This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Dominik_M
Participant
‎2026-01-08 05:53 AM

Application Control Issues with Apps using AWS S3

Hi everyone,

since November last year we experience more and more applications we have allowed on our client's Check Point gateway (R81.20) not working anymore as the traffic is categorized as "Amazon S3" with the category "File Storage and Sharing".

"File Storage and Sharing" is gets blocked per policy.

We had this issue starting in November with Adobe Services and now also GoTo Webinar and Asana.

Is this a known issue or part of an overall behavior change when it comes to applications using Amazon S3?

Kind regards,

Dominik

0 Kudos
10 Replies
_Val_
Admin
Admin
‎2026-01-08 06:53 AM

Are you working with TAC on that?

0 Kudos
Dominik_M
Participant
‎2026-01-08 08:24 AM
In response to _Val_

We had a ticket open in the beginning of December which only told us to allow "Amazon S3" as well. We have opened a new ticket now.

I was wondering if maybe something has changed in general or if our client's installation might have an issue.

0 Kudos
the_rock
MVP Diamond
MVP Diamond
‎2026-01-08 07:02 AM

Im thinking as workaround, you could add custom app sites to allow.

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos
Chris_Atkinson
MVP Platinum CHKP MVP Platinum CHKP
MVP Platinum CHKP
‎2026-01-08 07:38 AM

Which jumbo of R81.20 and was this observed with or without HTTPs inspection?

CCSM R77/R80/ELITE
0 Kudos
Dominik_M
Participant
‎2026-01-08 08:25 AM
In response to Chris_Atkinson

It's currently on Take 99 and yes, HTTPS Inspection is inspecting the traffic.

0 Kudos
Chris_Atkinson
MVP Platinum CHKP MVP Platinum CHKP
MVP Platinum CHKP
‎2026-01-11 09:51 PM
In response to Dominik_M

Out of interest has this improved, I noticed an AppWiki update to Amazon S3 early Jan?

CCSM R77/R80/ELITE
0 Kudos
Dominik_M
Participant
‎2026-01-12 01:37 PM
In response to Chris_Atkinson

It seems to be a persistent issue as we still need to allow "Amazon S3" but we also had some instances when it improved without us changing anything for that specific user group.

0 Kudos
the_rock
MVP Diamond
MVP Diamond
‎2026-01-12 03:32 PM
In response to Dominik_M

I would try recommended jumbo 120, see if it makes any difference.

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos
Ilovecheckpoint
Participant
‎2026-01-14 08:27 AM
In response to the_rock

I installed Take 120 and also on my case, storage category is blocked. As security stand point, to open all Amazon S3, via custom application or a recognised app, is too large. On the other end, to open a specific url on s3, could have as results, the page will not load if the web site storage has changed url, am I wrong? 

0 Kudos
the_rock
MVP Diamond
MVP Diamond
‎2026-01-14 08:29 AM
In response to Ilovecheckpoint

Thats definitely true. Might then need to figure out sites that need to be added...I know thats easier said than done, but adding wildcard, probably not something that would work in this case.

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    In-Person

    Tue 16 Jun 2026 @ 09:30 AM (BST)

    DDOS MasterClass in London!
    In-Person

    Tue 16 Jun 2026 @ 08:00 AM (EDT)

    Montreal: P’tits déj Cyber! | Cyber Breakfasts!
    CheckMates Events