Custom Application or Site - General

What can I do here?

Use this window to configure or edit the properties of a custom application/ site used in Application and URL Filtering Check Point Software Blade on a Security Gateway that allows granular control over which web sites can be accessed by a given group of users, computers or networks. Acronym: URLF. or Threat Prevention.

Getting Here - Object Explorer > New > Custom Application/Site > Application/Site > General page

Creating Custom Applications and Sites

What background information do I need to know?

In the Application and URL Filtering Database, each application is assigned to one primary category based on its most defining aspect. See the category in the description of each application and in the logs.

In the Application and URL Filtering Database, each application can have additional categories, which are characteristics of the application. For example, some of the additional categories of Gmail include: Supports File Transfer, Sends mail, and Instant Chat. If an additional category is in a rule Set of traffic parameters and other conditions in a Rule Base (Security Policy) that cause specified actions to be taken for a communication session., the rule matches all applications that are marked with it.

Note - In the AppWiki, additional categories are called tags.

When you use the AppWiki or add applications to the Rule Base All rules configured in a given Security Policy. Synonym: Rulebase., you can filter by additional category or risk level to see all applications with that characteristic. This is a good way to get ideas of types of applications that you might want to block or allow.

If new applications are added to an additional category that is in an Application Control Check Point Software Blade on a Security Gateway that allows granular control over specific web-enabled applications by using deep packet inspection. Acronym: APPI. or URL Filtering rule, the rule is updated automatically when the database is updated.

Custom Application Options

Tell me about the fields...

• In the General Properties tab, you can change the details of the site or application.

• In the URL List, enter the URLs.

  • Do not include http/https prefixes

  • Select URLS are defined as Regular Expression to define more complex domain patterns, or for greater specificity.

    For example, if a news site has these links:

    https://www.news.com

    http://www.news.com

    To allow access only to the https link, use this regular expression:

    ^https:\/\/.*\.news\.com

    Note Custom application/Sites do not apply until a URL or domain in the traffic payload matches those defined for the application/site. For example, the first packet of a connection will not match an application/site. For more, see sk106623 Some Regular Expressions may have performance impact on the Security Gateway Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources.. For more, see sk165094 The application or site URL defined by a regular expression must use the correct syntax

    Note: The application or site URL defined by a regular expression must use the correct syntax.

• In the Additional Categories tab, you can create more categories for the Application and URL Filtering or Threat Prevention Software Blade Specific security solution (module): (1) On a Security Gateway, each Software Blade inspects specific characteristics of the traffic (2) On a Management Server, each Software Blade enables different management capabilities..

Using Regular Expressions in Custom Sites

Before using regular expressions in Custom sites, see: sk165094.