Introduction to Application Control and URL Filtering

In This Section: The Need for Application Control The Need for URL Filtering The Check Point Solution for Application Control and URL Filtering Main Features

The Need for Application Control

The wide adoption of social media and Web 2.0 applications changes the way people use the Internet. More than ever, businesses struggle to keep up with security challenges.

The usage of internet applications creates a new set of challenges. For example:

• Malware threats - Application use can open networks to threats from malware. Popular applications like Twitter, Facebook, and YouTube can cause users to download viruses unintentionally. File sharing can easily cause malware to be downloaded into your network.
• Bandwidth hogging - Applications that use a lot of bandwidth, for example, streaming media, can limit the bandwidth that is available for important business applications.
• Loss of Productivity - Employees can spend time on social networking and other applications that can seriously decrease business productivity.

Employers do not know what employees are doing on the internet and how such use affects them.

The Need for URL Filtering

As with Application Control, access to the internet and non-work-related website browsing can open networks to a variety of security threats and have a negative effect on employee productivity.

You can use URL Filtering to:

• Control employee internet access to inappropriate and illicit websites
• Control bandwidth issues
• Decrease legal liability
• Improve organizational security

When URL Filtering is set, employee data is kept private when attempting to determine a site category. Only the host part of the URL is sent to the Check Point Online Web Service. This data is also encrypted.

The Check Point Solution for Application Control and URL Filtering

Check Point Firewall innovation brings the industry’s strongest URL Filtering, application and identity control to organizations of all sizes. You can easily create Policies which detect or block thousands of applications and internet sites.

Use the Application Control and URL Filtering blades to:

• Learn about the applications

  Use the Check Point comprehensive AppWiki to understand what applications are used for and what their risk levels are.

• Create a Granular Policy

  Make rules to allow or block applications or internet sites, by individual application, application or URL categories, or risk levels. When you use Identity Awareness, you can easily make rules for individuals or different groups of users. You can also create an HTTPS Policy that enables the Security Gateway to inspect HTTPS traffic to prevent security risks related to the SSL protocol.

• Learn What Your Employees are Doing

  Use SmartView Tracker and SmartEvent to understand the application and site traffic that really occurs in your environment. Then change the Policy to make it even more effective. Only administrators that have been assigned with applicable permissions can see all the fields in a log. Using these permissions makes sure that restricted data is kept private in logs and cannot be seen by all administrators.

• Keep Your Policies Updated

  The Application and URL Filtering Database is updated regularly with applications and site categories to help you keep your Policy current. The Security Gateway connects to the Check Point Online Web Service to identify social networking widgets and website categories for URLs that it does not recognize. Results are stored on a local cache on each Security Gateway. Subsequent uncategorized URLs are first checked against the local cache before querying the Check Point Online Web Service.

• Custom Applications, Sites, Categories and Groups

  You can create applications, websites, categories and groups that are not in the Application and URL Filtering Database for use in the Policy. Use these custom objects to create a Rule Base that meets your organization requirements. You can contact Check Point to create customized application signatures to be imported into the database. These signatures contain a database of internal applications that are not necessarily web-based.

Main Features

• Granular Application Control – Identify, allow, or block thousands of applications and internet sites. This provides protection against the increasing threat vectors and malware introduced by internet applications and sites.
• Largest application library with AppWiki – Comprehensive application control that uses the industry’s largest application library. It scans for and detects more than 4,500 applications and more than 100,000 Web 2.0 widgets and categories.
• Integrated into Security Gateways - Activate Application Control and URL Filtering on Security Gateways including UTM-1, Power-1, IP Appliances, and IAS Appliances.
• Central Management – Lets you centrally manage security Policies for Application Control and URL Filtering from one user-friendly console for easy administration.
• SmartEvent Analysis - Use SmartEvent advanced analysis capabilities to understand your application and site traffic with filtering, charts, reporting, statistics, and more, of all events that pass through enabled Security Gateways.