These are the logs I am getting - see bellow.
I am running a tcpdump in the manager and there are only external http connection attempts about every 5 minutes.
These logs don't match any connection attempt.
The list bellow are the hostnames that the firewall manager has successfully reached in the last 24 hours.
I have the impression that those mapping actions is an internal process.
updates.checkpoint.com | 366 |
productservices.checkpoint.com | 286 |
dl3.checkpoint.com | 217 |
usercenter.checkpoint.com | 13 |
productcoverage.checkpoint.com | 12 |
Time: 2021-09-07T11:45:06Z
Id: 0a470b47-eeb2-9b19-6137-50c265990000
Sequencenum: 1
Client IP: x.x.x.x
Sendtotrackerasadvancedauditlog:0
Severity: Informational
Description: Mapping of Data Center server finished. OnlineServices []
Type: Control
Blade: CloudGuard IaaS
Origin: fm
Product Family: Network
Marker: @A@@B@1630969200@C@33221
Log Server Origin: x.x.x.x
Origin Log Server IP: x.x.x.x
Index Time: 2021-09-07T11:45:07Z
Lastupdatetime: 1631015106000
Lastupdateseqnum: 1
Confidence Level: N/A
Stored: true
Time: 2021-09-07T11:46:06Z
Id: 0a470b47-eeb2-9b19-6137-50fe659a0001
Sequencenum: 2
Client IP: x.x.x.x
Sendtotrackerasadvancedauditlog:0
Severity: Informational
Description: Mapping of Updatable Object started. OnlineServices []
Type: Control
Blade: CloudGuard IaaS
Origin: fm
Product Family: Network
Marker: @A@@B@1630969200@C@33261
Log Server Origin: x.x.x.x
Origin Log Server IP: x.x.x.x
Index Time: 2021-09-07T11:46:07Z
Lastupdatetime: 1631015166000
Lastupdateseqnum: 2
Confidence Level: N/A
Stored: true