- Products
- Learn
- Local User Groups
- Partners
- More
Check Point Jump-Start Online Training
Now Available on CheckMates for Beginners!
Welcome to Maestro Masters!
Talk to Masters, Engage with Masters, Be a Maestro Master!
ZTNA Buyer’s Guide
Zero Trust essentials for your most valuable assets
The SMB Cyber Master
Boost your knowledge on Quantum Spark SMB gateways!
Check Point's Cyber Park is Now Open
Let the Games Begin!
As YOU DESERVE THE BEST SECURITY
Upgrade to our latest GA Jumbo
CheckFlix!
All Videos In One Space
I want to allow a few people download files from wetransfer but not the upload of files.
If I create a rule in the application layer and in services and applications I put wetransfer,
it allow to upload and download files. If instead of wetransfer I put wetransfer-download,
does not match the rule and goes to the next rule that block access to wetransfer.
If I put wetransfer and in content I put file download, it does not load the wetransfer page either.
Does anyone have any idea how to do it?
My initial thoughts are the use of content awareness, and Identity Awareness blades to define which accounts can utilise the rule and how specific content is then handled.
I dont understand what you mean. I have created a group with a domain user to allow him access.
If I put wetransfer in Services&Aplication it works perfectly, but in both directions and
I want is to only allow downloads. I have also done the test registering the equipment and
the operation is the same. As soon as I put some limitation like only allowing downloads
it doesn't work anymore because it doesn't match the rule.
Can you explain it a little more. Thank you very much
What is the order of the rules that you have created and is HTTPS inspection used?
Just looked at the pics, and I see what you mean, whats defined in wetransfer-download and what protocol is being used?
I tried with https enabled and disabled and the result is the same. I go step by step so I do not
limit the protocol or the content. First I have to get load the wetransfer page by
allowing only the download. I attached some images of how to configure with https inspection disable
and the result obtained. The rules are the first to avoid possible hidden problems.
Create two rules.
Top rule: Wetransfer AND Wetransfer-download Accept
Bottom rule: Wetransfer-Upload Block
With HTTPS enabled and nothing in the Content field.
Let me know if this works.
Cheers,
Vladimir
I would involve TAC into this. I had similar case with customer while back and they had to escalate it, went to R&D and they somehow fixed it, but I dont remember how, sorry.
Hello.
did you get this to work?
I am using R80.40, I am trying to allow the user the access to the web category "File Storage and Sharing" but block the category "file upload" to most of the users. With the testing rules have made it work for some applications, but not for all:
One drive, Google drive and terabox -> I was able to access the site and download and upload files to the application
Mega.com, megafire and wetransfer -> I was able to access the site and I was not able to upload any files. I got an error on the application about network issues, but not the custom blocked message we have configured on Checkpoint
I still didn't get it to work. When I have some time I will try again. Thank you for your input. I will communicate my progress
I have a bigger problem. If I putthe rule in image 1, the firewall does not match it and cuts access to wetransfer with a later rule.
To load the page I need to put the rule of image 2, and then the user can upload and download files
These are the rules that I am using on my tests.
The first rule prevents me from loading the google drive page and the second allows me to access, for example, wetransfer
After several tests I have achieved that users can only download files from wetransfer, googledrive and onedrive. I have R81.10 and https inspection activated
It has worked for me with the following rules
Thanks, now we are using the version 80.40. I will test these rules with the new release
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY