cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Highlighted
Herold
Nickel

Crimea IP ranges in Threat Prevention Geo Policy

Hi,

I need to apply specific security rules for traffic coming from Crimea but this state is not defined in Checkpoint  Threat Prevention Geo Policy. So far, i've been downloading manual updates from Maxminds and statically update the Checkpoint policy. This manual method is not reliable enough as you can understand. What do you think would be the best way to maintain policies with Crimea IP ranges on Checkpoint? I doubt that i'm the only one facing this challenge.

Thanks in advanced.

 

 

0 Kudos
4 Replies
Admin
Admin

Re: Crimea IP ranges in Threat Prevention Geo Policy

Upgrade Gateways and Management to R80.20 and above.
Use Updatable Objects in the Access Policy for Crimea.
Herold
Nickel

Re: Crimea IP ranges in Threat Prevention Geo Policy

Hi, 

Crimea is not listed in the upgradable Geo Location objects.  Can we customize one object to if we can get a feed to keep updating the IPs?

0 Kudos
Admin
Admin

Re: Crimea IP ranges in Threat Prevention Geo Policy

Right now, there is no automatic way to take a feed of IPs and assign to an object.
There should be a way to do this in an upcoming release.
Meanwhile, you could potentially do this with Dynamic Objects and a script to update the object periodically from a feed or similar.
0 Kudos
Employee+
Employee+

Re: Crimea IP ranges in Threat Prevention Geo Policy

...or use the IOC feeds feature (sk132193) although it is more for preventing threats and not for blocking access.
0 Kudos