File Blocking

Learning Outcomes

  • Connect Checkpoint Firewall to internet

  • Block host downloading PDF file

Diagram of your network

Introduction

Sometimes we wish to block hosts accessing a specific type of file to protect our network because it might not be safe to do so. In the document, we will explain the steps to configure file blocking with Checkpoint firewall.

To begin with, we will try to access a PDF file on the internet. As shown, it is not blocked by default.

Step 1: Installation

  1. Access to the firewall after we did the cabling connection with the IP address (which should be 192.168.X.1,

  2. Conduct a First Time Configuration, you can leave everything default

  3. Configure the WAN interface with DHCP address, click Connect

  4. Wait for a internet access shown on the home page

  5. NAT is enabled by default so we do have to do it manually.

  6. Try to access to a pdf file on the host. There is no file blocking by default

Step 2: Configure Anti-Virus for files

  1. Go to Threat Prevention tab through the plane on the left, click engine setting under Protection

  2. Scroll down to Anti-Virus section, check “Process specific file types families|Co nfigure...” under File Types Policy, and click on “Configure”

  1. Find “pdf” types under extension, double-click on it and change the action to “Block”

  1. Make sure all option is checked under scanned protocols.

Step 3: Enable SSL traffic inspection

  1. Click apply at the bottom to save the changes.

Step 4: Verification

  1. Try to access the same pdf file again, it might take some time to update the policy.

  1. Check the log the confirm it.

We can see that the firewall classify pdf as forbidden file type and redirected our connection.

Team:

PreviousApplication ControlNextDDOS Protection

Last updated