https://community.checkpoint.com/t5/Firewall-and-Security-Management/Read-only-User-than-can-block-IPs-URLs/m-p/92297#M7068 <P>To block a specific URL or IP, that means modifying an existing object that is already referred to in a drop rule of the rulebase.<BR />Which means they must have access to edit objects, and this is a global permission (either they can edit any object or none).</P> Thu, 23 Jul 2020 23:47:55 GMT PhoneBoy 2020-07-23T23:47:55Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Read-only-User-than-can-block-IPs-URLs/m-p/92280#M7067 <P>I have created a read-only user and want to create a Role that allows the user to block IPs and URLs if they are found malicious. I cannot find a feature in the role menu that specifies this ability. What would I set to restrict this user to only have this ability?</P> Thu, 23 Jul 2020 16:59:24 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Read-only-User-than-can-block-IPs-URLs/m-p/92280#M7067 happyj 2020-07-23T16:59:24Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/Read-only-User-than-can-block-IPs-URLs/m-p/92297#M7068 <P>To block a specific URL or IP, that means modifying an existing object that is already referred to in a drop rule of the rulebase.<BR />Which means they must have access to edit objects, and this is a global permission (either they can edit any object or none).</P> Thu, 23 Jul 2020 23:47:55 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/Read-only-User-than-can-block-IPs-URLs/m-p/92297#M7068 PhoneBoy 2020-07-23T23:47:55Z