Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Blason_R
Advisor

Can we create custom updatable objects in R80.20

Jump to solution

Hi folks,

I guess the fantastic thing about CheckPoint what I like is auto-updatable objects. Further to that, I guess we can create our own customized auto-updatable objects [not sure though]

Can someone please confirm? I did not find much information either, nor any SK written about those hence wondering if a community can help here?

Thanks and Regards,

Blason R

0 Kudos
2 Solutions

Accepted Solutions
Stuart_Green1
Employee
Employee

Here you are - it's written to pull in the O365 IP addresses from Microsoft and update a group in the policy.

https://github.com/sg84/cp_dynamic_objects/blob/master/o365updater.py

View solution in original post

Black_Cyborg
Participant
13 Replies
Jerry
Leader
Leader
0 Kudos
Blason_R
Advisor

Yep, I agree, but wanted to know if I can create my own Updatable objects? Like I am maintaining IP addresses in the URL https://test.example.com/ip.list. So can I create my own updatable object to pull IP address list from this URL and use in rule base?

 

Thanks and Regards,

Blason R

0 Kudos
PhoneBoy
Admin
Admin
Custom updatable objects that operate like the ones we added in r80.20 are planned for future releases.
Blason_R
Advisor

Thanks for the reply...

0 Kudos
Stuart_Green1
Employee
Employee

I've got some Python code that might be useful - it's for a demo on how to use the R80.x API to retrieve external content, do a little processing and then feed that into the policy via API calls. Once I find somewhere to host it I'll post the link.

0 Kudos
Stuart_Green1
Employee
Employee

Here you are - it's written to pull in the O365 IP addresses from Microsoft and update a group in the policy.

https://github.com/sg84/cp_dynamic_objects/blob/master/o365updater.py

View solution in original post

Blason_R
Advisor

That's awesome buddy!! Thanks a ton. Let me have a look at it.

0 Kudos
David_Klein
Employee
Employee
Have any updates to the Custom Updatable Objects functionality been updated in R80.40? Any documentation maybe?
0 Kudos
PhoneBoy
Admin
Admin
Planned for R81.
0 Kudos
Black_Cyborg
Participant
genisis__
Advisor

Do we know if Checkpoint are going to create an updatable object for there own services for updates.  In this way we could have a firewall rule allowing the GW itself to go out to the Checkpoint Cloud for http/https connection.  This would then cover all services such as all the TP blade updates.

0 Kudos
PhoneBoy
Admin
Admin

We have what is required explicitly listed in sk83520, though I imagine some of it could be made into Updatable Objects.

0 Kudos
Thomas_Eichelbu
Collaborator

Hello Guys, 

i bet the solution you are looking for is here:
"Generic Data Center feature"  sk167210

The Generic Data Center feature provides the ability to enforce access to/from IP addresses defined in JSON files located in external web servers or locally on the Security Management machine. The Generic Data Center objects are updated automatically on the Security Gateway each time the JSON file change. There is no need to install policy for the updates to take effect. Objects created based on these files can be used as a source, or a destination in the following policies: Access Control policy, NAT policy, Threat Prevention policy, HTTPS Inspection policy.

best regards
Thomas

0 Kudos