Phishing attacks are increasing and Check Point Research observed 19% of all Phishing attacks in April 2021 in EMEA using HTTPS.
In order to prevent these attacks, Check Point R&D is inviting customers experiencing the Zero-Phishing Early Availability program documented in sk172203.
Check Point Certified Partners may want to contact their pre-sales representatives and then work with Check Point R&D supporting customers running a proof-of-concept.
Learn more about Check Point Zero-Phishing for Quantum Network Security watching the following videos:
The instructions documented in sk172203 are referring to use a dedicated Root Certificate Authority for HTTPS inspection and to enroll a UserCheck Certificate against it. In my lab testing I used OpenSSL running on Gaia OS and share the commands I used here.
The following commands are based on documentation found at https://www.openssl.org/docs/ and have demonstrated to work in several lab tests on Gaia OS R81.
1) Define Gaia OS environment variables to ease configuration steps
PASS: A password protecting keying material. This password is requested when importing the .p12 containers in SmartConsole.
ROOTCAFQDN: The Fully Qualified Domain Name of the Root CA.
ROOTCACN: The Common Name (CN) of the Root CA. The CN will be used in the Subject field of the Root CAs' certificate.
export PASS=vpn123
export ROOTCAFQDN=zerophishRootCA.ngtpdemo.local
export ROOTCACN=zerophishRootCA.ngtpdemo.local
2) Generate a private/public keypair for the Root CA and protect them with $PASS
cpopenssl genrsa -passout pass:$PASS -out $ROOTCAFQDN.key 4096
3) Generate a self-signed Root CA Certificate using keying material created before
cpopenssl req -x509 -new -config $CPDIR/conf/openssl.cnf -nodes -key $ROOTCAFQDN.key -sha256 -days 1095 -out $ROOTCAFQDN.crt -batch -passin pass:$PASS -passout pass:$PASS -multivalue-rdn -subj "/CN=$ROOTCACN"
Enjoy Zero-Phishing EA Program!
-pelmer