This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Shurik
Contributor
‎2020-12-02 12:32 PM

Outbound wildcard objects

Hello guys,

I'm looking to allow access to office 365 URLs, but having problem to allow access to wildcard objects, like *.outlook365.com etc.

I came across this article - https://community.checkpoint.com/t5/Next-Generation-Firewall/White-Paper-Implementing-Non-FQDN-Domai...

Unfortunately it doesn't work for me. I can allow access to specific domain, but now to wildcard objects.

What possibly I'm doing wrong?

Should I have URL filtering or application control in order to be able to allow wildcard access?

 

Our current version is R80.10

 

Thanks!

0 Kudos
3 Replies
Wolfgang
Authority
Authority
‎2020-12-02 12:43 PM

Best solution would be an update to a newer version and using updatables object.

Microsoft Office 365 objects as Network Objects in R80.20 and above 

Wolfgang

Shurik
Contributor
‎2020-12-02 01:34 PM
In response to Wolfgang

Thanks! That's a cool option 🙂

Any known performance issues with updatable objects?

0 Kudos
PhoneBoy
Admin
Admin
‎2020-12-02 12:45 PM

Non-FQDN domain objects don’t work in practice because reverse DNS on the relevant IP addresses rarely works.
We have Updatable Objects in R80.20+ that can be used to allow access to Office 365 without implementing App Control.
You can also do it with App Control but you should really upgrade to R80.30+ for the improved SNI support in HTTPS traffic (will improve App Control/URLF detection overall as well).
Also, R80.10 is nearing its End of Support date, so you have plenty of reasons to upgrade.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events