- Local User Groups
I am Dr. Dorit Dor
Ask Me Anything
Check Point for Beginners
Welcome to the
Working From Home
Review Check Point,
Win Apple AirPods!
You're Using It Wrong
hi guys, i have 40 computer setup on which online examinations are going on. I want to block internet on all computers so that students cant cheat by looking on internet. but problem is teachers should be able to connect remotely to any computer from outside. is there any way, if so please help.
Another relevant question: how are the instructors connecting to the computers remotely?
Because that will determine what the policy looks like.
Block http and https during exam, or setup non-working proxy which cannot be changed by students (only teachers - administrators).
We should really know how the exam is being administered.
If it is a browser-based exam and the PCs should be able to access the resources outside to run it, we cannot simply block HTTP/HTTPS. You should define custom site and permit access to it using URLF/App Control in the rule above that preventing HTTP(S) access to other sites.
Remote administration of PCs could be accomplished by either configuring a mobile access for the teacher, to connect tot the gateway via VPN and running RDP to the PCs, or by deploying a jump host, like Apache Guacamole™ ,configuring it to run on custom port not conflicting with any of Check Point services.
1. Create custom HTTPS service:
2. Create these objects:
a dummy object with Gateway's external IP:
and a real object for the JumpHost:
and Test Time(s):
3. Configure NAT rules:
4. Enable "Time" column in the Policy view:
5. And configure the access rules:
This should do it.
From what I understand, it relies on unrestricted HTTPS connectivity from the clients, so this would likely be difficult to achieve.
You can try creating a custom site/URL with their site in it, permitting the traffic to it and to DNS from the students' PCs and restricting their access to anything else in the rule below to see if it works.
This scenario assumes that there is no Active Directory with recursive DNS server in place.