Security Elevation

Application Control and Content Filtering

Concept

Any kind of traffic that you can label based off pf the destination address/traffic (e.g. Facebook) is an application.

This can be used to block inappropriate, malicious, or time-wasting traffic.

URL Filtering

This is a process that lets companies restrict online content that individuals can access. Users are prevented from going to specific websites and prohibited from using corporate resources such as bandwidth or devices in a way that could harm the company

Employee data is kept private when attempting to determine a site category. Only part of the URL is logged. The data is also encrypted

URL Filtering DB Categories

Blocked sites
Allowed Sites
Defined IT Policies
Blocked or Allowed URL Filtering

If there isn't an entry for a URL in the local database, the Firewall will check with Check Points Cloud to see it's reputation

There are two options while waiting for the response:

Allow all requests (fail-open)
Disallow all requests

Autonomous Threat Prevention

Provides out-of-the-box Threat Prevention, which reduces administrative overhead

Primary capabilities:

Threat Prevention Profiles include:

The Sandbox prevents unknown zero-day and sophisticated attacks by executing suspicious files in evasion-resistant sandbox and uses AI techniques

Advanced Forensic Details

Some logs contain additional fields that hold information that can be used for advanced forensic analysis of the traffic that triggered a protection. The following protocols are supported:

DNS
FTP
HTTP
HTTPS
SMTP

Practice Questions

PreviousNAT NextSite-to-Site VPN

Last updated 11 months ago

Was this helpful?