URI - General
What can I do here?
Use this window to create or edit the properties of a URI resource.
|
Getting Here - Object Explorer > New > Resource > URI > General
|
Understanding URI Resources
Resources are used to match content that you are looking for, and to run an action on the content.
To specify the content, wildcards and regular expressions can be used.
The Resource is triggered when a Rule includes the Resource, and a packet matches the rule. A Resource is applied per Service.
URI Options
Tell me about the Fields
Use this resource to:
- Enforce URI Capabilities - This option diverts the connection to the HTTP security server, and enables all the functionality and parameters of the URI resource, such as schemes, hosts, paths and methods and CVP checking.
- Optimize URL logging - Generates extra URL logging information by performing kernel inspection on the HTTP connection, and shows the full path of the requested URL, not just the name of the web server. If selected, fields and tabs of the URI Resource that relate to the security server are disabled.
- Enhance UFP Performance - Improves UFP performance by not using the security server. The cost of this improved performance is that UFP caching, CVP checking and authentication cannot be used with this mode, and certain HTTP Header verifications, such as methods and length are not performed.
Connection Methods - configure when this Resource applies.
- Transparent - means that the security server is invisible to the client that originates the connection, and to the server. The Transparent connection method is the most secure.
- Proxy - means that this Resource is applied when people specify the Check Point Security Gateway as a proxy in their browser. If clients use the Security Gateway as a proxy, connections will leave the gateway with the Security Gateway as the source IP address. No NAT will take place to the IP address of the original client.
- Tunneling (visitor mode) - means that this Resource is applied when people specify the Security Gateway as a proxy in their browser, and is used for connections where Security Gateway cannot examine the contents of the packets, not even the URL. Only the host name and port number are checked. Tunneling Connection are HTTP connections that use the CONNECT method. An example of this is HTTPS (an SSL encrypted HTTP connection). If Tunneling is specified, all Content Security options of the URI Resource are disabled. The Tunneling connection method is not allowed by default because of the security implications. Avoid creating a Resource that allows only tunneling. It is preferable to define a rule that opens the port used by the visitor mode connections.
URI Match Specification Type - The type can be Wild Cards or UFP, where a UFP server holds categories of forbidden web sites. For details of the match specification of each, see the Match tab.
Exception Track - Configures how to track connections that match this rule but fail the content security checks. An example of an exception is a connection with an unsupported scheme or method.
