This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Norbert_Bohusch
Advisor
‎2021-05-05 11:29 PM

Updateable objects for Check Point Cloud Services

During two PoCs/implementations in the last month, I implemented Harmony Endpoint with cloud-based management for a customer.

Both times the customer didn't want to allow full access to the internet for his clients (or at least the servers using EPS), so we followed sk116590

In my opinion the infrastructure is there, so please publish the domains from this SK also as an updatable object.

 

There might be other use cases for URLs a gateway or other Check Point services may need, so a general approach would be nice, for sure.

0 Kudos
4 Replies
PhoneBoy
Admin
Admin
‎2021-05-06 05:13 PM

Believe this is in the works and should be available in the near future.

PhoneBoy
Admin
Admin
‎2021-05-27 11:05 PM

As of today, this is now available.
Thanks to @Micky_Michaeli and team!
It's not showing in Demo Mode, but it does show on my regular management server:

Screen Shot 2021-05-27 at 10.50.16 PM.png

The list of domains covered by this object is here: https://secureupdates.checkpoint.com/cp_services/V1_0_0/gw/cp_services_uo 

Norbert_Bohusch
Advisor
‎2021-05-27 11:13 PM
In response to PhoneBoy

Perfect! Thanks 😀

The description could be a bit clearer though.

E.g. for which cloud services the domains of Check Point are included: 

- Updates for gateways with NGTX is included? I assume yes

- Updates/Mgmt for Harmony Endpoint is included? I assume yes

- Harmony Connect gateways are not included, as they are with FQDN <company-id>.cgcvpn.checkpoint.cloud

- what else am I missing?

 

0 Kudos
David_C1
Advisor
‎2021-06-03 09:39 AM
In response to PhoneBoy

This is great, I remember asking for this two years ago at CPX. However, it would be great if the Check Point Services object were broken down into sub-services, e.g. services/domains needed for endpoints, licensing, IPS updates, etc. We don't need or want to give every device running Check Point software access to every Check Point domain.

 

Dave

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events