This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Polina_1
Contributor
Friday
Jump to solution

Close port 80

Hello
Could you please advise me how to close port 80 on a cluster only on external interfaces? Now we see that the cluster is accessible from the Internet on port 80. In the logs this connection passes through implied rules.
I found https://support.checkpoint.com/results/sk/sk165937.  Do I understand correctly that these recommendations only close ports on external interfaces?

We are using Remote Access VPN and S2S VPN. If we close port 80, will it affect the VPN work?

Please answer these questions.
Thank you in advance.

0 Kudos
1 Solution

Accepted Solutions
Polina_1
Contributor
Friday
In response to the_rock
Jump to solution

Hi

I checked sk52421. Really, tcp 80 is not used anywhere.

I think I will make the recommendations from sk165937 to close port 80.

Thanks!

View solution in original post

7 Replies
AkosBakos
Mentor Mentor
Mentor
Friday
Jump to solution

Hi @Polina_1 

I think you can safely disable tcp/80. Otherwise security over all, if I were you I would close the tcp/80 port.

 

Check this communication matrix:

 

image.png

source: https://support.checkpoint.com/results/sk/sk52421

Akos

----------------
\m/_(>_<)_\m/
the_rock
Legend
Legend
Friday
Jump to solution

RA vpn relies on https. Btw, cant open the sk you referenced.

Andy

0 Kudos
AkosBakos
Mentor Mentor
Mentor
Friday
In response to the_rock
Jump to solution

Any, delete the dot by the end of the line 🙂

----------------
\m/_(>_<)_\m/
the_rock
Legend
Legend
Friday
In response to AkosBakos
Jump to solution

@AkosBakos DOH...Homer Simpson moment, haha, tx bud. @Polina_1 Yes, I believe that applies to external interfaces.

Andy

0 Kudos
Polina_1
Contributor
Friday
In response to the_rock
Jump to solution

Hi

I checked sk52421. Really, tcp 80 is not used anywhere.

I think I will make the recommendations from sk165937 to close port 80.

Thanks!

the_rock
Legend
Legend
Friday
In response to Polina_1
Jump to solution

I would say thats your best bet.

Andy

0 Kudos
CheckPointerXL
Advisor
Advisor
8 hours ago
Jump to solution

Create nat rule to a fake ip address

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    li.common.scroll-to.top