Hi @Tomer_Noy
Thanks for the information.
Discovered this post linked from the What's New in R81.20 TechTalk webinar this week.
I have a few questions re the Network Feeds object.
What file type is the file the Network Feeds object?
If there is no strict formatting;
- How can you trust the data input is valid data?
- Is there a built-in validation process to ensure the data is valid?
- Also is there a constraints mechanism i.e. restrict what values can will be accepted ion the file e.g. a specific IP range?
We just started using generic data center objects block malicious IPs from verified threat intelligence feeds. As you stated, the generic data center object references a JSON file with strict formatting requirements. However, there is still no built-in protection for data validation.
To mitigate input errors i.e. input data that doesn't conform to the strict formatting, we validate the JSON against a schema before copying the file to a web or the management server.
In terms of scalability, the JSON should be able to handle a lot of IPs. Can you explain the advantage of the new object in further detail here?
I would be interested to look at any additional information you're able to provide on the Network Feeds object.
Regards,
Simon