Security Elevation
Application Control and Content Filtering
Concept
Any kind of traffic that you can label based off pf the destination address/traffic (e.g. Facebook) is an application.
This can be used to block inappropriate, malicious, or time-wasting traffic.
URL Filtering
This is a process that lets companies restrict online content that individuals can access. Users are prevented from going to specific websites and prohibited from using corporate resources such as bandwidth or devices in a way that could harm the company
Employee data is kept private when attempting to determine a site category. Only part of the URL is logged. The data is also encrypted
URL Filtering DB Categories
Blocked sites
Allowed Sites
Defined IT Policies
Blocked or Allowed URL Filtering
If there isn't an entry for a URL in the local database, the Firewall will check with Check Points Cloud to see it's reputation
There are two options while waiting for the response:
Allow all requests (fail-open)
Disallow all requests
Autonomous Threat Prevention
Provides out-of-the-box Threat Prevention, which reduces administrative overhead
Primary capabilities:
Threat Prevention Profiles include:
The Sandbox prevents unknown zero-day and sophisticated attacks by executing suspicious files in evasion-resistant sandbox and uses AI techniques
Advanced Forensic Details
Some logs contain additional fields that hold information that can be used for advanced forensic analysis of the traffic that triggered a protection. The following protocols are supported:
DNS
FTP
HTTP
HTTPS
SMTP
Practice Questions
Last updated
Was this helpful?
