cancel
Showing results for 
Search instead for 
Did you mean: 
ingov
Level 7

How to prevent NON-SSL traffic from tunnelling over port 443

Hi all

I am using MWG 7.7.2.6.0. I would like to find out if there is a way for MWG to prevent non-encrypted or non-ssl traffic from going over 443. CheckPoint IPS seems to offer a solution (How to prevent NON-SSL traffic from tunnelling over port 443 ), I have not found anything regarding this for MWG (preferably without SSL inspection).

I would appreciate it if someone could point me in the right direction ;-)

Kind Regards

0 Kudos
3 Replies
johnaldridge
Level 10

Re: How to prevent NON-SSL traffic from tunnelling over port 443

To attempt non-SSL traffic over 443, I'm guessing, would involve a request that looks like CONNECT http://example.org:443 ...

So, there would be criteria involving URL.Protocol (I think) and URL.Port.  For example:

URL.Portequals443
ANDURL.Protocolequals"http"

Of course, I haven't tested this, and there might be some fiddling and other considerations.  Rule traces and packet traces might be necessary to get everything in order.

0 Kudos
ingov
Level 7

Re: How to prevent NON-SSL traffic from tunnelling over port 443

Thank you for the quick response. Its probably not that difficult, but I am having trouble finding a detailed explanation for all the rule criteria. I will need to set up a scenario where I can test these different combinations....wont be for a couple of weeks though.

I think SSL inspection might be a bit of a overkill for this.

In case someone has set this up already, feel free to comment

0 Kudos
feickholt
Level 10

Re: How to prevent NON-SSL traffic from tunnelling over port 443

Intercept SSL Traffic and all non webtraffic will fail :-)

0 Kudos