Hello,
I'm working on migrating a Checkpoint Firewall running R.81 to a Palo Alto using Expedition and after a few attempts and failures I started digging deeper into the objects configured on the Checkpoint. There are multiple "Domain Objects" which start with a "." and then followed by domain. Unfortunately FQDN objects in Palo Alto do not support that, so the migrated objects while pushed are actually invalid. These domain objects are used in the security policy as a Source or Destination. The report suggests converting to a Custom URL Category but would that work as a source? Would an EDL be a better option? Or is there another option?
My other challenge is there are "Updatable Objects" which I think is a mix of Application / EDL which is maintained by Checkpoint for specific applications and services and dynamically updated with "wildcard" domains and networks.
Has anyone migrated a Checkpoint recently with similar objects being used in the security policy and if so how did you replicate the same type of functionality since Palo Alto doesn't support either by default...
And is there a configuration example guide or something for exactly how you would format or enter in XML different configuration options in Expedition to push? I was able to figure out how to define a Custom URL Category but so far have failed to correct get the right commands/syntax for Log Forwarding...
Thank you,
James
... View more
