This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Joe_Kanaszka
Advisor
a week ago
Jump to solution

URL Filtering with in-line proxy

Hello guys!

 

Questions.  Regarding Check Point URL categories:

 

  • How often are the URL categories updated?  Is there a SmartConsole tool I can use to check what Check Point category a url is classified as?  For instance, I'd like to be able to take a random AI site, and verify that Check Point classifies it as such.

 

  • How can I use URL filtering with an existing in-line proxy server?  All our users have a proxy server server configured by a GPO in their Windows proxy settings.  How can I configure Check Point to use URL filtering?  Do I need to configure the source address for the access rule as the IP of the proxy?  I'm guessing yes.  Is this a recommended configuration?  I don't want to use Identity Awareness as I would have to enable the "X-Forwarded-For" header on my proxy, and this may break our current proxy forwarding config.  Plus I really don't need to be that granular.

 

Thank you for any tips or suggestions!

 

 

 

0 Kudos
3 Solutions

Accepted Solutions
PhoneBoy
Admin
Admin
a week ago
Jump to solution

We've long ago stopped providing a local URL Filtering database, instead opting for an on-demand lookup.
That means any update are immediately reflected on the gateways.
To check the categorization of a URL: https://usercenter.checkpoint.com/ucapps/urlcat/
Note this only applies to how something is categorized in URL Filtering and does not apply for Threat Prevention, which may categorize a site differently.

Assuming this is a non-transparent (i.e. explicit) proxy, you would need to allow the proxy IP in your Access Policy.
This presumes you do not want to enforce your access policy based on specific user/group, otherwise you'll need XFF enabled.

View solution in original post

(1)
Chris_Atkinson
MVP Platinum CHKP MVP Platinum CHKP
MVP Platinum CHKP
a week ago
Jump to solution

There is no tool within Smartconsole itself rather there is this:

https://usercenter.checkpoint.com/ucapps/urlcat/

Where is the proxy positioned relative to the traffic flow between users / firewall / internet?

CCSM R77/R80/ELITE

View solution in original post

(1)
the_rock
MVP Platinum
MVP Platinum
a week ago
Jump to solution

Hey brother,

I found this post from 2023, which more less shows the same thing Phoneboy told you. He also gave answer there as well 🙂

https://community.checkpoint.com/t5/General-Topics/URL-Categorization-update/td-p/185273

Best,
Andy

View solution in original post

0 Kudos
4 Replies
PhoneBoy
Admin
Admin
a week ago
Jump to solution

We've long ago stopped providing a local URL Filtering database, instead opting for an on-demand lookup.
That means any update are immediately reflected on the gateways.
To check the categorization of a URL: https://usercenter.checkpoint.com/ucapps/urlcat/
Note this only applies to how something is categorized in URL Filtering and does not apply for Threat Prevention, which may categorize a site differently.

Assuming this is a non-transparent (i.e. explicit) proxy, you would need to allow the proxy IP in your Access Policy.
This presumes you do not want to enforce your access policy based on specific user/group, otherwise you'll need XFF enabled.

(1)
Joe_Kanaszka
Advisor
a week ago
In response to PhoneBoy
Jump to solution

That's what I figured.  Thank you PhoneBoy! 

 

0 Kudos
Chris_Atkinson
MVP Platinum CHKP MVP Platinum CHKP
MVP Platinum CHKP
a week ago
Jump to solution

There is no tool within Smartconsole itself rather there is this:

https://usercenter.checkpoint.com/ucapps/urlcat/

Where is the proxy positioned relative to the traffic flow between users / firewall / internet?

CCSM R77/R80/ELITE
(1)
the_rock
MVP Platinum
MVP Platinum
a week ago
Jump to solution

Hey brother,

I found this post from 2023, which more less shows the same thing Phoneboy told you. He also gave answer there as well 🙂

https://community.checkpoint.com/t5/General-Topics/URL-Categorization-update/td-p/185273

Best,
Andy
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events