Create a Post
Showing results for 
Search instead for 
Did you mean: 

Content Awareness does not scan HTML files by default

Environment: cluster R81.20
Model: Check Point 6200B

My customer gave me a whole Iist of file types to block with Content Awareness and one of the file types is MSI. So i needed to block MSI file downloads by clients in a POC and present a Block page. I found out (via TAC) that Check Point gateway does not block this by default in Content Awareness because the HTML file is not inspected by default.

Maybe not so much a question but a realization that these HTML files are not inspected by default.

See the bottom of the sk114640.

HTML files
Content Awareness does not scan HTML files (for type and content) which are downloaded using the HTTP "GET" method over HTTP because it could have a high adverse affect on the Security Gateway performance.

After turning on this option (1) the download was blocked correctly and the Block page shown as well.


[Expert@XXXXXXXXXX# fw ctl get int fileapp_parse_html
fileapp_parse_html = 1


0 Kudos
1 Reply

I guess where I'm having trouble here is why trying to block an MSI file would fail because it can't block an HTML file.
Is it because the MSI file has html in it or some other reason?

0 Kudos


Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events