This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
JorgeCR
Participant
‎2019-09-24 10:10 AM

Google Cloud Platform

We are seeing lot of traffic to Google Cloud Platform in our network.  Its primary category is Computers/Internet, but we are wondering what this traffic is since, as I said, it is a lot.

0 Kudos
5 Replies
PhoneBoy
Admin
Admin
‎2019-09-24 11:42 AM

As Google Cloud Platform is an Infrastructure as a Service offering that can host anything, it could be...anything.
0 Kudos
JorgeCR
Participant
‎2019-09-24 12:10 PM
In response to PhoneBoy

Thanks a lot Phone Boy. 

The fact that it is under Computers / Internet does not really help to set right permissions to users.

0 Kudos
PhoneBoy
Admin
Admin
‎2019-09-24 12:30 PM
In response to JorgeCR

I'm guessing the fairly generic classification here is because you're not using HTTPS Inspection.
Without that, you can only see what the TLS certificate indicates, which, again, could be anything, particularly if the certificate is wildcard (i.e. used for many different sites).
With HTTPS Inspection enabled, you can see exactly what URLs are being accessed and might get a different classification.
0 Kudos
JorgeCR
Participant
‎2019-09-24 01:07 PM
In response to PhoneBoy

We have HTTPS Inspection enabled.  We double checked and we are not doing HTTPS Bypass to any of the IP addresses associated with Google Cloud Platform in the logs.

0 Kudos
PhoneBoy
Admin
Admin
‎2019-09-26 08:01 AM
In response to JorgeCR

If you can provide a few sample log entries (full log card), it might provide some clues.
There may not be enough cues in the traffic to classify the traffic further than what it already is.
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    li.common.scroll-to.top