Create a Post
Showing results for 
Search instead for 
Did you mean: 

Best Practice of o365 and on-prem gateways

I have a customer that is looking for "best practices" for on-prem gateways integrating with o365.  They had some major latency and an outage which ended up being ISP related, but it spawned a complete integration review from MSFT to the network team and to Check Point.

Specifically they are asking me for best practices.  I don't think anything like that exists.  I have asked my internal Check Point resources so some of you may have seen this question in your internal groups.  I would think if there are any best practices it's around HTTP/S and SSL inspection since that's really what o365 is.  Application control comes into play, but I don't think there are "best practices" for application control and o365 as its pretty self explanatory.

Anyway I started this thread to cover all of my bases.  Does anyone know if there are any Check Point sanctioned best practices for integrating o365 with on-prem gateways?


0 Kudos
1 Reply


We have a new feature in R80.20 that will help you out. We call them "Updatable Objects."

This is our only approach that will work to Reliably Categorize, and Detect O365 applications, currently.


On versions before R80.20, customers who wish to restrict access to the Office 365 services, based on IP Addresses, had to maintain a Network Group object that contains the relevant Network objects provided by Microsoft. The customers keep updating this object manually upon Microsoft updates and have to install policy after every change.


Please review the following SK articles for more info:




Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events