This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
carl_t
Contributor
‎2019-05-17 06:03 AM
Jump to solution

How to I allow access to Office 365 servers that constantly update the list of IPs

Hi All

We currently use a cloud based web proxy for all our users web traffic, on the Firewalls we have rules only permitting users to access these proxies, all other web traffic is blocked.

We want to bypass the proxy for Office 365, however the IP and URL list is exhaustive and also constantly changes, without doing dynamic object rules which do dns lookups and cause issues with the firewall, is there any other way we can achieve this?

For example using application control?

If we did do app control, would we still need the rule in the security policy? Does the Firewall look at the security policy first, then the app control second?

cheers

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin
‎2020-05-10 05:20 PM
In response to Mike_Jensen
Jump to solution

Updatable Objects don't require an App Control/URL Filtering license.

View solution in original post

4 Replies
John_Fulater
Contributor
‎2019-05-17 10:34 AM
Jump to solution

In R80.20, there are Updateable Objects - These are best explained in sk131852

The objects get updated directly for the applications they support.  

You can layer on Application control with this.

 

0 Kudos
Mike_Jensen
Advisor
‎2020-05-06 01:12 PM
In response to John_Fulater
Jump to solution

My organization is in the beginning phase of implementing Office 365 with products such as AD Sync, Microsoft Teams, etc.  If I understand correctly I can use the Check Point "Office 365" updateable object, run at least R80.20, and I can provide access to all of the Office 365 IP's, domain names, etc. with just my firewall policy?  I don't need application control or URL filtering licenses?

0 Kudos
Troy_Yeske
Employee Alumnus
Employee Alumnus
‎2020-05-06 02:31 PM
In response to Mike_Jensen
Jump to solution

I created a layer in my lab without App/Control and URL filtering and the updateable objects option was there so it appears it is outside of the app/url filtering license.  But my gateway is fully licensed otherwise.  Seeing if the option shows up in your source/dst should tell you.

 

 

0 Kudos
PhoneBoy
Admin
Admin
‎2020-05-10 05:20 PM
In response to Mike_Jensen
Jump to solution

Updatable Objects don't require an App Control/URL Filtering license.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events
    li.common.scroll-to.top