Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
K_montalvo
Advisor

BLOCK BAD REPUTATION IPS IN A DYNAMIC WAY

Jump to solution

Hello experts,

Kindly guide me if its possible to have like a rule, blade or external connector or any recommended configuration in order to have protection on the Gateway perimeter  to block malicious reported IP address range like botnets, hackers etc? This is with the purpose to reduce having to create objects and manually applied to specific existing block rule on the network access layer.

Thanks!

0 Kudos
2 Solutions

Accepted Solutions
Chris_Atkinson
Employee
Employee

ioc_feeds, available natively in R81 SmartConsole - refer sk132193.

https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_ThreatPrevention_AdminGuide/Topics...

Other options exist depending on your enabled blades and might leverage dynamic / imported objects (sk167210) or the available APIs.

View solution in original post

the_rock
Champion
Champion

Hey bro,

What I always do is use below link, get all IPs from the txt file, slap it in .csv file, import in mgmt, create a rule with group object containing the file you import and thats it.

Andy

https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_Chassis_AdminGuide/Topics-Chassis-...

You can also use below sites to confirm if site might be malicious.

https://www.virustotal.com/gui/home/upload

https://www.urlvoid.com

View solution in original post

2 Replies
Chris_Atkinson
Employee
Employee

ioc_feeds, available natively in R81 SmartConsole - refer sk132193.

https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_ThreatPrevention_AdminGuide/Topics...

Other options exist depending on your enabled blades and might leverage dynamic / imported objects (sk167210) or the available APIs.

the_rock
Champion
Champion

Hey bro,

What I always do is use below link, get all IPs from the txt file, slap it in .csv file, import in mgmt, create a rule with group object containing the file you import and thats it.

Andy

https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_Chassis_AdminGuide/Topics-Chassis-...

You can also use below sites to confirm if site might be malicious.

https://www.virustotal.com/gui/home/upload

https://www.urlvoid.com