- CheckMates
- :
- Products
- :
- Harmony
- :
- Endpoint
- :
- Harmony endpoint url filtering
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Harmony endpoint url filtering
Hi All,
I'm using harmony endpoint cloud based for my 1000 users. I have a basic license for this endpoint.
I have enabled only firewall, application control, compliance and VPN blade for my endpoint clients.
I have also enabled anti-bot, url filtering, threat emulation, behavioral guard and forensics and anti-ransomware just for testing on my few clients.
Can I enable only url filtering blade for my users?
I have set url filtering mode into prevent. And I have selected category is social networking. But I have to excluded facebook from this but still facebook blocked by url filtering.
I have attached images for this you can check this.
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
yes, you are right. Now its working with *facebook*.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Pretty sure you have to deploy Anti-Bot for URL Filtering to be active.
That's based on the user-level documentation for the client: https://sc1.checkpoint.com/documents/HarmonyEndpoint/Endpoint_Security_Clients_for_Windows_UserGuide...
Also, they likely use similar infrastructure on the Endpoint similar to how it works on a gateway.
If you want URL Filtering only, then you might want to look at Harmony Browse.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Anti-bot is enabled too. Still it block it. is this the correct domain to exclude like *.facebook.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
That looks right, though me personally, I ALWAYS use an example, such as *facebook* and I never have an issue.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks for the reply.
I have a question for application control.
I want to use application control blade for endpoint devices. I have run the appscan software on my desktop and it successfully scanned the application on my desktop of c:\ drive program files but it can't generate the xml files.
why it can't generate xml file?
why I can' make many rule for application control on SmartEndpoint server?
I have shared some screenshot you can check it.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I recommend a TAC case for this: https://help.checkpoint.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
There are examples in the UI about how URL exceptions are defined: http?://*.facebook.com etc..
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Keep in mind...all the examples given in guides and UI itself dont always work...I worked with TAC (tier2,3, escalation team) numerous times on this and literally every time, we ended up doing my suggestion, which was *fqdn*...so say *facebook*, *youtube*...etc
Is it perfect? Of course NOT, but, every customer I know would rather do it that way and call it a day then spend hours on end trying to make it work recommended way and not succeed.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
yes, you are right. Now its working with *facebook*.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I am 100% sure that will always work...as I said, not perfect solution, but at least, it is somewhat good "workaround"
Andy
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks @the_rock
I have a question for application control.
I want to use application control blade for endpoint devices. I have run appscan software on my desktop and it successfully scanned the application on my desktop of c:\ drive program files but it can't generate the xml files.
why it can't generate xml file?
why I can' make many rule for application control on SmartEndpoint server?
I have shared some screenshot you can check it.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Questions are free mate @007_mjn , all good :- )
Answer may cost you money...just kidding : ). But, in all seriousness, Im not that familiar with endpoint side, I mostly deal with firewalls, so I dont want to BS you and try to give you answer to something I have no clue about. Maybe someone else can confirm or you can double check with TAC on it.