Narsimha Rao Konjeti

R80.10 Features

Discussion created by Narsimha Rao Konjeti on Jun 29, 2018
Latest reply on Jul 1, 2018 by Tomer Sole

I have the following queries regarding some of the limitations of Checkcpoint. Please clarify if you are aware of the solutions:

 

  • Is it possible to block the DNS request for the particular malicious domain instead of blocking the entire external dns communication. The rule should be source:Internal DNS server, destination:External DNS server, domain:malicious domain, service:udp/53, action:block
  • I was trying to integrate the Sandblast logs to the local log server. Once integrated local firewall daemon crashing continuously. What we need is only logs/alerts related to malicious attachments/urls instead of all the beningn verdict logs. I don't see any such configuration feature in the Sandblast portal.
  • We are developing our own portal so we are using log exporter tool to export all the logs from the log server. We also want to export gateway health/traffic statistics to our portal. Is there any API funtionality available for the same.

 

Thanks,

KNRao

Outcomes