URI - Content Vectoring Protocol (CVP)

What can I do here?

Use this window to configure CVP inspection on HTTP messages. Many CVP servers can inspect the request and response in HTTP connections, and the HTTP headers in message packets.

Getting Here - Object Explorer > New > Resource > URI > CVP

CVP Options

Tell me about the fields

Use CVP to enable CVP - select the CVP server from the drop-down menu. The CVP server should already be defined as an OPSEC Application.
CVP Server is allowed to modify content - if the designated CVP server can inspect and repair the message string. CVP servers cannot modify binary files, so if the resource matches on *.exe, you may want to prevent the CVP server modifying it, and just drop it. If you choose not to allow the CVP server to modify content, and the CVP server finds a problem (such as a virus), the message will not be allowed.
Send HTTP Headers to CVP server - If you would like the CVP server to check the HTTP headers of the message packets, select
Send HTTP requests to CVP server - to protect against undesirable content in the HTTP request, for example, when inspecting peer-to-peer connections.
Send only unsafe file types to CVP server - improves the performance of the CVP server. This option does not send to the CVP server traffic that is considered safe. Check Point Security Gateway considers files that are not executable to be safe, because they do not normally contain viruses. Picture and video files are considered safe.
The Check Point Security Gateway security server identifies safe content by actually examining the contents of the packet. It does not rely on examining the URL (for file extensions such as *.GIF) nor does it rely on checking the MIME type (such as image/gif) in the server response.
Reply Order - designates when the CVP server returns data to the Security Gateway security server.
The CVP server checks the file one packet at a time. After the CVP server has inspected the whole file, it sends a Validation Result message to the security server. If the Validation Result is that the file is approved, the security server sends the file back to the Inspection gateway, which sends the file on to the client.
Return data after content is approved - the CVP server sends the file back security server after checking the whole file.
Return data before content is approved - the CVP server sends packets to the security server as soon as it checks them. Return data before content is approved gives better response times to users, but may mean that the CVP server sends virus infected files to the security server.