cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Highlighted
Employee+
Employee+

o365 dynamic objects script

This script pulls the current list of office365 IP Addresses referenced from Office 365 IP Address and URL Web service | Microsoft Docs 

to https://endpoints.office.com/endpoints/worldwide. It then creates dynamic objects for each set of Service Areas that have ipv4

network ranges defined in the json document. Once run once an administrator should pull the resulting objects to populate

the policy and then rerun once policy is pushed.

This does not have scheduling at this time.

This has been updated to version 3.

9 Replies
Highlighted
Silver

Re: o365 dynamic objects script

Hi,

i wrote something similar ( Basic script for importing IP Adress objects from feed (here office365)  )

In the answers Brian told, that MS is changing from xml to API output (https://endpoints.office.com/endpoints/worldwide?clientrequestid=b10c5ed1-bad1-445f-b386-b919946339a... )

for you maybe interesting too...

Daniel

Highlighted

Re: o365 dynamic objects script

just FYI guys, this feature is coming to R80.20 (Management and Gateways), out soon. But you will need to upgrade your Security Management Server and Gateways for that

0 Kudos
Highlighted
Silver

Re: o365 dynamic objects script

Hi,

Correct, already testing it on EA Smiley Happy

Viele Gr??e

Daniel Meier

//Sent mobile with Check Point Capsule Workspace

0 Kudos
Highlighted
Employee+
Employee+

Re: o365 dynamic objects script

I appreciate and look forward to the upcoming evolution! While quite a few folks have kindly mentioned that this is being rolled into R80.20 and that will be excellent, I suspect many will continue to use dynamic objects in 77.30 and 80.10 for a good while to come and sharing this functionality will "help raise all boats" with regards to leveraging Dynamic Objects. In addition tying in new innovations like APIs from Microsoft will justify new versions and addition innovations that will also help "raise all boats". Meanwhile I have a few more scripts to "share" in the near future.

Highlighted

Re: o365 dynamic objects script

that's true.

Highlighted

Re: o365 dynamic objects script

Thanks for sharing.

While end of support for 77.30 is near (2019), by no means this version is going out of production any time soon, far beyond EOS date. Not to mention that 80% of firewalls in Ent today are R77.30, so your effort is not wasted at all.

Highlighted
Ivory

Re: o365 dynamic objects script

Thanks for sharing Charles, work like a charm! 👍

 

0 Kudos
Highlighted
Iron

Re: o365 dynamic objects script

Thanks for sharing Charles, work like a charm!! 👍

 

----
SCYL - Official Check Point Channel Partner
0 Kudos
Highlighted
Iron

Re: o365 dynamic objects script

Hi Charles,

Just a small remark;

I have tested your script on a test gateway with a direct internet connection which worked fine.

While implementing the solution on a production setup behind a proxy I noticed that the script did not worked.

After a quick review I noticed that your curl command is missing the output parameter:

oipaddresses=`curl_cli -k -s --cacert $CPDIR/conf/ca-bundle.crt --retry 10 --retry-delay 60 $url --proxy $HTTPS_PROXY `

 This should be changed to:

oipaddresses=`curl_cli -k -s --cacert $CPDIR/conf/ca-bundle.crt --retry 10 --retry-delay 60 $url --proxy $HTTPS_PROXY -o /var/tmp/O365IPAddresses.json `

 Once changed the script also works when the gateway is behind a proxy 🙂

 

----
SCYL - Official Check Point Channel Partner
0 Kudos