This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
DR_74
Contributor
‎2020-09-07 08:50 AM

HTTPS Inspection vs Categorize HTTPS site with VSX (R80.40)

Hello,

I have a question regarding HTTPSi / HTTPS Categorization / VSX on R80.40.

Well, I have several VS, and I would like to know if it is possible to run HTTPSi on some of them in order to inspect for malware etc... and run only HTTPS Categorization in order to webfilter a VS dedicated to guest (where I can not add any Cert on th browser).

I read this post which partially answer my concerns

https://community.checkpoint.com/t5/Next-Generation-Firewall/Is-both-HTTPS-Inspection-and-Categorize...

But don't know if I can run both on R80.40 with different VS

 

Thanks

 

 

0 Kudos
2 Replies
HeikoAnkenbrand
Champion
Champion
‎2020-09-07 09:07 AM

Hi @DR_74,

To your questions:

Yes, you can enable or disable https inspection on different VS.

But you must import the root certificate in the browser. Unfortunately there is no other possibility.

0 Kudos
DR_74
Contributor
‎2020-09-07 11:33 PM
In response to HeikoAnkenbrand

Hi Heiko,

Thank you.

Based on https://community.checkpoint.com/t5/Next-Generation-Firewall/Is-both-HTTPS-Inspection-and-Categorize...

As Categorization of HTTPS is a global parameter all the VS will have categorization enabled. And on the ones I will activate HTTPSi, only HTTPSi will be performed?

 

Is that correct?

regards

0 Kudos