A Quick Test to Check Point Capsule Cloud Service - NETSEC

Latest

Learning, Sharing, Creating

Cybersecurity Memo

Monday, February 23, 2015

A Quick Test to Check Point Capsule Cloud Service

Not sure how many Checkpoint customers are using this service, but it is quite attractive when I heard about it. It will help your remote users connect with your global offices and Internet seamlessly.  

Roaming users will use a vpn tunnel to connect to Check Point's cloud network, from there they could access their company's Internal network with another pre-built vpn tunnel. Also from Check Point Cloud, roaming users will be able to browse Internet safely with Check Point's cloud service:
  • URL Filtering
  • Anti-Virus
  • Anti-Bot
  • Threat Emulation
  • IPS
  • HTTPS Inspection



Lets start to experience it:

Step 1: Register an account at https://cloud.checkpoint.com/ with your email account

 After registration, you will receive a email with subject "Your Capsule Connect registration code". Inside the email, there are all links to download the client for Windows, Macintosh, Android and iOS versions.

Step 2: Download and Install the Client:

From "Your Capsule Connect registration code" email, download windows client on your pc. Double click and follow on screen instruction to complete software installation. You will find a cloud icon appears on your right bottom screen. Basically the client will install a new Local Area Connection network driver "Check Point Virtual Network Adapter For Cloud Connect" in your system.
Right click the cloud icon:
Select 'Show Client' menu to enable main window. Choose connect button to make a connection to Check Point's Cloud network.
After system connected to the cloud, you will find your system got a new ip address (172.16.9.28/22) from DHCP server 172.16.9.27 with DNS server 8.8.8.8.

Also from Speedtest.net, we will see the system got an US ip address 208.43.242.98. The download and upload speed is not that bad. 

My pc is having almost 100Mbps download / upload speed without connecting to Checkpoint Cloud.

Step 3: Log into https://cloud.checkpoint.com/ to review the configuration and policies

Check Point Capsule Cloud Policy Tab.
Under Security Policy, there are three features enabled:

  • URL Filtering
  • Threat Prevention
  • HTTPS Inspection


Step 4: Troubleshooting for https website issue

By default, there is a problem to browse https website, such as Gmail site.It shows a This Connection is Untrusted and the connection is blocked. 
From the "Logs & Reports" tab, it shows Check Point Cloud Service Application Cloud blade blocked those 
Double click the log entry you will get the log details for that record.

After turned off HTTPS Inspection from Policy tab, those https website become available again. 

Reference:






No comments:

Post a Comment