This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
championc1
Explorer
‎2024-05-10 03:38 AM

Can I totally bypass HTTPS inspection for a particular URL ?

Can I create a Security Rule to allow HTTPS to a specific Domain and totally bypass HTTPS inspection for a particular URL, rather than creating a Bypass Action rule in the HTTPS Inspection Policy ?

I want to permit access to a particular external URL without the possibility of HTTPS inspection doing something.  We have had several instances recently where the Bypass action rule has stopped working, leading to all of the traffic being inspected, which then breaks access to the external website.

I found that I needed to re-push the policy with Threat Prevention ticked in order to get the Bypass Action rules to start working again

Labels
0 Kudos
4 Replies
the_rock
Legend
Legend
‎2024-05-10 04:51 AM

Well, you can create a rule allowing access to that domain using say domain object or custom url object, as long as you have urlf blade enabled in network layer. I cant guarantee that would work, but you can certainly give it a go.

Andy

0 Kudos
the_rock
Legend
Legend
‎2024-05-10 09:01 AM

I should have clarified...if you have separate urlf ordered layer, thats where I would create the rule.

Andy

0 Kudos
PhoneBoy
Admin
Admin
‎2024-05-13 07:57 AM

Yes, that's why we have an HTTPS Inspection policy.
However, the decision to bypass inspection cannot be made on a full URL, but only on a specific host.
The reason: most web connections are HTTPS and access to the URL requires full HTTPS Inspection (the very thing you're trying to avoid).
If you use an App Control category or Custom Application/Site in your policy, this requires App Control.

A screenshot of your actual HTTPS Inspection policy might be helpful along with version/JHF information.

the_rock
Legend
Legend
‎2024-05-13 08:00 AM
In response to PhoneBoy

Good points!

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events