Importing Custom Intelligence Feeds in SmartConsole

Custom Intelligence Feeds lets you fetch feeds from a third-party server directly to the Security GatewayClosed Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. to be enforced by the Anti-VirusClosed Check Point Software Blade on a Security Gateway that uses real-time virus signatures and anomaly-based protections from ThreatCloud to detect and block malware at the Security Gateway before users are affected. Acronym: AV. and Anti-BotClosed Check Point Software Blade on a Security Gateway that blocks botnet behavior and communication to Command and Control (C&C) centers. Acronyms: AB, ABOT. blades.

The Custom Intelligence Feeds feature helps you manage and monitor indicators with minimal operational overhead.

Starting from R81, you can import Custom Intelligence Feeds in SmartConsoleClosed Check Point GUI application used to manage a Check Point environment - configure Security Policies, configure devices, monitor products and events, install updates, and so on., in addition to importing feeds in the CLI.

To import Custom Intelligence Feeds in SmartConsole:

  1. From the left navigation panel, click Security Policies.

  2. In the top left section, click Threat Prevention > Policy.

  3. In the bottom left section, click Custom Policy Tools.

  4. Click Indicators.

  5. Click New and select External IOC Feed.

For more information, see Importing External Custom Intelligence Feeds in SmartConsole.