This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Oscar_David_Gom
Contributor
Contributor
‎2019-05-31 06:00 PM

Traffic Control

Hi,

We have a VSX environment with various VS, two of them are controlling traffic, but just one has HTTPS Inspection enabled, the other one is only using categorization, in order to work with HTTPS Inspection, we uncheck the option "Categorize HTTPS websites", but the VS without HTTPS Inspection is not enforcing rules because can not categorize that traffic.

I need to know how does that option works, is there a way to only activate Categorization for the VS that does not have HTTPS Inspection? Does the platform have trouble having both enabled? if so, how can I control this traffic without using https inspection and the option "Categorize HTTPS websites" disabled?

Thanks.

0 Kudos
2 Replies
Chris_Atkinson
Employee Employee
Employee
‎2019-05-31 10:44 PM

This should be possible in R80.20 per sk108202 i.e. HTTPSi + Categorise HTTPS websites

CCSM R77/R80/ELITE
0 Kudos
Zach_S
Employee
Employee
‎2019-06-02 11:36 AM

In order for Application Control and URL Filtering to work best, it is better to have HTTPS Inspection enabled. I think it's better to do the Application Control + URL Filtering on the perimeter firewall w/ outbound HTTPS Inspection enabled on that firewall for outbound connections. 

Not sure why your topology requires 2 virtual systems to perform categorization, ideally this should only be done once on the way out to the internet. Are you able to share any more details?

Without HTTPS Inspection or HTTPS Categorization, you won't be able to use site/category in the policy for rules containing the https service. HTTPS Categorization will only categorize based on the subject common name of the trusted certificate returned by the server, so the results will be mixed when using HTTPS Categorization. 

 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events