This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Paul_Warnagiris
Advisor
‎2020-01-20 04:11 PM

Best Practice of o365 and on-prem gateways

I have a customer that is looking for "best practices" for on-prem gateways integrating with o365.  They had some major latency and an outage which ended up being ISP related, but it spawned a complete integration review from MSFT to the network team and to Check Point.

Specifically they are asking me for best practices.  I don't think anything like that exists.  I have asked my internal Check Point resources so some of you may have seen this question in your internal groups.  I would think if there are any best practices it's around HTTP/S and SSL inspection since that's really what o365 is.  Application control comes into play, but I don't think there are "best practices" for application control and o365 as its pretty self explanatory.

Anyway I started this thread to cover all of my bases.  Does anyone know if there are any Check Point sanctioned best practices for integrating o365 with on-prem gateways?

Thanks,
Paul

0 Kudos
1 Reply
SSlater
Employee
Employee
‎2020-01-21 08:59 PM

@Paul_Warnagiris 

We have a new feature in R80.20 that will help you out. We call them "Updatable Objects."

This is our only approach that will work to Reliably Categorize, and Detect O365 applications, currently.

 

On versions before R80.20, customers who wish to restrict access to the Office 365 services, based on IP Addresses, had to maintain a Network Group object that contains the relevant Network objects provided by Microsoft. The customers keep updating this object manually upon Microsoft updates and have to install policy after every change.

 

Please review the following SK articles for more info:

sk135572

sk131852

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events