Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
AlanDias
Explorer

User category with specific services in Application Rules

Hellow, I have a Checkpoint 80.40, and I need to create a rule with specific source IPs, but destination must be URLs (not IPs), with specific services (9091 and 9092).

My idea was create a security police with specific source IPs, destination ANY, services 9091 and 9092. And, in application, I created two rules:

Rule1 - source: IPs mensionaded, destination: Internet object and, in  Service Application Sites, I created a Custon AplicationSites, with my URLs, action: ACCEPT.

Rule2 - source: IPs mensionaded, destination: Internet object, services: 9091 and 9092 and action: DROP.

 

But, I found out  that my  Application Sites uses Custom_Application_Site category, that works only with the services HTTP, HTTPS, HTTP_proxy and HTTPS_proxy. Thats why It doens't match in services 9091 and 9092.

 

What can I do in this case?

 

I tried to create an User Category, but I can't associeted the services 9091 and 9092.

 

 

 

 

0 Kudos
7 Replies
the_rock
Legend
Legend

Thats a tricky part...so what happens is this. If you wish to say create custom appsin services, you can do that, but you need url filtering enabled. Rules you created make sense to me. By the way, you can add domain objects in destination.

Screenshot_1.png

Screenshot_2.png

Tobias_Moritz
Advisor

As far as I know, this are your options:

  1. Edit the list of services (TCP ports), the URL filtering blade is using for the Custom Application/Site objects: SmartConsole: Manage & Settings -> Blades -> Application Control & URL Filtering -> Advanced Settings -> Application Control Web Browsing Services: Add your service objects for ports 9091 and 9092 there. But beware, this is a global setting, not only for a specific gateway or policy.
  2. Create a full featured custom application object using the Signature Tool from sk103051 instead of a simple "Custom Application/Site object" in SmartConsole.

 

sloddo
Explorer

Is this ever going to be implemented to be able to match on specific non-standard ports for custom applications?

I've seen many posts about this going back to 'it's planned to be included in R80.20' but we still don't have this functionality in 2023.

0 Kudos
the_rock
Legend
Legend

I had people ask me the same question before, but I dont see any concrete plans to implement it, but would be nice.

Andy

0 Kudos
the_rock
Legend
Legend

Wait, is this what you meant? if so, its possible to customize it.

Andy

 

Screenshot_1.png

0 Kudos
sloddo
Explorer

Not for the built-in Applications, for custom (user created) Applications (without having to use the Signature creation tool).

0 Kudos
the_rock
Legend
Legend

Correct, thats not possible as of yet, sorry for misunderstanding.

Andy

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events