"The Check Point URL Filtering Software Blade elevates organizational security by allowing the control of web and web 2.0 access. Unrestricted access to the internet can expose an organization to a variety of security threats and negatively affect employee productivity. The Checkpoint URL Filtering blade works in conjunction with the Application Control blade to deliver a complete protection for Web and Web 2.0 usage. In addition, the URL Filtering blade can be combined with UserCheck technology for educating users about web usage. "
Step 1. Enable Application Control and URL Filtering blades on the Checkpoint Gateway Properties
Step 2. Create a Policy for Application & URL Filtering
This probably is most trick part. You will have to work with your security department to decide what you have to block and what you can allow. Also you may have to talk with your law department to make sure it is compliance with your local law. The rules can be simple as following , or can be much complicated with granular control application and user groups when inter-operating with Identity Awareness blade. Following example will be a simple but usually blocked enough malicious websites and applications.
Step 3. Push Firewall Policy from mgmt server to the gateway and test the rules.
By browsing some game websites and test PaketiX VPN application, you will get notification from firewall gateway as show below when browsing 9yao.com website:
"The Application/Web Site is blocked according to the organization security policy. For more information, please contact your local helpdesk.
"
With the SmartLog, there is a better view to find out the blocked access to those website. You could double click logs to see more details.
Accessing game website 9yao.com is blocked by URL filtering blade because the website category is belonging to game.
Great post. Like it. Keep going Jon.
ReplyDeletethx
Delete