We are in the process to replace 2 checkpoint boxes with a customer, so we're in the process to migrate its security policy.
They have like a custom/application service named fina, which cointains ports 8091 and port 9091, but it is one solely service, it is not a group. The checkpoint admin says that this application works for ports 8091 OR port 9091. This service is used in other several different rules. This application is NOT a group, it is an application which contains both ports,
The config is looks like:
Service name: fina
Port Type: TCP
Ports: 8091, 9091
The CheckPoint admin says that this particular service could be use to allow/deny any traffic on port 8091 OR 9091. Obviously It is not a range port.
So, in MFE, is it possible to create a custom application like this? Does MFE support this while creating an custom application insert 8091, 9091 and means the same? Or Do I need to create 2 different custom application for port 8091 and another one for port 9091?. If I create it, it means the same?