Secure Platform NG w/AI R55.
Has anyone implemented successfully a rule that blocks dangerous file downloads via http without using a CVP Server?
I have followed PhoneBoy's example in his book "Essential Check Point FW-1 NG" that uses URI Resources but what ends up happening it blocks access to legitimate websites that my endusers can not live without. I figure that somewhere in the path of the website they are trying to access must be the "key" extensions that I am attempting to block. Examples would be EXE or MSI file types.
I have to end up disabling the rule because it blocks my users from accessing websites that they can not live without.
Rule:
SRC Dest Service Action
Any Any http-->blocktypes drop (stops downloads of exe files)
Any Any http accept (allows normal web browsing)
Has anyone implemented successfully a rule that blocks dangerous file downloads via http without using a CVP Server?
I have followed PhoneBoy's example in his book "Essential Check Point FW-1 NG" that uses URI Resources but what ends up happening it blocks access to legitimate websites that my endusers can not live without. I figure that somewhere in the path of the website they are trying to access must be the "key" extensions that I am attempting to block. Examples would be EXE or MSI file types.
I have to end up disabling the rule because it blocks my users from accessing websites that they can not live without.
Rule:
SRC Dest Service Action
Any Any http-->blocktypes drop (stops downloads of exe files)
Any Any http accept (allows normal web browsing)