Welcome to the 9th lesson! After a short break on the May holidays, we continue our publications. Today we will discuss no less interesting topic, namely – Application control and URL Filtering. That, for what sometimes Check Point and buy. Need to block Telegram, TeamViewer or Tor? This is what Application Control is for. In addition, we will touch on another interesting blade – Content Awarenessand discuss the importance of HTTPS Inspections. But first things first!
As you remember, in Lesson 7 we started discussing the Access Control policy, but so far we only touched on the Firewall blade and played a bit with NAT. Now add three more blades – Application control, URL Filtering and Content Awareness.
Application Control & URL Filtering
Why am I reviewing App Control and URL Filtering in one tutorial? This is not casual. In fact, it is already quite difficult to clearly distinguish between where there is an application and where there is just a website. Same facebook. What is it? Site? Yes. But it includes many micro applications. Games, videos, messages, widgets, etc. And all this is desirable to manage. That is why App Control and URL filtering always activate together.
Now for the database of applications and sites. You can view them in SmartConsole through the Object Explorer. There is a special Applications / Categories filter for this. In addition, there is a special resource – Check Point AppWiki. There you can always see if there is a particular application in the checkpoint database (or a resource).
There is also a Check Point URL Categorization service, where you can always check to which “checkpoint” category a particular resource belongs. You can even request a category change if you think it is defined incorrectly.
Otherwise, with these blades everything is pretty obvious. Create an access sheet, specify the resource / application that you want to block or, on the contrary, allow. That's all. We will see it in practice a little later.
I see no reason to repeat on this topic within our course. I described in detail and showed this blade in the previous course – 3. Check Point to the maximum. Content Awareness.
Similar with HTTPS inspections. I pretty well described both the theoretical and practical part of this mechanism here – 2.Check Point to the maximum. HTTPS inspection. However, HTTPS inspection is important not only for security, but also for the accuracy of identifying applications and sites. This is covered in the video tutorial below.
In this tutorial, I will tell you in detail about the new concept of Layers, create a simple Facebook blocking policy, prohibit downloading executable files (using Content Awaress) and show how to enable HTTPS inspection.
Stay tuned for more and join our YouTube channel 🙂