https://community.checkpoint.com/t5/General-Topics/Azure-fabric-IP-s-as-application-category/m-p/11260#M1685 <HTML><HEAD></HEAD><BODY><P>I checked with R&amp;D, having the Azure IPs available as a dynamic object is part of the plans.</P><P>However, the current EA does not include it.&nbsp;</P></BODY></HTML> Tue, 14 Nov 2017 17:21:58 GMT PhoneBoy 2017-11-14T17:21:58Z https://community.checkpoint.com/t5/General-Topics/Azure-fabric-IP-s-as-application-category/m-p/11257#M1682 <HTML><HEAD></HEAD><BODY><P>Team,</P><P></P><P>We have IaaS configured in Azure public cloud. We need to bypass https inspection for Windows servers reaching Azure fabric. I am wondering how can I create that rule.</P><P></P><P>Thanks,</P><P>Chandru</P></BODY></HTML> Mon, 13 Nov 2017 17:27:54 GMT https://community.checkpoint.com/t5/General-Topics/Azure-fabric-IP-s-as-application-category/m-p/11257#M1682 Chandhrasekar_S 2017-11-13T17:27:54Z https://community.checkpoint.com/t5/General-Topics/Azure-fabric-IP-s-as-application-category/m-p/11258#M1683 <HTML><HEAD></HEAD><BODY><P>Moving this to&nbsp;<A href="https://community.checkpoint.com/space/2030">General Product Topics</A>&nbsp;since this not specific to vSEC.</P><P>Even if we had an Application Control category, you can't use Application Categories in the HTTPS Inspection rulebase.</P><P>For your specific use case, is it to reach ANYTHING in the Azure fabric or specific applications?</P><P>If just specific applications, then you can just put the specific IPs in as destinations in your HTTPS Inspection rulebase.</P><P></P><P>If you're talking about anything in Azure in general, we don't have a ready-made solution today.</P><P>That said there is functionality under development to support automatically updating dynamic objects for the purposes of using them in things like the HTTPS Inspection policy.</P><P>Right now this functionality is focused on Office 365, though I suppose it could be extended to Azure easily enough.</P><P>It's available as an Early Availability fix on top of R80.10.</P><P></P><P>If you're interested, I recommend reaching out to your local Check Point SE.</P></BODY></HTML> Mon, 13 Nov 2017 23:33:29 GMT https://community.checkpoint.com/t5/General-Topics/Azure-fabric-IP-s-as-application-category/m-p/11258#M1683 PhoneBoy 2017-11-13T23:33:29Z https://community.checkpoint.com/t5/General-Topics/Azure-fabric-IP-s-as-application-category/m-p/11259#M1684 <HTML><HEAD></HEAD><BODY><P>Thanks Dameon. My use case is to reach all of 'Azure' fabric not just specific applications</P><P></P><P>I will check with my SE to see if the office 365 object can be extended to whole of Azure as well.</P></BODY></HTML> Tue, 14 Nov 2017 15:46:11 GMT https://community.checkpoint.com/t5/General-Topics/Azure-fabric-IP-s-as-application-category/m-p/11259#M1684 Chandhrasekar_S 2017-11-14T15:46:11Z https://community.checkpoint.com/t5/General-Topics/Azure-fabric-IP-s-as-application-category/m-p/11260#M1685 <HTML><HEAD></HEAD><BODY><P>I checked with R&amp;D, having the Azure IPs available as a dynamic object is part of the plans.</P><P>However, the current EA does not include it.&nbsp;</P></BODY></HTML> Tue, 14 Nov 2017 17:21:58 GMT https://community.checkpoint.com/t5/General-Topics/Azure-fabric-IP-s-as-application-category/m-p/11260#M1685 PhoneBoy 2017-11-14T17:21:58Z https://community.checkpoint.com/t5/General-Topics/Azure-fabric-IP-s-as-application-category/m-p/11261#M1686 <HTML><HEAD></HEAD><BODY><P>Thanks for the update Dameon</P></BODY></HTML> Tue, 14 Nov 2017 17:50:18 GMT https://community.checkpoint.com/t5/General-Topics/Azure-fabric-IP-s-as-application-category/m-p/11261#M1686 Chandhrasekar_S 2017-11-14T17:50:18Z