HTTP/HTTPS Proxy

You can configure a Security GroupClosed A logical group of Security Appliances that provides Active/Active cluster functionality. A Security Group can contain one or more Security Appliances. Security Groups work separately and independently from each other. To the production networks, a Security Group appears a single Security Gateway. Every Security Group contains: (A) Applicable Uplink ports, to which your production networks are connected; (B) Security Appliances (the Quantum Maestro Orchestrator determines the applicable Downlink ports automatically); (C) Applicable management port, to which the Check Point Management Server is connected. to act as an HTTP/HTTPS Proxy on your network.

In such configuration, the Security Group becomes an intermediary between hosts that communicate with each other through the Security Group. It does not allow a direct connection between these hosts.

Each successful connection creates two different connections:

  • One connection between the client in the organization and the proxy (Security Group).

  • One connection between the proxy (Security Group) and the actual destination.

These proxy modes are supported:

  • Transparent - All HTTP traffic on specified ports and interfaces is intercepted and processed by the Proxy code in the Security Group. No configuration is required on the clients.

  • Non Transparent - All HTTP/HTTPS traffic on specified ports and interfaces is intercepted and processed by the Proxy code in the Security Group. Configuration of the proxy address and port is required on client machines.

For more information, see: