This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Anthony_Kahwati
Collaborator
‎2022-02-04 07:49 AM

Service Objects

Hi 

Can someone clarify for me if the out of the box service objects are more than just a TCP port match?

For example, if I choose the SSH object as my service in a access policy rule does it behave differently to me creating a from-scratch service object called mySSH that also matches TCP/22? Is there any application awareness in it or is it just a TCP match with some specific timeouts?

Hope that makes sense... 

Thanks

 

Labels
0 Kudos
3 Replies
Chris_Atkinson
Employee Employee
Employee
‎2022-02-04 08:04 AM

It depends on the specifics of the particular service object.

Then if you use objects found in the AppWiki or that otherwise have "protocol signature" enabled then more advanced recognition is performed rather than simple ports.

https://appwiki.checkpoint.com/appwikisdb/public.htm

 

CCSM R77/R80/ELITE
0 Kudos
Timothy_Hall
Legend Legend
Legend
‎2022-02-05 06:55 AM

Please see my post here which should fully answer your question:

https://community.checkpoint.com/t5/Management/Enable-Protocol-Signature-by-default/m-p/139285/highl...

 

Attend my Gateway Performance Optimization R81.20 course
CET (Europe) Timezone Course Scheduled for July 1-2
0 Kudos
the_rock
Legend
Legend
‎2022-02-05 08:27 AM

You definitely got correct answers from both @Timothy_Hall and @Chris_Atkinson , but I will tell you from my own personal experience, its hit and miss, depending on which service you use. Sometimes, it behaves the same, sometimes not...

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    Top