https://community.checkpoint.com/t5/Firewall-and-Security-Management/Limit-outbound-HTTPS-on-servers-using-ADSync-Azure-ARC-Akamai/m-p/139938#M21422 <P>Hi Ilya,</P><P>This is the complete list of updatable objects on my firewall:</P><DIV class="">&nbsp;</DIV><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="cp.PNG" style="width: 400px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/15161iA5948B80EA575FF9/image-size/medium?v=v2&amp;px=400" role="button" title="cp.PNG" alt="cp.PNG" /></span></P><P>I was looking for an application / service to allow these services with source:Internet, but I guess the correct thing to do is to use the above Windows / Microsoft updatable objects as source?</P><P>Thanks!</P><P>Best,</P><P>Nils</P><P>&nbsp;</P> Sun, 30 Jan 2022 16:45:56 GMT NilsKS 2022-01-30T16:45:56Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Limit-outbound-HTTPS-on-servers-using-ADSync-Azure-ARC-Akamai/m-p/139916#M21418 <P>Hi,</P><P>Check Point FW-1 R81.10.</P><P>I am in the process of implementing application rules to control/limit outbound http/https. Have this up and running for most Windows servers, but I am struggling with servers monitored by Azure ARC and servers running ADsync.</P><P>I have allowed the following services / application in the application rulebase:</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="cp.PNG" style="width: 400px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/15158i4BED26A89F284A16/image-size/medium?v=v2&amp;px=400" role="button" title="cp.PNG" alt="cp.PNG" /></span></P><P>I still see lots of HTTP/HTTPS traffic to Microsoft Azure IP-addresses, but I am not able to find any (dymnamic) objects that includes Azure services /Azure ARC, ADsync).</P><P>Are there any Check Point objects that includes the Microsoft Azure IP addresses used for these services?? </P><P>The same goes for Akamai HTTPS services. How to whitelist those??</P><P>&nbsp;</P><P>Nils</P><P>&nbsp;</P><P>&nbsp;</P> Sun, 30 Jan 2022 12:36:30 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Limit-outbound-HTTPS-on-servers-using-ADSync-Azure-ARC-Akamai/m-p/139916#M21418 NilsKS 2022-01-30T12:36:30Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Limit-outbound-HTTPS-on-servers-using-ADSync-Azure-ARC-Akamai/m-p/139929#M21421 <P>Hi&nbsp;<a href="https://community.checkpoint.com/t5/user/viewprofilepage/user-id/34744">@NilsKS</a>&nbsp;,</P> <P>&nbsp;</P> <P>We do have updatable objects that address your requirement, did you tried it?<BR /><BR /></P> <P>Please let me know if it's indeed answer your question or you are looking for something else.</P> <P>&nbsp;</P> <P>Thanks,</P> <P>Ilya&nbsp;</P> Sun, 30 Jan 2022 13:20:27 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Limit-outbound-HTTPS-on-servers-using-ADSync-Azure-ARC-Akamai/m-p/139929#M21421 Ilya_Yusupov 2022-01-30T13:20:27Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Limit-outbound-HTTPS-on-servers-using-ADSync-Azure-ARC-Akamai/m-p/139938#M21422 <P>Hi Ilya,</P><P>This is the complete list of updatable objects on my firewall:</P><DIV class="">&nbsp;</DIV><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="cp.PNG" style="width: 400px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/15161iA5948B80EA575FF9/image-size/medium?v=v2&amp;px=400" role="button" title="cp.PNG" alt="cp.PNG" /></span></P><P>I was looking for an application / service to allow these services with source:Internet, but I guess the correct thing to do is to use the above Windows / Microsoft updatable objects as source?</P><P>Thanks!</P><P>Best,</P><P>Nils</P><P>&nbsp;</P> Sun, 30 Jan 2022 16:45:56 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Limit-outbound-HTTPS-on-servers-using-ADSync-Azure-ARC-Akamai/m-p/139938#M21422 NilsKS 2022-01-30T16:45:56Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Limit-outbound-HTTPS-on-servers-using-ADSync-Azure-ARC-Akamai/m-p/139939#M21423 <P>Hi&nbsp;<a href="https://community.checkpoint.com/t5/user/viewprofilepage/user-id/34744">@NilsKS</a>,</P> <P>&nbsp;</P> <P>i will take it with you offline as the list is not completed so i'm trying to understand what's went wrong there.</P> <P>&nbsp;</P> <P>Thanks,</P> <P>Ilya&nbsp;</P> Sun, 30 Jan 2022 16:56:52 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Limit-outbound-HTTPS-on-servers-using-ADSync-Azure-ARC-Akamai/m-p/139939#M21423 Ilya_Yusupov 2022-01-30T16:56:52Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Limit-outbound-HTTPS-on-servers-using-ADSync-Azure-ARC-Akamai/m-p/140015#M21440 <P>Hi,</P> <P>&nbsp;</P> <P>Updating the thread, we saw 2 issues:</P> <P>&nbsp;</P> <P>1. There is a known issue of some occasions that the package will not get updates and we have a fix that is not yet released in the Jumbo, should be in the future JHF release.</P> <P>2. UI issue, where we tried to add object via right click add new items, in such flow most of the time the picker of updatable objects will not be opened, a bug that we will take it with RnD to solve.</P> <P>&nbsp;</P> <P>Thank you very much for your feedback and time&nbsp;<a href="https://community.checkpoint.com/t5/user/viewprofilepage/user-id/34744">@NilsKS</a>&nbsp;.</P> Mon, 31 Jan 2022 16:21:04 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Limit-outbound-HTTPS-on-servers-using-ADSync-Azure-ARC-Akamai/m-p/140015#M21440 Ilya_Yusupov 2022-01-31T16:21:04Z