Configure a block list as a Custom Intelligence Feed on the Check Point NGTP integration
-
- UpdatedJan 30, 2025
- 2 minutes to read
- Yokohama
- Security Incident Response integrations
The firewall administrator must configure the Custom Intelligence Feed corresponding to the Block List created in NOW platform.
Before you begin
Role required: admin
About this task
The firewall administrator would need the retrieval URL of Block List and the ServiceNow user credentials with role Check Point API Account Access Role (sn_sec_checkpoint.api_account_access).
If Firewall administrator is not using NOW platform, the NOW Security Incident Administrator can provide the required information via an Email. Alternately, if firewall administrator is using NOW platform, the Change Request associated with Block List can be assigned to firewall administrator. This Change Request has the required information to configure Custom Intelligence Feed.
For more information on setting up Custom Intelligence Feed on Check Point Gateways, refer to: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk132193
Procedure