Network Feed

A network feed object is a network object that lets you enforce feeds that are generated on external HTTP/HTTPS servers. The feed can contain IP addresses (single or ranges), domains, or both.

For example:

Single IP (1.1.1.1)

Range (1.1.1.1-2.2.2.2)

IP + masklen (1.1.1.1/24)

FQDN domain (google.com)

Non-FQDN domain (*.google.com)

The feed must be written in a supported format (see below). The Security Gateway Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. fetches, parses, and updates the network feed object automatically according to the feed changes on the external source server. There is no need to install policy for the updates to take effect. You can use an external network feed object in the Access Control / HTTPS Inspection Feature on a Security Gateway that inspects traffic encrypted by the Secure Sockets Layer (SSL) protocol for malware or suspicious patterns. Synonym: SSL Inspection. Acronyms: HTTPSI, HTTPSi. / NAT policy as a source, or a destination.

Note - Local feeds hosted on the Security Gateway are not supported.

For more information, see External Network Feeds.