This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Jason_Smith3
Participant
‎2018-11-07 10:24 AM

IoT / Printers limiting Internet access

So I have devices that need internet but only to specific sites.  Problem is those sites are on cloud servers and arent using a specific IP range.  

Example - Xerox printer need to get to xerox for updates but no where else on the internet.  Xerox is running it's servers on AWS and do not have a specific IP or IP range..

So how would you go about blocking ALL internet traffic except certain "named" websites.  Could I block all traffic to the internet in FW rules but then still allow access by group in App Control Blade?  I haven't been able to get that to work right.

Interested in others thoughts!

3 Replies
Kaspars_Zibarts
Employee Employee
Employee
‎2018-11-07 12:30 PM

Use domain objects. The best thing that happened with R80.10    as long as you don't require wildcard. Else dynamic objects can be option

Domain Objects in R80.10 and above 

Dor_Marcovitch
Advisor
‎2018-11-07 02:02 PM

If you can identify the printers ip/network ranges/access roles than you are good wuth the source.

Regarding the destination check what kind of traffuc they are initiating.

It will probably be http/https traffic than just build an application and url filtering policy for those specific urls or domains.

Daniel_Kavan
Advisor
Advisor
‎2020-03-12 05:40 AM
In response to Dor_Marcovitch

So, I can see how the firewall would be able to stop inbound/outbound INTERNET traffic for the IOT device, but what about internal traffic?  Are some companies putting IOT devices in a DMZ or adding an internal firewall or does adding the IOT agent on the IOT device inspect the SSH traffic to the IOT device?

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    li.common.scroll-to.top