This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Cvr
Participant
‎2024-07-05 12:14 PM
Jump to solution

Asterisk Usage in Creating Domain Object

Hello All,

 

While creating Domain object in MDSM, Can I add Asterisk symbol in front of domain.  If I add will it work in rules?

 

Example: 

Object Name:  .*.powerbi.com

 

Thanks,

Rajesh.

Preview file
98 KB
0 Kudos
3 Solutions

Accepted Solutions
Lesley
Leader Leader
Leader
‎2024-07-05 01:15 PM
Jump to solution

No you cannot use * for both options. So if you enable FQDN or disable it you have to work with a dot (.) not with *

  • Select FQDN

    In the object name, use the Fully Qualified Domain Name (FQDN). Use the format . x.y.z (with a dot "." before the FQDN). For example, if you use . www.example.com then the Gateway matches www.example.com

    This option is supported for R80.10 and higher, and is the default. It is more accurate and faster than the non-FQDN option.

The Security Gateway looks up the FQDN with a direct DNS query, and uses the result in the Rule Base

This option supports SecureXL

 Accept templates. Using domain objects with this option in a rule has no effect on the performance of the rule, or of the rules that come after it.

  • Clear FQDN

This option enforces the domain and its sub-domains. In the object name, use the format . x.y for the name. For example, use . example.com or . example.co.uk for the name. If you use . example.com, then the Gateway matches www.example.com and support.example.com

The Gateway does the name resolution using DNS reverse lookups, which can be inaccurate. The Gateway uses the result in the Rule Base, and caches the result to use again.

-------
If you like this post please give a thumbs up(kudo)! 🙂

View solution in original post

the_rock
Legend
Legend
‎2024-07-06 06:10 AM
Jump to solution

Here is the sk

https://support.checkpoint.com/results/sk/sk120633

Andy

View solution in original post

the_rock
Legend
Legend
‎2024-07-06 07:13 AM
In response to the_rock
Jump to solution

Also, for the context, that option for fqdn also matters, depending on exactly what you are accessing @Cvr 

Andy

View solution in original post

0 Kudos
4 Replies
Lesley
Leader Leader
Leader
‎2024-07-05 01:15 PM
Jump to solution

No you cannot use * for both options. So if you enable FQDN or disable it you have to work with a dot (.) not with *

  • Select FQDN

    In the object name, use the Fully Qualified Domain Name (FQDN). Use the format . x.y.z (with a dot "." before the FQDN). For example, if you use . www.example.com then the Gateway matches www.example.com

    This option is supported for R80.10 and higher, and is the default. It is more accurate and faster than the non-FQDN option.

The Security Gateway looks up the FQDN with a direct DNS query, and uses the result in the Rule Base

This option supports SecureXL

 Accept templates. Using domain objects with this option in a rule has no effect on the performance of the rule, or of the rules that come after it.

  • Clear FQDN

This option enforces the domain and its sub-domains. In the object name, use the format . x.y for the name. For example, use . example.com or . example.co.uk for the name. If you use . example.com, then the Gateway matches www.example.com and support.example.com

The Gateway does the name resolution using DNS reverse lookups, which can be inaccurate. The Gateway uses the result in the Rule Base, and caches the result to use again.

-------
If you like this post please give a thumbs up(kudo)! 🙂
the_rock
Legend
Legend
‎2024-07-06 05:45 AM
Jump to solution

I have not tested that in some time, but it has to start with a . sign.

Andy

the_rock
Legend
Legend
‎2024-07-06 06:10 AM
Jump to solution

Here is the sk

https://support.checkpoint.com/results/sk/sk120633

Andy

the_rock
Legend
Legend
‎2024-07-06 07:13 AM
In response to the_rock
Jump to solution

Also, for the context, that option for fqdn also matters, depending on exactly what you are accessing @Cvr 

Andy

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events