https://community.checkpoint.com/t5/General-Topics/Update-services-bypass/m-p/32501#M6807 <HTML><HEAD></HEAD><BODY><P>Is there a way to disclose the content of the list of update services that are bypassed by HTTPS Inspection?</P><P>(the list is enabled by the checkbox at the bottom of the HTTPS Inspection policy)</P><P></P><P>I think it would be an enhancement to have this as an object you can work with in other parts of the Unified Policy, or even in SMB appliance policies.</P></BODY></HTML> Wed, 03 Oct 2018 14:49:31 GMT Marcel_Wildenbe 2018-10-03T14:49:31Z https://community.checkpoint.com/t5/General-Topics/Update-services-bypass/m-p/32501#M6807 <HTML><HEAD></HEAD><BODY><P>Is there a way to disclose the content of the list of update services that are bypassed by HTTPS Inspection?</P><P>(the list is enabled by the checkbox at the bottom of the HTTPS Inspection policy)</P><P></P><P>I think it would be an enhancement to have this as an object you can work with in other parts of the Unified Policy, or even in SMB appliance policies.</P></BODY></HTML> Wed, 03 Oct 2018 14:49:31 GMT https://community.checkpoint.com/t5/General-Topics/Update-services-bypass/m-p/32501#M6807 Marcel_Wildenbe 2018-10-03T14:49:31Z https://community.checkpoint.com/t5/General-Topics/Update-services-bypass/m-p/32502#M6808 <HTML><HEAD></HEAD><BODY><P>Well, besides the checkbox option there is also this:</P><P><IMG class="image-1 jive-image" src="https://community.checkpoint.com/legacyfs/online/checkpoint/71171_pastedImage_1.png" /></P><P></P><P>But you still cannot see the content of the category in a SmartConsole, just the number of the applications.</P><P>You can view the members of the group in AppWiki:</P><P><IMG class="image-2 jive-image" src="https://community.checkpoint.com/legacyfs/online/checkpoint/71172_pastedImage_2.png" /></P><P>That could be called from the SmartConsole:</P><P><IMG class="image-3 jive-image" src="https://community.checkpoint.com/legacyfs/online/checkpoint/71173_pastedImage_3.png" /></P><P></P><P>But I do agree with you that we could benefit from being able to query dynamic objects from within consoles and dashboards by simple right-click and "list group members" option that can produce a searchable list.</P></BODY></HTML> Wed, 03 Oct 2018 18:07:06 GMT https://community.checkpoint.com/t5/General-Topics/Update-services-bypass/m-p/32502#M6808 Vladimir 2018-10-03T18:07:06Z https://community.checkpoint.com/t5/General-Topics/Update-services-bypass/m-p/32503#M6809 <HTML><HEAD></HEAD><BODY><P>I remember that the list of URLs used to be in a file on the gateway (for the sites we don't do HTTPS Inspection on for Software Updates).</P><P>Maybe it still is, but I haven't been able to locate it (possibly because the data is now obscured).</P><P></P><P>R80.20 has the concept of "Updatable Objects" but you can't search the list of IPs that are included.</P><P>The gateways do update these lists periodically, though.</P><P>Unfortunately, these objects cannot yet be used in the HTTPS Inspection policy (believe this is planned).</P><P></P><P><IMG class="image-1 jive-image" src="https://community.checkpoint.com/legacyfs/online/checkpoint/71178_pastedImage_2.png" /><IMG class="image-2 jive-image" src="https://community.checkpoint.com/legacyfs/online/checkpoint/71179_pastedImage_3.png" /></P></BODY></HTML> Thu, 04 Oct 2018 00:41:49 GMT https://community.checkpoint.com/t5/General-Topics/Update-services-bypass/m-p/32503#M6809 PhoneBoy 2018-10-04T00:41:49Z