Web Intelligence Issue...

[brierw]

Hello,

I have Web Intelligence setup and working but for some reason if the URL is HTTPS the protection doesn't work???

Is there something I'm missing here?

Many thanks :)

[RayPesek]

You're not missing anything. None of the Web Intelligence or SmartDefense protections can work if SSL is used. It's one of the major drawbacks of those products and why we did not buy the Web Intelligence license. The most important data we have is SSL and it is what we cannot inspect.

Check Point used to have an add-in SSL card for FW-1. You would add your web server SSL certificate to the card and the SSL connection from the Internet terminated on the card. This decrypted the communications so it could be inspected. It was then re-encrypted when it left the firewall headed to the Internet. The vendor got bought a year ago and the card was discontinued.

The only way you can make this work is if you have the firewall pass the traffic through to some device that can do SSL termination, like Microsoft's ISA firewall. Then you route the decrypted traffic back through a different interface on FW-1 so it can be inspected. It was going to add too much complexity for us.

Ray