Create a Post
Showing results for 
Search instead for 
Did you mean: 

Zero-Phishing for Quantum Network Security

Phishing attacks are increasing and Check Point Research observed 19% of all Phishing attacks in April 2021 in EMEA using HTTPS.

In order to prevent these attacks, Check Point R&D is inviting customers experiencing the Zero-Phishing Early Availability program documented in sk172203

Check Point Certified Partners may want to contact their pre-sales representatives and then work with Check Point R&D supporting customers running a proof-of-concept.

Learn more about Check Point Zero-Phishing for Quantum Network Security watching the following videos:

The instructions documented in sk172203 are referring to use a dedicated Root Certificate Authority for HTTPS inspection and to enroll a UserCheck Certificate against it. In my lab testing I used OpenSSL running on Gaia OS and share the commands I used here.

The following commands are based on documentation found at and have demonstrated to work in several lab tests on Gaia OS R81.

1) Define Gaia OS environment variables to ease configuration steps

PASS: A password protecting keying material. This password is requested when importing the .p12 containers in SmartConsole.
ROOTCAFQDN: The Fully Qualified Domain Name of the Root CA.
ROOTCACN: The Common Name (CN) of the Root CA. The CN will be used in the Subject field of the Root CAs' certificate.

export PASS=vpn123
export ROOTCAFQDN=zerophishRootCA.ngtpdemo.local
export ROOTCACN=zerophishRootCA.ngtpdemo.local

2) Generate a private/public keypair for the Root CA and protect them with $PASS

cpopenssl genrsa -passout pass:$PASS -out $ROOTCAFQDN.key 4096

3) Generate a self-signed Root CA Certificate using keying material created before

cpopenssl req -x509 -new -config $CPDIR/conf/openssl.cnf -nodes -key $ROOTCAFQDN.key -sha256 -days 1095 -out $ROOTCAFQDN.crt -batch -passin pass:$PASS -passout pass:$PASS -multivalue-rdn -subj "/CN=$ROOTCACN"

Enjoy Zero-Phishing EA Program!




0 Replies