https://community.checkpoint.com/t5/Firewall-and-Security-Management/appl-urlf-AWS-S3-not-recognized/m-p/76274#M11684 I suspect some of the AWS regions might not be recognized properly by the App Control signature.<BR />Might be worth a TAC case.<BR /> Tue, 25 Feb 2020 00:34:49 GMT PhoneBoy 2020-02-25T00:34:49Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/appl-urlf-AWS-S3-not-recognized/m-p/75509#M11681 <P>Hi there,</P><P>R80.30 JHF111 with inspection enabled. I build the policy with only AWS S3 application allowed. Everything else is dropped.</P><P>In the logs I see that when connection goes to&nbsp;s3.amazonaws.com, it is recognized correctly, but when connection goes to&nbsp;s3.eu-central-1.amazonaws.com for example, it is now no longer S3 app, but generic computers/internet category.</P> Mon, 17 Feb 2020 16:25:59 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/appl-urlf-AWS-S3-not-recognized/m-p/75509#M11681 abihsot__ 2020-02-17T16:25:59Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/appl-urlf-AWS-S3-not-recognized/m-p/75951#M11682 What is your precise rule for allowing this?<BR />Screenshot? Thu, 20 Feb 2020 21:48:48 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/appl-urlf-AWS-S3-not-recognized/m-p/75951#M11682 PhoneBoy 2020-02-20T21:48:48Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/appl-urlf-AWS-S3-not-recognized/m-p/76159#M11683 <P>Hi,</P><P>the rule is very simple:</P><P>source: server, destination:internet, services&amp;app - amazon S3. Next rule - drop any.&nbsp;</P><P>As a workaround I added custom app with urls I mentioned in previous post which are not automatically recognized as Amazon S3, however I am interested what attributes second link is missing that prevents tagging it as AWS S3 app. I would guess that checkpoint is not making decision about app only by url.</P><P>&nbsp;</P><P>s3.amazonaws.com</P><P>s3.eu-central-1.amazonaws.com</P> Mon, 24 Feb 2020 09:26:04 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/appl-urlf-AWS-S3-not-recognized/m-p/76159#M11683 abihsot__ 2020-02-24T09:26:04Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/appl-urlf-AWS-S3-not-recognized/m-p/76274#M11684 I suspect some of the AWS regions might not be recognized properly by the App Control signature.<BR />Might be worth a TAC case.<BR /> Tue, 25 Feb 2020 00:34:49 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/appl-urlf-AWS-S3-not-recognized/m-p/76274#M11684 PhoneBoy 2020-02-25T00:34:49Z