This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Satyam_mehrotra
Explorer
‎2018-09-15 07:52 AM

Want help with traffic blocking from one side

hi guys, i have 40 computer setup on which online examinations are  going on. I want to block internet on all computers so that students cant cheat by looking on internet. but problem is teachers should be able to connect remotely to any computer from outside. is there any way, if so please help.

0 Kudos
10 Replies
Vladimir
Champion
Champion
‎2018-09-15 07:59 PM

What is the model of the gateway/management appliance you are using and the version of the software on it?

0 Kudos
Satyam_mehrotra
Explorer
‎2018-09-16 05:50 AM
In response to Vladimir

my UTM is 730 Wireless

0 Kudos
Satyam_mehrotra
Explorer
‎2018-09-16 05:51 AM
In response to Vladimir

I have 730 Wireless UTM

0 Kudos
PhoneBoy
Admin
Admin
‎2018-09-16 09:26 AM
In response to Satyam_mehrotra

Which means this is really an SMB question, so let's move it to the correct space: SMB and SMP

PhoneBoy
Admin
Admin
‎2018-09-15 10:37 PM

Another relevant question: how are the instructors connecting to the computers remotely?

Because that will determine what the policy looks like.

Satyam_mehrotra
Explorer
‎2018-09-16 05:52 AM
In response to PhoneBoy

through remote desktop connection

0 Kudos
JozkoMrkvicka
Authority
Authority
‎2018-09-16 12:06 AM

Block http and https during exam, or setup non-working proxy which cannot be changed by students (only teachers - administrators).

Kind regards,
Jozko Mrkvicka
0 Kudos
Vladimir
Champion
Champion
‎2018-09-16 06:18 AM

We should really know how the exam is being administered.

If it is a browser-based exam and the PCs should be able to access the resources outside to run it, we cannot simply block HTTP/HTTPS. You should define custom site and permit access to it using URLF/App Control in the rule above that preventing HTTP(S) access to other sites.

Remote administration of PCs could be accomplished by either configuring a mobile access for the teacher, to connect tot the gateway via VPN and running RDP to the PCs, or by deploying a jump host, like Apache Guacamole™  ,configuring it to run on custom port not conflicting with any of Check Point services.

For example:

1. Create custom HTTPS service:

2. Create these objects:

a dummy object with Gateway's external IP:

   

and a real object for the JumpHost:

students's network:

  

custom Site:

and Test Time(s):

3. Configure NAT rules:

4. Enable "Time" column in the Policy view:

5. And configure the access rules:

This should do it.

0 Kudos
Satyam_mehrotra
Explorer
‎2018-09-16 07:17 AM
In response to Vladimir

Is there any way to connect through anydesk type software.

0 Kudos
Vladimir
Champion
Champion
‎2018-09-16 07:49 AM
In response to Satyam_mehrotra

From what I understand, it relies on unrestricted HTTPS connectivity from the clients, so this would likely be difficult to achieve.

You can try creating a custom site/URL with their site in it, permitting the traffic to it and to DNS from the students' PCs and restricting their access to anything else in the rule below to see if it works.

This scenario assumes that there is no Active Directory with recursive DNS server in place.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events