This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Ronny_Vasquez1
Participant
‎2018-03-13 10:54 AM

Url Filtering allow an specific AWS app

Hi Checkmates,

I need to allow an specific AWS app and block the rest, the app is accessed from an url (resolved and redirected to an AWS cloud range) like this:

1) The end user enter the url in the browser erp.internaldomain.com/login

2) The dns resolve to ec2-xxxx.compute-x.amazonaws.com and many others.

3) Url Filtering/ App Control blocks with the clean up rule.

What I try:

a) Allow by specific url erp.domainexample.com/login since is re directed the first connection is allowed but when the redireccion happens the url filtering block.

https inspection is disable.

Thanks in advance for any information to point me in the right direction.

Labels
5 Replies
Dor_Marcovitch
Advisor
‎2018-03-13 11:09 AM

From what i see you will need to enable https inspection.

I had bumped onto an sk a while ago that explains how to create custom app signature. Maybe it can help you. 

0 Kudos
Ronny_Vasquez1
Participant
‎2018-03-13 11:19 AM

Hi Dor,

Thanks I will search your post and try with that.

0 Kudos
Dor_Marcovitch
Advisor
‎2018-03-13 12:00 PM
In response to Ronny_Vasquez1

found it:

New application to build signatures for applications for R77.30 and R80.x

 

Admin Guide:

http://downloads.checkpoint.com/dc/download.htm?ID=53643

 

Download and Examples:

https://supportcenter.checkpoint.com/supportcenter/portal/role/supportcenterUser/page/default.psml/m...

Vladimir
Champion
Champion
‎2018-03-13 11:53 AM

I do not think you can do this without HTTPS inspection.

Try accessing the app when not blocking and see if it is redirected to HTTPS.

G_W_Albrecht
Legend Legend
Legend
‎2018-03-14 05:32 AM

I have written a short document on this: URLF / APCL Whitelisting without https inspection

You could try that - but take care as it is from R77.30 !

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events