Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
junior_kakou
Contributor

bloquer les sites pornographiques (http et https)

I notice that some websites with indiscent content (sex, pornography) can be displayed while "Block inappropriate content" is activated.
so how do you get to blame these contents?

here are the screenshots

I presume that I am new user of checkpoint if it is also possible to have a guide to master a good configuration of the firewall.
thank you

0 Kudos
6 Replies
G_W_Albrecht
Legend
Legend

Firstly, this should be in SMB and SMP as this is a SMB device shown in screenshot. Second point is that you did configure it correctly, but URL Filtering relies on the CP URL Database that is contacted and the URL treated as defined for the reported category. If an URL is not known or categorized incorrectly, you can report that to CP very easily: Use the URL Categorization Online Tool ! Check Point provides this online tool that allows you to check whether a URL is classified under one of the categories of the URL Filtering Blade. After you check the URL, this tool also allows you to suggest an alternative categorization for the URL.

CCSE CCTE CCSM SMB Specialist
0 Kudos
junior_kakou
Contributor

thank you Günther but the problem is that there are a lot of pornographic sites that happen to pass.
before the update from R77.20.50 to R77.20.70 all sites with indecent content were automatically
blocked. after the update I see that all are no longer

0 Kudos
PhoneBoy
Admin
Admin

Agreed, so I moved the post to the correct place Smiley Happy

0 Kudos
Vladimir
Champion
Champion

If I understood your question correctly, you are asking how to add new sites to be classified and blocked with notification.

It also looks like you are using a small appliance with WebUI.

In this case, the "Block other undesired applications" should be enabled. Click on the "other undesired applications":

and either:

or:

Generally, small appliances with WebUI are seldom used in very complex environments and their policies are fairly simple.

That being said, there is pretty extensive administration guide available for those at:

Check Point 600/700 Appliances R77.20.75 Administration Guide 

Regards,

Vladimir

Vladimir
Champion
Champion

Have you tried adding "pornography" section in undesired apps?

Pedro_Espindola
Advisor

What sites are still passing? Do they use HTTPS? Did you turn on HTTPS Categorization or SSL Inspection?

Some nudity sites use shared certificates issued to sites such as cloudfaressl.com. In this case, HTTPS Categorization won't be enough, since it categorizes the site based on the subject of the certificate. You would have to use SSL Inspection for the gateway to be able to see the actual URL and block it.

Check the certificate to see what site it is issue to.

If it does not use HTTPS, proceed as Vladimir suggested.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events