Action Settings

What can I do here?

Use this window to configure UserCheckClosed Functionality in your Security Gateway or Cluster and endpoint clients that gives users a warning when there is a potential risk of data loss or security violation. This helps users to prevent security incidents and to learn about the organizational security policy. options and set an action for the access ruleClosed Set of traffic parameters and other conditions in a Rule Base (Security Policy) that cause specified actions to be taken for a communication session..

Getting Here - Security PoliciesClosed Collection of rules that control network traffic and enforce organization guidelines for data protection and access to resources with packet inspection. > Access Control > Policy > Action column > More

Actions

Action

Description

Accept

Accepts the traffic

Drop

Drops the traffic. The Firewall does not send a response to the originating end of the connection and the connection eventually does a time-out. If no UserCheck object is defined for this action, no page is displayed.

Ask

Asks the user a question and adds a confirmatory check box, or a reason box. Uses a UserCheck object.

Inform

Sends a message to the user attempting to access the application or the content. Uses a UserCheck object.

To see these actions, right-click and select More:

Reject

Rejects the traffic. The Firewall sends an RST packet to the originating end of the connection and the connection is closed.

UserCheck Frequency

Configure how often the user sees the configured message when the action is ask, inform, or block.

Confirm UserCheck

Select the action that triggers a UserCheck message:

  • Per rule - UserCheck message shows only once when traffic matches a rule.

  • Per category - UserCheck message shows for each matching category in a rule.

  • Per application/Site - UserCheck message shows for each matching application/site in a rule.

  • Per Data type - UserCheck message shows for each matching data type.

Limit

Limits the bandwidth that is permitted for a rule. Add a Limit object to configure a maximum throughput for uploads and downloads.

Enable Identity Captive Portal

Redirects HTTP traffic to an authentication (captive) portal. After the user is authenticated, new connections from this source are inspected without requiring authentication.

Important - A rule that drops traffic, with the Source and Destination parameters defined as Any, also drops traffic to and from the Captive PortalClosed A Check Point Identity Awareness web portal, to which users connect with their web browser to log in and authenticate, when using Browser-Based Authentication..