Url Filtering allow an specific AWS app - Check Point CheckMates

Four Ways to SASE

Register Now!

Explore New Wave of Web Based
DDoS Attacks and Mitigations

Register Now!

Boosting Performance & Stability
with Harmony Endpoint E88.70!

Watch Now

It's Here!
CPX 2025 Content

Get It Now

Remote Access VPN – User Experience
Help us with the Short-Term Roadmap

Take the Survey

The Future of Browser Security:
AI, Data Leaks & How to Stay Protected!

Watch now

CheckMates Go:
What is UPPAK?

LISTEN NOW

Hi Checkmates,

I need to allow an specific AWS app and block the rest, the app is accessed from an url (resolved and redirected to an AWS cloud range) like this:

1) The end user enter the url in the browser erp.internaldomain.com/login

2) The dns resolve to ec2-xxxx.compute-x.amazonaws.com and many others.

3) Url Filtering/ App Control blocks with the clean up rule.

What I try:

a) Allow by specific url erp.domainexample.com/login since is re directed the first connection is allowed but when the redireccion happens the url filtering block.

https inspection is disable.

Thanks in advance for any information to point me in the right direction.

5 Replies

From what i see you will need to enable https inspection.

I had bumped onto an sk a while ago that explains how to create custom app signature. Maybe it can help you.

Hi Dor,

Thanks I will search your post and try with that.

found it:

New application to build signatures for applications for R77.30 and R80.x

Admin Guide:

http://downloads.checkpoint.com/dc/download.htm?ID=53643

Download and Examples:

https://supportcenter.checkpoint.com/supportcenter/portal/role/supportcenterUser/page/default.psml/m...

I do not think you can do this without HTTPS inspection.

Try accessing the app when not blocking and see if it is redirected to HTTPS.

I have written a short document on this: URLF / APCL Whitelisting without https inspection

You could try that - but take care as it is from R77.30 !

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

User

Count

8

6

5

4

4

2

2

2

2

2

Upcoming Events

Sort by:

Virtual

Thu 01 May 2025 @ 11:00 AM (CDT)

Tips and Tricks 2025 #6: Infinity Portal IAM

In-Person

Tue 06 May 2025 @ 09:00 AM (EEST)

CheckMates Live Cyprus - Performance Optimization Best Practices

Virtual

Tue 06 May 2025 @ 03:00 PM (CEST)

The Check Point Take on Hybrid Mesh Security EMEA

Virtual

Tue 06 May 2025 @ 02:00 PM (EDT)

The Check Point Take on Hybrid Mesh Security AMER

Virtual

Tue 06 May 2025 @ 02:00 PM (EDT)

Deep Dive Americas: Troubleshooting 101 for Quantum Security Gateways

Virtual

Wed 07 May 2025 @ 05:00 PM (CEST)

TechTalk: Explore New Wave of Web Based DDoS Attacks and Mitigations

Virtual

Thu 01 May 2025 @ 11:00 AM (CDT)

Tips and Tricks 2025 #6: Infinity Portal IAM

Virtual

Tue 06 May 2025 @ 03:00 PM (CEST)

The Check Point Take on Hybrid Mesh Security EMEA

Virtual

Tue 06 May 2025 @ 02:00 PM (EDT)

The Check Point Take on Hybrid Mesh Security AMER

Virtual

Tue 06 May 2025 @ 02:00 PM (EDT)

Deep Dive Americas: Troubleshooting 101 for Quantum Security Gateways

Virtual

Wed 07 May 2025 @ 05:00 PM (CEST)

TechTalk: Explore New Wave of Web Based DDoS Attacks and Mitigations

Virtual

Thu 08 May 2025 @ 10:00 AM (CEST)

HTTPSi R82 Demo: Practical Updates and Best Practices - EMEA

In-Person

Tue 06 May 2025 @ 09:00 AM (EEST)

CheckMates Live Cyprus - Performance Optimization Best Practices

In-Person

Wed 21 May 2025 @ 11:30 AM (CDT)

Tempe: Hybrid Mesh

In-Person

Tue 03 Jun 2025 @ 09:00 AM (CEST)

CheckMates LIve France - Workshop Check Point Quantum

CheckMates Events