EPISODE · May 8, 2026 · 21 MIN
Course 32 - Checkpoint CCSA R80 | Episode 8: HTTPS Inspection, URL Filtering, and Identity Awareness
from CyberCode Academy · host CyberCode Academy
In this lesson, you’ll learn about: HTTPS inspection, advanced filtering, and identity-based security in Check Point R801. HTTPS Inspection (Deep Traffic Visibility)In Check Point R80, HTTPS traffic is encrypted → normally invisible to firewalls🔹 The ProblemMalware or attacks can hide inside:SSL/TLS encrypted traffic🔹 The Solution: HTTPS InspectionGateway acts as a proxy:Intercepts HTTPS trafficDecrypts it in memoryInspects contentRe-encrypts and forwards🔹 Key RequirementsEnable inspection policyInstall and trust certificates on client devices🔹 VerificationUse SmartConsole logsConfirm sessions are being inspected👉 This is critical for detecting:Hidden malwareEncrypted attacks2. Advanced Filtering Actions🔹 Category-Based FilteringControl access based on:Website categoriesApplication types🔹 ExamplesAllow:Search enginesRestrict:Social mediaGamblingMalicious sites3. Interactive Policy Actions🔹 “Ask” ActionUser sees a warning pageMust accept policy to continue🔹 “Inform” ActionUser is notifiedTraffic still allowed🔹 Why Use ThemEnforce company policyEducate usersAvoid full blocking👉 Balance between security and usability4. Identity Awareness (User-Based Security)🔹 The ProblemTraditional firewalls rely on:IP addresses❌ But IP ≠ real user🔹 The SolutionIdentity-based enforcement in Check Point R80🔹 Identity SourcesActive DirectoryCaptive PortalEndpoint agents🔹 Access Role ObjectsCombine:UsersGroupsMachinesNetworks🔹 Example RuleAllow:User “Bob” → access internal appDeny:Others👉 Much more precise than IP-based rules5. Identity-Based Logging & Visibility🔹 BenefitsLogs show:Username (not just IP)🔹 Use CasesFaster troubleshootingBetter auditingStronger security investigationsKey TakeawaysHTTPS inspection enables deep visibility into encrypted trafficCertificates are required to avoid browser warnings“Ask” and “Inform” provide interactive enforcementIdentity Awareness ties traffic to real usersAccess Roles enable highly granular security rulesBig PictureWith these advanced features in Check Point R80, you move beyond traditional firewalls:From IP-based → identity-based securityFrom blind encryption → full traffic inspectionFrom rigid blocking → interactive user controYou can listen and download our episodes for free on more than 10 different platforms:https://linktr.ee/cybercode_academy
What this episode covers
In this lesson, you’ll learn about: HTTPS inspection, advanced filtering, and identity-based security in Check Point R801. HTTPS Inspection (Deep Traffic Visibility)In Check Point R80, HTTPS traffic is encrypted → normally invisible to firewalls🔹 The ProblemMalware or attacks can hide inside:SSL/TLS encrypted traffic🔹 The Solution: HTTPS InspectionGateway acts as a proxy:Intercepts HTTPS trafficDecrypts it in memoryInspects contentRe-encrypts and forwards🔹 Key RequirementsEnable inspection policyInstall and trust certificates on client devices🔹 VerificationUse SmartConsole logsConfirm sessions are being inspected👉 This is critical for detecting:Hidden malwareEncrypted attacks2. Advanced Filtering Actions🔹 Category-Based FilteringControl access based on:Website categoriesApplication types🔹 ExamplesAllow:Search enginesRestrict:Social mediaGamblingMalicious sites3. Interactive Policy Actions🔹 “Ask” ActionUser sees a warning pageMust accept policy to continue🔹 “Inform” ActionUser is notifiedTraffic still allowed🔹 Why Use ThemEnforce company policyEducate usersAvoid full blocking👉 Balance between security and usability4. Identity Awareness (User-Based Security)🔹 The ProblemTraditional firewalls rely on:IP addresses❌ But IP ≠ real user🔹 The SolutionIdentity-based enforcement in Check Point R80🔹 Identity SourcesActive DirectoryCaptive PortalEndpoint agents🔹 Access Role ObjectsCombine:UsersGroupsMachinesNetworks🔹 Example RuleAllow:User “Bob” → access internal appDeny:Others👉 Much more precise than IP-based rules5. Identity-Based Logging & Visibility🔹 BenefitsLogs show:Username (not just IP)🔹 Use CasesFaster troubleshootingBetter auditingStronger security investigationsKey TakeawaysHTTPS inspection enables deep visibility into encrypted trafficCertificates are required to avoid browser warnings“Ask” and “Inform” provide interactive enforcementIdentity Awareness ties traffic to real usersAccess Roles enable highly granular security rulesBig PictureWith these advanced features in Check Point R80, you move beyond traditional firewalls:From IP-based → identity-based securityFrom blind encryption → full traffic inspectionFrom rigid blocking → interactive user controYou can listen and download our episodes for free on more than 10 different platforms:https://linktr.ee/cybercode_academy
NOW PLAYING
Course 32 - Checkpoint CCSA R80 | Episode 8: HTTPS Inspection, URL Filtering, and Identity Awareness
No transcript for this episode yet
Similar Episodes
Dec 23, 2025 ·11m
Dec 17, 2025 ·10m