This tutorial will provide you with the necessary steps to setup Check Point Application Control Software Blade.
Setting up Check Point R75 Application Control
1. Log in to Check Point SmartDashboard and edit your Gateway Object. In General Properties select Application Control as you can see in the image below.
2. Once we have activated the Check Point Application Control software blade, click on the Application & URL Filtering tab above. Expand Advanced and select updates. Click Update Management to update the Application Control database.
3. Click on Policy on the far left. I have added rule one to allow my Windows Active Directory Server, named server-ad1, access to everything. Rule 2 I’ve created a rule for all computers on the internal_lan 192.168.10.x/24 to be blocked if they try to access facebook. The third rule i’ve created is to then allow the internal_lan access to everything else.
4. If we now click on our Firewall tab, you can see I have one rule that allows full access for my winxp-test and server-ad1 machines. My winxp-test machine has an ip address of 192.168.10.22 and my server-ad1 server has an ip address of 192.168.10.80.
5. Going back to the Check Point Application and URL Filtering tab, we can also be a little more specific in our blocking rule. In rule two we are only blocking facebook games, such as farmville, mafia wars, zynga poker, etc
6. When I log into my Windows XP machine and browse to facebook, i’m able to log in, though as soon as I try to access a facebook game such as mafia wars, the Application Control blocks me immediately.
7. Check Point Application Control can also be tied in with Identity Awareness, which provides URL and Application blocking based on users and groups. See my tutorial here for Identity Awareness with Application Control.
All the tutorials included on this site are performed in a lab environment to simulate a real world production scenario. As everything is done to provide the most accurate steps to date, we take no responsibility if you implement any of these steps in a production environment.