Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Sam2
Contributor

Azure Datacenter Object - VM, Subnet and VMSS only?

Are there any plans to support importing application services? 

Reviewing: CloudGuard Controller for Microsoft Azure (checkpoint.com)

States that we can import VNETS, subnets, Virtual Machines, or VMSS. My org uses a ton of app services and i was hoping to use this datacenter import in place of updateable objects that include less specific ranges for azure services in a region. 

 

Thanks

0 Kudos
5 Replies
Jeff_Engel
Employee
Employee

Hi @Sam2 ,

Can you please provide a specific example?  It may be possible to improve Updatable Objects to get to the level of specificity you require.  In the meantime, have you taken a look at External Network Feeds?  That might fit the bill here.

https://sc1.checkpoint.com/documents/R81.20/WebAdminGuides/EN/CP_R81.20_SecurityManagement_AdminGuid...

 

Best Regards!

Jeff

0 Kudos
Sam2
Contributor

I am looking to import addresses listed in the networking section under a web app/app service in azure, i cannot share screenshots as they would be specific to my organization. 

I can take a look at external network feeds.

Dan_Morris
Employee
Employee

Hi @Sam 

To import IPs from Azure web apps or app services, you can use the CloudGuard controller with tags applied to the app services. This will allow you to effectively populate the IP addresses.

Please note that we do not currently support importing app services alone natively, which is why the Tag functionality is necessary.

Best Regards,

Dan Morris

0 Kudos
Sam2
Contributor

Hi Dan, 

I tagged the resources but the new tags are not showing in dashboard when i check the datacenter object, is there another step i need to take to get the tags to appear? I can see the subscription and the VMs in the resource group i am working on. Just missing the tags on the webapps. 

 

Thanks

0 Kudos
Nir_Shamir
Employee Employee
Employee

As you mentioned , we can import dynamic objects from your Azure account like VMs, Subnets, vNets, tags etc.

you need to follow the admin guide in order to create a DC center object of your azure subscription and this will allow you to pull these objects and use them in the rules as source or destination.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.