I cannot use HTTPS inspection Policy as it is not HTTP/S protocol. Then the packet reaches Internal SFTP server. Like, if I'm uploading any malware file onto our SFTP Server via VPN Tunnel from 3rdParty Client domain, will CheckPoint FW able to inspect this? (Either IPS or AV)Īs per FW chain modules, at external interface of CheckPoint-decrypt happens and then moved to modules like IPS/AV into FW kernel. How can I inspect this SFTP traffic in CheckPoint? I have below doubt to be implemented, can anyone shed some ideas on how to achieve.ġ) I have CheckPoint ClusterHA deployed and VPN Tunnel is running towards Peer 3rd Party FW.Ģ) Enabled FW, VPN, IPS, APP/URL, AV, AB blades in CheckPoint.ģ) Behind CheckPoint Cluster - we have SFTP Server in VPN DomainĤ) Behind Peer 3rd FW - we have Client machine who will access our SFTP server via VPN Tunnel and upload files.
0 kommentar(er)
