CheckMates Fest 2025!
Join the Biggest Event of the Year!
Share your Cyber Security Insights
On-Stage at CPX 2025
Simplifying Zero Trust Security
with Infinity Identity!
Zero Trust Implementation
Help us with the Short-Term Roadmap
CheckMates Go:
What's New in R82
I am still trying to understand the original statement. You said, according to wireshark, 8kb of traffic passed. Where did you run the whireshark? Client side, server side, FW itself? There is not enough info to answer your question properly.
All I can say at this point, the traffic passed seems to be related to HTTPSi validation of the application to block.
Other than TLS handshake (not TCP handshake which is part of communication, but should not be as big as 8K), no actual data should pass. TLS handshake only includes certificate validation and authentication.
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY
