This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Daniel_Kavan
Advisor
Advisor
‎2025-02-21 06:54 AM
Jump to solution

anonymizer category in application control

Does anyone use the anonymizer category to prevent incoming traffic from using anonymizers to their web sites?

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin
‎2025-02-21 02:07 PM
Jump to solution

The Anonymizer category is specifically for outbound connections.
I don't believe it will work for blocking traffic FROM anonymizers. 
We do offer a list of TOR IPs you can block, though: https://support.checkpoint.com/results/sk/sk103154 

View solution in original post

4 Replies
the_rock
Legend
Legend
‎2025-02-21 07:20 AM
Jump to solution

I used it before for some proxy blocking in the lab. Below are best references I could find.

https://usercenter.checkpoint.com/ucapps/urlcat/categories

An intermediary which prevents Web sites from seeing a user's Internet Protocol (IP) address. Anonymizers are often used to circumvent company network acceptable use policies to potentially hide non-appropriate behavior, however in the home setting they may be used to provide additional layers of anonymity and protect privacy. Examples: http://www.anonymizer.com, http://www.megaproxy.com, http://www.hidemyass.com

 

https://appwiki.checkpoint.com/appwikisdb/public.htm

Just filter for category as anonymizer and same for the tags.

Andy

Screenshot_1.png
Preview file
86 KB
0 Kudos
PhoneBoy
Admin
Admin
‎2025-02-21 02:07 PM
Jump to solution

The Anonymizer category is specifically for outbound connections.
I don't believe it will work for blocking traffic FROM anonymizers. 
We do offer a list of TOR IPs you can block, though: https://support.checkpoint.com/results/sk/sk103154 

cem82
Contributor
‎2025-02-21 07:29 PM
In response to PhoneBoy
Jump to solution

For TOR - I'm wondering even if you have AV/AB and can use custom intelligence feeds which the SK mentions to use as the method as best practice, is there any drawbacks for using as network feed instead?  I would think if you do that way would be processed by FW blade and sooner in the packet flow so wonder if it is still best practice on 81.20?

0 Kudos
PhoneBoy
Admin
Admin
‎2025-02-24 02:03 PM
In response to cem82
Jump to solution

No specific drawbacks to using Network Feeds that I'm aware of.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    li.common.scroll-to.top