Creating Application Control and URL Filtering Rules

Create and manage the Policy for Application ControlClosed Check Point Software Blade on a Security Gateway that allows granular control over specific web-enabled applications by using deep packet inspection. Acronym: APPI. and URL FilteringClosed Check Point Software Blade on a Security Gateway that allows granular control over which web sites can be accessed by a given group of users, computers or networks. Acronym: URLF. in the Access Control Policy, in the Access Control view of SmartConsoleClosed Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on.. Application Control and URL Filtering rules define which users can use specified applications and sites from within your organization and what application and site usage is recorded in the logs.

To learn which applications and categories have a high risk, look through the Application Wiki in the Access Tools part of the Security Policies view. Find ideas for applications and categories to include in your Policy.

To see an overview of your Access Control Policy and traffic, see the Access Control view in Logs & Monitor > New Tab > Views.

Best Practice - Do not use Application Control and URL Filtering in the same ruleClosed Set of traffic parameters and other conditions in a Rule Base (Security Policy) that cause specified actions to be taken for a communication session., this may lead to wrong rule matching. Use Application Control and URL Filtering in separate rules. This makes sure that the URL Filtering rule is used as soon as the category is identified. For more information, see sk174045.

Blocking URL Categories

Scenario: I want to block pornographic sites. How can I do this?

You can do this by creating a rule that blocks all sites with pornographic material with the Pornography category. If you enable Identity Awareness on a Security Gateway, you can use it together with URL Filtering to make rules that apply to an access role. Use access role objects to define users, machines, and network locations as one object.

In this example:

  • You have already created an Access Role (Identified_Users) that represents all identified users in the organization.

  • You want to block sites related to pornography.

The procedure is similar to Blocking Applications and Informing Users.