• Kiếm tiền với Hostinger

    Kiếm Tiền Cùng Hostinger

    Bạn đang tìm kiếm cách kiếm thêm thu nhập online? Hãy tham gia ngay chương trình Affiliate của Hostinger! Với mỗi khách hàng đăng ký thông qua liên kết của bạn, bạn sẽ nhận được khoản hoa hồng hấp dẫn.

    Hostinger cung cấp các dịch vụ lưu trữ web (hosting) chất lượng cao với mức giá cạnh tranh, giúp bạn dễ dàng giới thiệu và thu hút người dùng.

    Đừng bỏ lỡ cơ hội tuyệt vời này để tăng thêm thu nhập thụ động.

    Tham Gia Ngay

(Check Point)Instructions for Application Control, URL Filtering, Content Awareness on FW CheckPoint

TigerDao

Administrator
Thành viên BQT
In this article we will introduce the Application Control, URL Filtering and Content Awareness features, as well as HTTPS Inspection on the Check Point firewall device.

– Application Control and URL Filtering allows identification and control of URLs and applications, including Web and social networks.

– Open Object Explorer and select Application Categories to view categories and applications.


(IMG)



– You can look up categories and applications by.


(IMG)



– You can also look up at Check Point AppWiki.


(IMG)



– Content Awareness as part of Access Control allows content-based control of traffic by identifying files and their contents. Content Awareness limits the types of data users can upload or download and checks HTTP, HTTPS, FTP and SMTP protocols.

– You can view supported file types in Object Explorer.


(IMG)



– First we will enable features on Security gateway. In SmartConsole, open the gateway and check Application Control, URL Filtering, and the Content Awareness Software Bladesthen select OK to save.


(IMG)



– Now we will add a Layer layer in Access Control. In Access Control > Policy right click select Edit.


(IMG)



– And add new Layer.


(IMG)



– Name the Layer “Application” and enable Applications & URL Filtering and Content Awareness Blades in General.


(IMG)



– Go Advanced tab and choose Accept option for Implicit Cleanup Action.


(IMG)



– Then select OK to finish.


(IMG)



– Now we can see new Application Layer in Access Control Policy with default Cleanup Rule – Accept.


(IMG)



– This layer will be used to control access to web and applications.

– Our access policy is based on 2 Layers: Network layer and Application Layer. Traffic will be filtered through the Network layer before passing through the Application Layer.


(IMG)



– With R80.x, Access policy can be layered, or unified, where Network filtering, Application Control, URL Filtering and Content Awareness can be combined in a single layer.

+ HTTPS Inspection

– According to various sources, today, between 50% and 75% of Internet traffic is HTTPS. That means HTTPS Inspection is necessary to effectively control web traffic.

– In essence, HTTPS Inspection is a man-in-the-middle attack technique, where Security Gateway decrypts and re-encrypts TLS traffic on both client to server and server to client directions.


(IMG)



– Before installing Security Policy, you need to enable HTTPS Inspection. Double-click on Security Gateway and select the HTTPS Inspection tab. Here you can import or create a new certificate. Select Create and set up DN (testlab.local) and key password.


(IMG)



– Once the certificate is created, you need to export it, to install it on the end user’s machine.


(IMG)



– Finally, select “Enable HTTPS Inspection” checkbox and select OK.


(IMG)



– We have completed the initial configuration for the HTTPS Inspection feature.

– Now we will create a new Inspection Policy, go to Application Layer and add a new rule.


  • Put LanNetwork like Source.
  • In Services & Application column more Anonymizer & Social Networking categories
(IMG)



– In column Action, select Drop > Blocked Message.


(IMG)



– Add another rule below and add Executable File in Content.


(IMG)



– Right-click on Any Direction and select Downset Action to Drop > Blocked Messages.


(IMG)



– In Cleanup rule, Action to Accept and enable Detailed Log.


(IMG)

(IMG)



– Once completed, it will look like this:


(IMG)



– Select Install Policy to install Policy.

– Before checking the Inspection Policy set up above, we will install the created certificate on the Lab User PC.

– Copy the certificate to the device you want to install, open the certificate file and select Install Certificate.


(IMG)



– Transparent Import Wizard process, select Local Machine.


(IMG)



– Select Yes.


(IMG)



– Select Trusted Root Certificate Authorities store to install.


(IMG)



– Select Next.


(IMG)



– Complete Installation Wizard.


(IMG)



(IMG)


– Open a browser and go to google.com. Select the lock icon to view the certificate.


(IMG)



– You can see the google.com certificate has been changed to testlab.com. That means HTTPS inspection is active, Security Gateway decrypts and re-encrypts HTTPS traffic between the user and the web server.


(IMG)



– Now try accessing facebook.com, you may see Certificate Error warning and be redirected to the IP address of Security Gateway.


(IMG)



– Select Continue to this website, you will see Block Message.


(IMG)



– View the certificate and install it.


(IMG)



– Try accessing Twitter, you will not see the Certificate Error warning and will only see Block Message.


(IMG)



– To test the Content Awareness feature, try downloading the .exe file.


(IMG)



– Download will be locked.


(IMG)



– Go back to Security Policy and view access logs.


(IMG)

(IMG)

!!! Thank you for following the article!!!

Xem tiếp...
 

Similar threads

O
Trả lời
0
Lượt xem
106
Osama Bin Javaid
O
Top