Create a Post
Showing results for 
Search instead for 
Did you mean: 

HTTPS inpsection: How block file type correctly


Threat prevention policy is set to drop exe file type.

Https inspection rules are set in order to bypass several categories for blades Application Control e URL Filtering


We arrange the HTTPS policy so that first it match the bypass rule than it inspect all the remaining traffic.

The problem is that if the user match a site that is included in the categories that are bypassed and try to download an .exe file the checkpoint detect it (in the smartlog) but do not block it.

How should we configure the https policy in order to block .exe files for all traffic and bypass the inspection for Application Control and URL filtering for some categories?

Attached the screenshot of our https inspection rules

2 Replies
Employee Alumnus
Employee Alumnus

Hi Lorenzo,

can you repost the screenshot ?

In general if a file is downloaded via HTTPS you are not able to block it if HTTPS is bypassed.

Not sure how you would detect an EXE file within a HTTPS download without HTTPS inspection.

Regards Thomas 

0 Kudos

If the traffic is encrypted over HTTPS then you must have HTTPS inspection "inspect" the traffic. 

0 Kudos


Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events