HTTP/HTTPS Proxy

You can configure a Security Group A logical group of Security Gateway Modules that provides Active/Active cluster functionality. A Security Group can contain one or more Security Gateway Modules. Security Groups work separately and independently from each other. To the production networks, a Security Group appears a single Security Gateway. to act as an HTTP/HTTPS Proxy on your network.

In such configuration, the Security Group becomes an intermediary between hosts that communicate with each other through the Security Group. It does not allow a direct connection between these hosts.

Each successful connection creates two different connections:

• One connection between the client in the organization and the proxy (Security Group).

• One connection between the proxy (Security Group) and the actual destination.

These proxy modes are supported:

• Transparent - All HTTP traffic on specified ports and interfaces is intercepted and processed by the Proxy code in the Security Group. No configuration is required on the clients.

• Non Transparent - All HTTP/HTTPS traffic on specified ports and interfaces is intercepted and processed by the Proxy code in the Security Group. Configuration of the proxy address and port is required on client machines.

For more information, see:

• SmartDashboard Legacy Check Point GUI client used to create and manage the security settings in versions R77.30 and lower. In versions R80.X and higher is still used to configure specific legacy settings. built-in help

• sk110013 - How to configure Check Point Security Gateway as HTTP/HTTPS Proxy (requires Advanced access to Check Point Support Center)

• sk92482 - Performance impact from enabling HTTP/HTTPS Proxy functionality (requires Advanced access to Check Point Support Center)