This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Sam2
Contributor
Monday

Azure Datacenter Object - VM, Subnet and VMSS only?

Are there any plans to support importing application services? 

Reviewing: CloudGuard Controller for Microsoft Azure (checkpoint.com)

States that we can import VNETS, subnets, Virtual Machines, or VMSS. My org uses a ton of app services and i was hoping to use this datacenter import in place of updateable objects that include less specific ranges for azure services in a region. 

 

Thanks

0 Kudos
4 Replies
Jeff_Engel
Employee
Employee
Monday

Hi @Sam2 ,

Can you please provide a specific example?  It may be possible to improve Updatable Objects to get to the level of specificity you require.  In the meantime, have you taken a look at External Network Feeds?  That might fit the bill here.

https://sc1.checkpoint.com/documents/R81.20/WebAdminGuides/EN/CP_R81.20_SecurityManagement_AdminGuid...

 

Best Regards!

Jeff

0 Kudos
Sam2
Contributor
Monday
In response to Jeff_Engel

I am looking to import addresses listed in the networking section under a web app/app service in azure, i cannot share screenshots as they would be specific to my organization. 

I can take a look at external network feeds.

Dan_Morris
Employee
Employee
Tuesday
In response to Sam2

Hi @Sam 

To import IPs from Azure web apps or app services, you can use the CloudGuard controller with tags applied to the app services. This will allow you to effectively populate the IP addresses.

Please note that we do not currently support importing app services alone natively, which is why the Tag functionality is necessary.

Best Regards,

Dan Morris

0 Kudos
Nir_Shamir
Employee Employee
Employee
Monday

As you mentioned , we can import dynamic objects from your Azure account like VMs, Subnets, vNets, tags etc.

you need to follow the admin guide in order to create a DC center object of your azure subscription and this will allow you to pull these objects and use them in the rules as source or destination.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
UPCOMING CLOUDMATES EVENTS
    All CloudMates Events