Managing URL Lists

The Users & Objects > URLs Lists page lets you override central management's URL filtering policy in your local appliance. Use this feature to define URL blacklists and allowlists exceptions to the global policy, whose content can be edited per gateway. Before you use this feature, the system administrator of the Security Management Server A dedicated Check Point server that runs Check Point software to manage the objects and policies in a Check Point environment within a single management Domain. Synonym: Single-Domain Security Management Server. that centrally manages this gateway must complete prerequisite steps.

You can use this page to manage URLs lists:

Add new URLs/IP addresses or regular expressions to URLs lists.
Edit existing URLs/IP addresses or regular expressions from URLs lists.
Delete existing entries in URLs lists.
Enable and disable this feature.

Prerequisite steps for the system administrator of the Security Management Server:

Turn on the Application Control Check Point Software Blade on a Security Gateway that allows granular control over specific web-enabled applications by using deep packet inspection. Acronym: APPI. blade for the gateway object that represents this appliance.
Configure custom applications in SmartConsole Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on. with these guidelines:
- Use the prefix: LOCAL_ (case-sensitive) when naming a custom application.
  
  Examples:
  - LOCAL_allowlist
  - LOCAL_blacklist
- Enter at least one URL for this custom application, it can be a dummy URL. The actual list of URLs to allow or block is defined locally in the appliance.
Create rules in the Application Control Rule Base All rules configured in a given Security Policy. Synonym: Rulebase. using the custom defined applications with the LOCAL_ prefix. Make sure to add the rules in positions that make sense in the Rule A set of traffic parameters and other conditions in a Rule Base that cause specified actions to be taken for a communication session. Base.
Install policy on the specified gateway.

Steps for the system administrator of this Small Office Appliance:

On this page, set Local URLs Lists Management to ON.

Add URLs/IP addresses or regular expressions to the predefined URLs lists (the custom applications defined in Security Management Server A Check Point Security Management Server or a Multi-Domain Security Management Server.).

Note - The names of the predefined URLs lists does NOT show the LOCAL_ prefix that was used to define the application in Security Management Server.

For example, LOCAL_allowlist is shown as just allowlist.

Important

If Application Control is turned off or no custom applications have been defined in the Security Management Server, this page is empty and shows a message that informs that local URLs can only be defined after URLs lists are predefined in the appliance's security policy.
If a list was removed or renamed in the Security Management Server, a warning shows above the table and next to the URLs List in the table.

To create a new URLs list entry:

Click New.
Select URL/IP Address or Regular Expressions.

The New URL/IP Address or New Regular Expressions window opens.
Select the applicable URLs list from the list.
Enter a URL/IP Address or a regular expression for the URLs list.
Click Apply

The URL is added to the list of entries for the specified URLs list in the table.

To edit a URLs list entry:

Select an entry from the list.
Click Edit.
Make the necessary changes.
Click Apply

To delete a URLs list entry:

Select an entry from the list.
Click Delete.
Click Yes in the confirmation message.

To filter for a specified URLs list:

Do one of these:

In the All Lists box, select the URLs list.
In the Type to filter field, enter the URLs list name to shows matching results.