What can I do here?
Use this window to configure or edit the properties of a custom application/ site used in Application and URL Filtering or Threat Prevention.
Getting Here - Object Explorer > New > Custom Application/Site > Application/Site > General page
|
What background information do I need to know?
In the Application and URL Filtering Database, each application is assigned to one primary category based on its most defining aspect. See the category in the description of each application and in the logs.
In the Application and URL Filtering Database, each application can have additional categories, which are characteristics of the application. For example, some of the additional categories of Gmail include: Supports File Transfer, Sends mail, and Instant Chat. If an additional category is in a rule, the rule matches all applications that are marked with it.
Note - In the AppWiki, additional categories are called tags.
When you use the AppWiki or add applications to the Rule Base, you can filter by additional category or risk level to see all applications with that characteristic. This is a good way to get ideas of types of applications that you might want to block or allow.
If new applications are added to an additional category that is in an Application Control or URL Filtering rule, the rule is updated automatically when the database is updated.
Tell me about the fields...
For example, if a news site has these links:
https://www.news.com
http://www.news.com
To allow access only to the https link, use this regular expression:
^https:\/\/.*\.news\.com
Note: The application or site URL defined by a regular expression must use the correct syntax.
Select URLs are defined as Regular Expression only if the application or site URL is entered as a regular expression using the correct syntax.
The meaning of the asterisk ( * ) depends on its use.
For example, to block a domain that ends with "example.com" (such as www.example.com):
Regular Expression |
|
|
Wildcard |
|
Important! If you use this string as a regular expression, policy install fails. The gateway cannot resolve the regular expression to a URL, because there is no preceding character to find. |
More examples of regular expressions:
To match subdomains of mydomain.com: (^|.*\.)mydomain\.com
To match domain and subdomains of mydomain.com: (^|.*\.)*mydomain\.com
This table shows the Check Point implementation of standard regular expression metacharacters.
Metacharacter |
Name |
Description |
---|---|---|
\ |
Backslash |
escape metacharacters non-printable characters character types |
[ ] |
Square Brackets |
character class definition |
( ) |
Parenthesis |
sub-pattern, to use metacharacters on the enclosed string |
{min[,max]} |
Curly Brackets |
min/max quantifier {n} - exactly n occurrences {n,m} - from n to m occurrences {n,} - at least n occurrences |
. |
Dot |
match any character |
? |
Question Mark |
zero or one occurrences (equals {0,1}) |
* |
Asterisk |
zero or more occurrences of preceding character |
+ |
Plus Sign |
one or more occurrences (equals {1,}) |
| |
Vertical Bar |
alternative |
^ |
Circumflex |
anchor pattern to beginning of buffer (usually a word) |
$ |
Dollar |
anchor pattern to end of buffer (usually a word) |
- |
hyphen |
range in character class |
To use non-printable characters in patterns, escape the reserved character set.
Character |
Description |
---|---|
\a |
alarm; the BEL character (hex code |
\cX |
"control-X", where X is any character |
\e |
escape (hex code |
\f |
formfeed (hex code |
\n |
newline (hex code |
\r |
carriage return (hex code |
\t |
tab (hex code |
\ddd |
character with octal code |
\xhh |
character with hex code |
To specify types of characters in patterns, escape the reserved character.
Character |
Description |
---|---|
\d |
any decimal digit [0-9] |
\D |
any character that is not a decimal digit |
\s |
any whitespace character |
\S |
any character that is not whitespace |
\w |
any word character (underscore or alphanumeric character) |
\W |
any non-word character (not underscore or alphanumeric) |