This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
GUEYDON_Olivier
Contributor
‎2021-12-09 07:45 AM

HTTPS Inspection on LAN

Hi Community,

 

We have a couple of 5200 Security Gateways, working in ClusterXL mode (Active/passive).

These are used in our internal LAN, to enforce access control policies. Software blades activated are Application Control, Identity Awareness, and Threat Prevention (IPS).

Policies validates that users (acccess role, Lan segment, hosts), ... can access various services like servers, applications, printing system, VoIP... on different vlans...

I wonder if it makes sense to activate HTTPS inspection (and also URL filtering and Content Awareness).

Can it be benefic to limit risks on our internal network ?

Note that Internet access is filtred/decrypted by our perimetric FW.

Thanks for your advices,

0 Kudos
1 Reply
PhoneBoy
Admin
Admin
‎2021-12-12 03:51 PM

URL Filtering only makes sense for Internet-based traffic.
Content Awareness...depends on your use case.
Likewise, with HTTPS Inspection...depends precisely on what you're hoping to see that you're not seeing. 

0 Kudos