Updatable Objects

An updatable object is a network object which represents an external service, such as Office 365, AWS, GEO locations and more. External services providers publish lists of IP addresses or Domains or both to allow access to their services. These lists are dynamically updated. Updatable objects derive their contents from these published lists of the providers, which Check Point uploads to the Check Point cloud. The updatable objects are updated automatically on the Security GatewayClosed Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. each time the provider changes a list. There is no need to install policy for the updates to take effect. You can use updatable objects in all three types of policies: Access Control, Threat Prevention and HTTPS InspectionClosed Feature on a Security Gateway that inspects traffic encrypted by the Secure Sockets Layer (SSL) protocol for malware or suspicious patterns. Synonym: SSL Inspection. Acronyms: HTTPSI, HTTPSi.. You can use an updatable object in the Access Control, Threat Prevention or the HTTPS Inspection policy as a source or a destination. In the Threat Prevention policy, you can also use an updatable object as the protected scope.

Notes:

  • For Access Control, this feature is supported for R80.20 and above gateways. For Threat Prevention and HTTPS Inspection, this feature is supported for R80.40 and above gateways.

  • Updatable Objects cannot be added to a network group.

Adding an Updatable Object to the Security Policy

A customer uses Office365 and wants to allow access to Microsoft Exchange services.

To add the Microsoft Exchange Updatable Object to the Security Gateway

  1. Make sure the Security Management ServerClosed Dedicated Check Point server that runs Check Point software to manage the objects and policies in a Check Point environment within a single management Domain. Synonym: Single-Domain Security Management Server. and the Security Gateway have access to the Check Point cloud.

  2. Go to SmartConsoleClosed Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on. > Security PoliciesClosed Collection of rules that control network traffic and enforce organization guidelines for data protection and access to resources with packet inspection. > Access Control > Policy.

  3. Create a new ruleClosed Set of traffic parameters and other conditions in a Rule Base (Security Policy) that cause specified actions to be taken for a communication session..

  4. In the Destination column, click the + sign and select Import > Updatable Objects.

    The Updatable Objects window opens.

  5. Select the objects to add. For this use case, select the Exchange Services object.

    Note - You can also add objects to the Source column.

  6. Click OK.

  7. Install policy.

The Exchange Services object is added to the Rule BaseClosed All rules configured in a given Security Policy. Synonym: Rulebase..

No

Name

Source

Destination

VPN

Services & Applications

Action

Track

1

Accept Exchange

WirelessZone

Exchange Services

Any

Any

Accept

Log

2

Accept Exchange

Exchange Services

WirelessZone

Any

Any

Accept

Log

You can monitor the updates in the Logs & Monitor > Logs view.

To monitor the updates

  1. Go to SmartConsole > Logs & Monitor.

  2. From the search bar, enter Updatable Objects.

  3. Double-click the relevant log.

    The Log Details window shows.

  4. Succeeded shows in the Status field when the update is successful.