This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
D_W
Advisor
‎2020-02-10 07:25 AM

Url categorization issue specific sites

Hi,

 

quick question about Application and URLFiltering without HTTPS Inspection on R80.10.

We block category "web-advertisement" and at the moment when someone tries to access https://fontawesome.com it get's blocked and we only see that "ad-balancer.at" in the SmartLog is getting blocked in that session.

Anyone with the same behaviour?

 

KR
David

0 Kudos
5 Replies
Daniel_Taney
Advisor
‎2020-02-10 07:51 AM

URLF.jpg

It looks like Check Point's only categorization for this site is "Computers / Internet". Are users attempting to access it by directly entering in that URL? Or are they searching for it and clicking on a search result?

One side effect I've seen from blocking the "Web-Advertisement" category is that many of the "top" links on Google (which are actually Ad hits) will not work.

If they are going directly to the URL, it could be that some portion of the site is redirecting to some ad or click-tracker before going to the actual webpage. If that is happening, there may not be much you can do besides white-listing "ad-balancer.at". Which I'm sure you don't want to do, but a poorly engineered website may not leave you a choice.

 

R80 CCSA / CCSE
0 Kudos
D_W
Advisor
‎2020-02-14 11:04 AM
In response to Daniel_Taney

Thanks for your reply. Yes only solution for now was to allow ad-banners.at.
I couldn't find the redirect to ad-banner.at or similiar sites on this website "fontawesome.com". Other websites are affected too. So i think there is another issue.

Also what's the best practice then to filter out web-ads?

0 Kudos
Daniel_Taney
Advisor
‎2020-02-14 01:09 PM
In response to D_W

I haven't found a better way to get around this besides accepting the reality that blocking this category will break a few websites and some exceptions may have to be put in. The way I see it, there is so much ad traffic on the Internet that, even with a few exceptions, you are probably still blocking more than you'll end up allowing by not filtering the category entirely.

R80 CCSA / CCSE
0 Kudos
PhoneBoy
Admin
Admin
‎2020-02-14 01:21 PM
In response to D_W

There are many browser plugins that do this quite effectively.
Obviously that doesn't scale to the network very well. 😛
0 Kudos
Daniel_Taney
Advisor
‎2020-02-14 01:28 PM
In response to D_W

If you have Identity Awareness configured, you could also write an Identity rule to allow those ad-sites for the users that need the website to work. 

R80 CCSA / CCSE
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events