Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Kenneth_Greger1
Participant

Updatable objects - Zscaler

Hi

We have been using Zscaler for a couple of years, and recently we started to use the Zscaler Updatable Object that CheckPoint is providing.

However, I do see a lot traffic going to Zscaler "systems" worldwide that is not picked up by this rule (Certificate validation servers, PAC servers mainly).

I checked the /opt/CPshrd-R80.40/database/downloads/ONLINE_SERVICES/1.0/200122040225/zscaler.C file, and clearly there are IP ranges that are missing.

Has anybody else come across this?

How do we report back missing IP ranges to CheckPoint?

 

/Kenneth

 

 

0 Kudos
2 Replies
Chris_Atkinson
Employee
Employee

Typically we monitor a list published by the entity and would update accordingly, is the Zscaler docco in order for the IP ranges in question?

If there is still a gap please report it via TAC.

0 Kudos
Kenneth_Greger1
Participant

For example on the Zscaler web page (https://config.zscaler.com/zscloud.net/hubs) it states you need 185.46.212.0/22.

While in the config file (zscaler.C)  you have:

: (
:ip ("185.46.212.0")
:mask (23)
:type (ip_mask)
)

 

 

0 Kudos