Three Steps to Enable Checkpoint Firewall Application Control and URL Filtering - NETSEC


Learning, Sharing, Creating

Cybersecurity Memo

Monday, September 22, 2014

Three Steps to Enable Checkpoint Firewall Application Control and URL Filtering

Here is what Checkpoint URL Filtering and Application Control is doing:

"The Check Point URL Filtering Software Blade elevates organizational security by allowing the control of web and web 2.0 access. Unrestricted access to the internet can expose an organization to a variety of security threats and negatively affect employee productivity. The Checkpoint URL Filtering blade works in conjunction with the Application Control blade to deliver a complete protection for Web and Web 2.0 usage. In addition, the URL Filtering blade can be combined with UserCheck technology for educating users about web usage. "

To enjoy this feature, only three easy steps need to be done:

Step 1. Enable Application Control and URL Filtering blades on the Checkpoint Gateway Properties

Step 2. Create a Policy for Application & URL Filtering

This probably is most trick part. You will have to work with your security department to decide what you have to block and what you can allow. Also you may have to talk with your law department to make sure it is compliance with your local law. The rules can be simple as following , or can be much complicated with granular control application and user groups when inter-operating with Identity Awareness blade. Following example will be a simple but usually blocked enough malicious websites and applications.  

Step 3. Push Firewall Policy from mgmt server to the gateway and test the rules.

By browsing some game websites and test PaketiX VPN application, you will get notification from firewall gateway as show below when browsing website:
"The Application/Web Site is blocked according to the organization security policy. For more information, please contact your local helpdesk.

With the SmartLog, there is a better view to find out the blocked access to those website. You could double click logs to see more details.

Also the connection for PaketiX VPN failed because of blocked from the gateway. The reason for PacketiX application failed to connect its public vpn site, is the traffic is belonging to Critical Risk.

Accessing game website is blocked by URL filtering blade because the website category is belonging to game.