This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Blason_R
MVP Gold
MVP Gold
‎2019-03-18 09:04 PM
Jump to solution

Can we create custom updatable objects in R80.20

Hi folks,

I guess the fantastic thing about CheckPoint what I like is auto-updatable objects. Further to that, I guess we can create our own customized auto-updatable objects [not sure though]

Can someone please confirm? I did not find much information either, nor any SK written about those hence wondering if a community can help here?

Thanks and Regards,

Blason R

Thanks and Regards,
Blason R
CCSA,CCSE,CCCS
0 Kudos
2 Solutions

Accepted Solutions
StuartGreen
Employee
Employee
‎2019-03-20 03:02 AM
In response to StuartGreen
Jump to solution

Here you are - it's written to pull in the O365 IP addresses from Microsoft and update a group in the policy.

https://github.com/sg84/cp_dynamic_objects/blob/master/o365updater.py

View solution in original post

Black_Cyborg
Participant
‎2019-03-20 04:59 AM
Jump to solution

Use  this script and adapt it:

- GEO Location Objects in Firewall Policy (with Dynamic Objects)

View solution in original post

13 Replies
Jerry
Mentor
Mentor
‎2019-03-19 01:08 AM
Jump to solution

https://community.checkpoint.com/t5/How-To-Videos/R80-20-Identity-Tags-and-Updatable-Objects/m-p/463...
Jerry
0 Kudos
Blason_R
MVP Gold
MVP Gold
‎2019-03-19 07:50 AM
In response to Jerry
Jump to solution

Yep, I agree, but wanted to know if I can create my own Updatable objects? Like I am maintaining IP addresses in the URL https://test.example.com/ip.list. So can I create my own updatable object to pull IP address list from this URL and use in rule base?

 

Thanks and Regards,

Blason R

Thanks and Regards,
Blason R
CCSA,CCSE,CCCS
0 Kudos
PhoneBoy
Admin
Admin
‎2019-03-19 09:11 PM
Jump to solution

Custom updatable objects that operate like the ones we added in r80.20 are planned for future releases.
Blason_R
MVP Gold
MVP Gold
‎2019-03-20 01:51 AM
In response to PhoneBoy
Jump to solution

Thanks for the reply...

Thanks and Regards,
Blason R
CCSA,CCSE,CCCS
0 Kudos
StuartGreen
Employee
Employee
‎2019-03-20 02:20 AM
In response to Blason_R
Jump to solution

I've got some Python code that might be useful - it's for a demo on how to use the R80.x API to retrieve external content, do a little processing and then feed that into the policy via API calls. Once I find somewhere to host it I'll post the link.

0 Kudos
StuartGreen
Employee
Employee
‎2019-03-20 03:02 AM
In response to StuartGreen
Jump to solution

Here you are - it's written to pull in the O365 IP addresses from Microsoft and update a group in the policy.

https://github.com/sg84/cp_dynamic_objects/blob/master/o365updater.py

Blason_R
MVP Gold
MVP Gold
‎2019-03-20 06:48 AM
In response to StuartGreen
Jump to solution

That's awesome buddy!! Thanks a ton. Let me have a look at it.

Thanks and Regards,
Blason R
CCSA,CCSE,CCCS
0 Kudos
David_Klein
Employee Alumnus
Employee Alumnus
‎2020-05-27 09:08 AM
In response to PhoneBoy
Jump to solution

Have any updates to the Custom Updatable Objects functionality been updated in R80.40? Any documentation maybe?
0 Kudos
PhoneBoy
Admin
Admin
‎2020-05-27 09:15 AM
In response to David_Klein
Jump to solution

Planned for R81.
0 Kudos
Black_Cyborg
Participant
‎2019-03-20 04:59 AM
Jump to solution

Use  this script and adapt it:

- GEO Location Objects in Firewall Policy (with Dynamic Objects)

genisis__
MVP Silver
MVP Silver
‎2020-12-04 09:28 AM
Jump to solution

Do we know if Checkpoint are going to create an updatable object for there own services for updates.  In this way we could have a firewall rule allowing the GW itself to go out to the Checkpoint Cloud for http/https connection.  This would then cover all services such as all the TP blade updates.

0 Kudos
PhoneBoy
Admin
Admin
‎2020-12-04 02:19 PM
In response to genisis__
Jump to solution

We have what is required explicitly listed in sk83520, though I imagine some of it could be made into Updatable Objects.

0 Kudos
Thomas_Eichelbu
Advisor
Advisor
‎2021-03-04 05:06 AM
In response to PhoneBoy
Jump to solution

Hello Guys, 

i bet the solution you are looking for is here:
"Generic Data Center feature"  sk167210

The Generic Data Center feature provides the ability to enforce access to/from IP addresses defined in JSON files located in external web servers or locally on the Security Management machine. The Generic Data Center objects are updated automatically on the Security Gateway each time the JSON file change. There is no need to install policy for the updates to take effect. Objects created based on these files can be used as a source, or a destination in the following policies: Access Control policy, NAT policy, Threat Prevention policy, HTTPS Inspection policy.

best regards
Thomas

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events