Contents/Index/Search Download Complete PDF Send Feedback Print This Page

Previous

Next

Introduction to Application Control and URL Filtering

Related Topics

The Need for Application Control

The Need for URL Filtering

The Check Point Solution for Application Control and URL Filtering

Main Features

Glossary

The Need for Application Control

The wide adoption of social media and Web 2.0 applications changes the way people use the Internet. More than ever, businesses struggle to keep up with security challenges.

The usage of internet applications creates a new set of challenges. For example:

  • Malware threats - Application use can open networks to threats from malware. Popular applications like Twitter, Facebook, and YouTube can cause users to download viruses unintentionally. File sharing can easily cause malware to be downloaded into your network.
  • Bandwidth hogging - Applications that use a lot of bandwidth, for example, streaming media, can limit the bandwidth that is available for important business applications.
  • Loss of Productivity - Employees can spend time on social networking and other applications that can seriously decrease business productivity.

Employers do not know what employees are doing on the internet and how such use affects them.

The Need for URL Filtering

As with Application Control, access to the internet and non-work-related website browsing can open networks to a variety of security threats and have a negative effect on employee productivity.

You can use URL Filtering to:

  • Control employee internet access to inappropriate and illicit websites
  • Control bandwidth issues
  • Decrease legal liability
  • Improve organizational security

When URL Filtering is set, employee data is kept private when attempting to determine a site category. Only the host part of the URL is sent to the Check Point Online Web Service. This data is also encrypted.

The Check Point Solution for Application Control and URL Filtering

Check Point Firewall innovation brings the industry’s strongest URL Filtering, application and identity control to organizations of all sizes. You can easily create Policies which detect or block thousands of applications and internet sites.

Use the Application Control and URL Filtering blades to:

  • Learn about the applications

    Use the Check Point comprehensive AppWiki to understand what applications are used for and what their risk levels are.

  • Create a Granular Policy

    Make rules to allow or block applications or internet sites, by individual application, application or URL categories, or risk levels. When you use Identity Awareness, you can easily make rules for individuals or different groups of users. You can also create an HTTPS Policy that enables the Security Gateway to inspect HTTPS traffic to prevent security risks related to the SSL protocol.

  • Learn What Your Employees are Doing

    Use SmartView Tracker and SmartEvent to understand the application and site traffic that really occurs in your environment. Then change the Policy to make it even more effective. Only administrators that have been assigned with applicable permissions can see all the fields in a log. Using these permissions makes sure that restricted data is kept private in logs and cannot be seen by all administrators.

  • Keep Your Policies Updated

    The Application and URL Filtering Database is updated regularly with applications and site categories to help you keep your Policy current. The Security Gateway connects to the Check Point Online Web Service to identify social networking widgets and website categories for URLs that it does not recognize. Results are stored on a local cache on each Security Gateway. Subsequent uncategorized URLs are first checked against the local cache before querying the Check Point Online Web Service.

  • Custom Applications, Sites, Categories and Groups

    You can create applications, websites, categories and groups that are not in the Application and URL Filtering Database for use in the Policy. Use these custom objects to create a Rule Base that meets your organization requirements. You can contact Check Point to create customized application signatures to be imported into the database. These signatures contain a database of internal applications that are not necessarily web-based.

Main Features

  • Granular Application Control – Identify, allow, or block thousands of applications and internet sites. This provides protection against the increasing threat vectors and malware introduced by internet applications and sites.
  • Largest application library with AppWiki – Comprehensive application control that uses the industry’s largest application library. It scans for and detects more than 4,500 applications and more than 100,000 Web 2.0 widgets and categories.
  • Integrated into Security Gateways - Activate Application Control and URL Filtering on Security Gateways including UTM-1, Power-1, IP Appliances, and IAS Appliances.
  • Central Management – Lets you centrally manage security Policies for Application Control and URL Filtering from one user-friendly console for easy administration.
  • SmartEvent Analysis - Use SmartEvent advanced analysis capabilities to understand your application and site traffic with filtering, charts, reporting, statistics, and more, of all events that pass through enabled Security Gateways.

Glossary

  • Applications - Applications include:
    • Programs you install on a desktop, for example Microsoft Office.
    • Programs you use through a browser, for example Google chat.
    • Social Network widgets that reside in social networking sites, for example Farmville on Facebook.
  • Site - A site which can be accessed via a web browser.
  • Primary Category - Group of applications with a common defining aspect. Each application has one primary category which is the most defining aspect of the application. See the category in the application descriptions and in the logs. When URL Filtering is enabled, categories also define a group of URLs or patterns of URLs.
  • Additional Categories - Characteristics of the application. In the Application and URL Filtering Database, applications can have multiple categories. For example, Gmail categories include: Supports File Transfer, Sends mail, and Instant Chat. You can include categories in rules in the Rule Base. If a category is in a rule, the rule matches all applications and sites that are marked with that category. For example if you block the "Sends mail" category: Gmail, Yahoo! Mail, and others will be blocked.
  • Bytes - As used in Application Control, it means the quantity of bytes of traffic. It does not mean the rate of bytes transferred for a specific unit of time.
  • AppWiki - The searchable ,Check Point application database that shows a description, risk level, primary and additional categories. In the AppWiki, additional categories are called tags.
  • Matched Category - The category that was matched by the URL Filtering rulebase.
 
Top of Page ©2013 Check Point Software Technologies Ltd. All rights reserved. Download Complete PDF Send Feedback Print