https://community.checkpoint.com/t5/Endpoint/Downloadable-application-lock-by-SmartEndpoint-policies/m-p/51456#M1096 <P>SandBlast extension could block specific file type to be downloaded at all.</P> <P>&nbsp;</P> <P>It could be either Standalone extension which is managed from gateway or extension installed as part of Threat Extraction and Emulation (TE) blade.</P> <P>TE blade it is controlled in the following way:</P> <P>SmartEndpoint -&gt; Policy Tab -&gt; "Threat Extraction and Emulation"&nbsp; section -&gt; Protect web download with Threat Emulation.<BR />Right-click and select "Edit shared action", now click on "Override default file action per file type".</P> <P>Ther you can set for EXE - Block Download.</P> Sun, 21 Apr 2019 12:29:27 GMT Maksym_Sofer 2019-04-21T12:29:27Z https://community.checkpoint.com/t5/Endpoint/Downloadable-application-lock-by-SmartEndpoint-policies/m-p/49935#M1041 <P><SPAN class="tlid-translation translation"><SPAN>Hi all,</SPAN><BR /><BR /><SPAN>Currently I have the following scenario:</SPAN><BR /><BR /><SPAN>I need to block a downloadable application through policies of Smartendpoint and its client.</SPAN><BR /><BR /><SPAN class="">It is possible to customize such blocking, that is, a "test.exe" program can not be downloaded by a user.</SPAN><BR /><BR /><SPAN class="">Thank you very much for your attention!</SPAN></SPAN></P> Fri, 05 Apr 2019 15:29:03 GMT https://community.checkpoint.com/t5/Endpoint/Downloadable-application-lock-by-SmartEndpoint-policies/m-p/49935#M1041 Diego_Carreno 2019-04-05T15:29:03Z https://community.checkpoint.com/t5/Endpoint/Downloadable-application-lock-by-SmartEndpoint-policies/m-p/50037#M1042 On SmartEndpoint you should be able to prevent the application from running by using Application Control.<BR />To prevent downloading, it's possible URL Filtering might be able to do it, but not sure.<BR />A gateway running Anti-virus blade could do it (possibly requiring HTTPS Inspection). Sat, 06 Apr 2019 21:44:17 GMT https://community.checkpoint.com/t5/Endpoint/Downloadable-application-lock-by-SmartEndpoint-policies/m-p/50037#M1042 PhoneBoy 2019-04-06T21:44:17Z https://community.checkpoint.com/t5/Endpoint/Downloadable-application-lock-by-SmartEndpoint-policies/m-p/50168#M1047 <P><SPAN class="tlid-translation translation"><SPAN>Thanks for your answer.</SPAN><BR /><BR /><SPAN class="">Finally I spoke with TAC and they told me that it was not possible to carry out that configuration through SmarEndpoint policies.</SPAN></SPAN></P> Mon, 08 Apr 2019 15:35:38 GMT https://community.checkpoint.com/t5/Endpoint/Downloadable-application-lock-by-SmartEndpoint-policies/m-p/50168#M1047 Arkavia_Network 2019-04-08T15:35:38Z https://community.checkpoint.com/t5/Endpoint/Downloadable-application-lock-by-SmartEndpoint-policies/m-p/51456#M1096 <P>SandBlast extension could block specific file type to be downloaded at all.</P> <P>&nbsp;</P> <P>It could be either Standalone extension which is managed from gateway or extension installed as part of Threat Extraction and Emulation (TE) blade.</P> <P>TE blade it is controlled in the following way:</P> <P>SmartEndpoint -&gt; Policy Tab -&gt; "Threat Extraction and Emulation"&nbsp; section -&gt; Protect web download with Threat Emulation.<BR />Right-click and select "Edit shared action", now click on "Override default file action per file type".</P> <P>Ther you can set for EXE - Block Download.</P> Sun, 21 Apr 2019 12:29:27 GMT https://community.checkpoint.com/t5/Endpoint/Downloadable-application-lock-by-SmartEndpoint-policies/m-p/51456#M1096 Maksym_Sofer 2019-04-21T12:29:27Z