Forum Discussion
Apps seen in Cloud app security but not on firewall
Hi Steve,
Cloud App Security uses your traffic logs to dynamically discover and analyze the cloud apps that your organization is using. The discovery of apps in achieved by comparing the destination URL/IP to a set of apps' signatures. Specifically for Checkpoint Firewall, the identification is based on the destination IP (as Checkpoint does not log the destination URL).
The signatures database is continuously updated to accurately capture the latest URLs and IP on known Cloud Apps, and to cover new apps that were published.
We often see cases where apps are discovered in Cloud App Security but not in customers' FW/Proxy due to outdated signatures held by the FW/Proxy. The accurate and updated signature database, also known as the Cloud App Security Application Catalog, is one on the key benefits of using the product for Shadow IT discovery.
Thanks,
Niv