Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
GrassF
Contributor

Allowing Fortigate ISDB on Checkpoint

Hi, we have place a checkpoint Firewall before a Fortigate Firewall. The checkpoint is facing the internet as 1st line Firewall. We need to allow some ISDB (Fortigate Internet Service Database) through the checkpoint. How could this be implemented?

Unfortunately the fortigate services does not give any urls, only IPs

These are example of ISDB we would like to allow.
TrendMicro-Other 1-65535
TrendMicro-Web 80, 443, 8443
Adobe-Adobe.Cloud 1-65535

Thank you,

0 Kudos
2 Replies
Chris_Atkinson
Employee Employee
Employee

We have something similar that we call Updatable Objects, please refer sk131852.

Depending on the scenario you may optionally use Domain objects to help in case there are gaps.

Where we don't have coverage currently for a specific service you can otherwise request it via your CP account team as an RFE.

 

CCSM R77/R80/ELITE
0 Kudos
GrassF
Contributor

Thank you, we've tried Updatable Objects but TrendMicro and Adobe are not covered. We though about this option with domain objects but we do not have the urls for it (TrendMicro and Adobe) - the IPs seems not to be bound to the urls of the vendors, for example trendmicro.com or adobe.com - We randomly choose some IPs defined for this on the forgate and the nslookup are giving us different outcomes.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events