Oct 2025 @ 12:30 PM (EDT)
Check Point & AWS Virtual Immersion Day: Web App ProtectionTue 28 Oct 2025 @ 11:00 AM (EDT)
Under the Hood: CloudGuard Network Security for Google Cloud Network Security Integration - OverviewTue 28 Oct 2025 @ 12:30 PM (EDT)
Check Point & AWS Virtual Immersion Day: Web App ProtectionThu 30 Oct 2025 @ 03:00 PM (CET)
Cloud Security Under Siege: Critical Insights from the 2025 Security Landscape - EMEAThu 30 Oct 2025 @ 02:00 PM (EDT)
Cloud Security Under Siege: Critical Insights from the 2025 Security Landscape - AMERAbout CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY