Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Ronny_Vasquez1
Participant

Url Filtering allow an specific AWS app

Hi Checkmates,

I need to allow an specific AWS app and block the rest, the app is accessed from an url (resolved and redirected to an AWS cloud range) like this:

1) The end user enter the url in the browser erp.internaldomain.com/login

2) The dns resolve to ec2-xxxx.compute-x.amazonaws.com and many others.

3) Url Filtering/ App Control blocks with the clean up rule.

What I try:

a) Allow by specific url erp.domainexample.com/login since is re directed the first connection is allowed but when the redireccion happens the url filtering block.

https inspection is disable.

Thanks in advance for any information to point me in the right direction.

5 Replies
Dor_Marcovitch
Advisor

From what i see you will need to enable https inspection.

I had bumped onto an sk a while ago that explains how to create custom app signature. Maybe it can help you. 

0 Kudos
Ronny_Vasquez1
Participant

Hi Dor,

Thanks I will search your post and try with that.

0 Kudos
Dor_Marcovitch
Advisor

found it:

New application to build signatures for applications for R77.30 and R80.x

 

Admin Guide:

http://downloads.checkpoint.com/dc/download.htm?ID=53643

 

Download and Examples:

https://supportcenter.checkpoint.com/supportcenter/portal/role/supportcenterUser/page/default.psml/m...

Vladimir
Champion
Champion

I do not think you can do this without HTTPS inspection.

Try accessing the app when not blocking and see if it is redirected to HTTPS.

G_W_Albrecht
Legend Legend
Legend

I have written a short document on this: URLF / APCL Whitelisting without https inspection

You could try that - but take care as it is from R77.30 !

CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events