cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question

Exporting/Importing of Objects (R80.20)

Jump to solution

There's got to be an easy way to do this - export a load of objects from one policy and import them into another?

Why?

It's that wonderful Office 365 and HTTPS Inspection issue causing much gnashing of teeth again.  The ONLY way it seems this will work is to create the individual network objects (as detailed in Office 365 IP Address and URL Web service | Microsoft Docs ).  That's fine if you're only managing one estate but when you manage any more than one, that's a thankless, full-time job for one person and let's face it, it's 2018 not 1918 so there's got to be a way to do this programmatically, surely?

Anyone got any ideas around this?

TIA

Labels (1)
1 Solution

Accepted Solutions

Re: Exporting/Importing of Objects (R80.20)

Jump to solution
6 Replies

Re: Exporting/Importing of Objects (R80.20)

Jump to solution

Re: Exporting/Importing of Objects (R80.20)

Jump to solution

Nice!  Thanks!

0 Kudos

Re: Exporting/Importing of Objects (R80.20)

Jump to solution

Maybe I don't understand something here, but you are using R80.20 and in R80.20 there are Updateble Objects, which include Office365. Is it not possible to use them in your case?

0 Kudos

Re: Exporting/Importing of Objects (R80.20)

Jump to solution

Yeah, they don't work in the HTTPS Inspection policy yet.

0 Kudos
Employee+
Employee+

Re: Exporting/Importing of Objects (R80.20)

Jump to solution

Hi,

Unfortunately, updatable objects are not supported in HTTPS Inspection in R80.20.

You can sumbit RFE thru your SE to get support of O365 in HTTPSI policy in R80.20

Thanks,

Meital 

Re: Exporting/Importing of Objects (R80.20)

Jump to solution

Already been done but no capability yet.

Easiest way to do this is some XML parsing from the MS IP address list to insert the hosts/networks into the object DB via the API and then use the export/import scripts to move them around environments if required.

Add the objects to a group and then use that group in the HTTPSI policy as the destination in a bypass rule. Don’t use any categories otherwise the first packet is inspected and it breaks the bypass rule.

0 Kudos