https://community.checkpoint.com/t5/Endpoint/Endpoint-Security-Install-on-Servers/m-p/55133#M1213 <P>For Servers deployment I would run Anti-Malware and Forensics with Learning mode configuration at first</P> <P>Then I would add additional components, such as Anti-Ransomware and Behavioral Guard, Anti-Bot and Threat Emulation for the file system. I would start with learning mode configuration and create the relevant exclusions based on the server type and the component deployed</P> <P>It is recommended that&nbsp; for servers deployment and policy configuration you will separate the policy rules that will provide you with more complete control over the servers deployment and policy</P> <P>please read the following SK to learn more about learning mode to best practice and the configuration</P> <P><A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk153713" target="_blank">https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk153713</A></P> <P>&nbsp;</P> <P>&nbsp;</P> Wed, 05 Jun 2019 20:26:03 GMT Boaz_Barzel 2019-06-05T20:26:03Z https://community.checkpoint.com/t5/Endpoint/Endpoint-Security-Install-on-Servers/m-p/54941#M1204 <P>Hi All,</P><P>I am starting to deploy the endpoint client to servers. We are licensed for endpoint complete, but I am wondering what blades others have installed in this scenario. I am thinking to stick with installing AntiMalware only on the servers, leaving SBA, AB, TE, MEPP, etc. for just the client workstations.</P><P>What are you all doing for this? Especially curious as it related to servers running services like AD Domain Controllers, SQL Servers, Sharepoint servers, etc.</P><P>Thanks in advance;</P><P>~D</P><P>&nbsp;</P> Mon, 03 Jun 2019 15:38:06 GMT https://community.checkpoint.com/t5/Endpoint/Endpoint-Security-Install-on-Servers/m-p/54941#M1204 David_Levine 2019-06-03T15:38:06Z https://community.checkpoint.com/t5/Endpoint/Endpoint-Security-Install-on-Servers/m-p/55129#M1212 It depends on how the server is administered, I think.<BR />The more "end user" like things you do on the server (i.e. use a web browser, have physical access to it), the more of the blades you should run.<BR />A decent minimum set for a proper server seems to be Anti-Bot and Anti-Malware. Wed, 05 Jun 2019 20:18:22 GMT https://community.checkpoint.com/t5/Endpoint/Endpoint-Security-Install-on-Servers/m-p/55129#M1212 PhoneBoy 2019-06-05T20:18:22Z https://community.checkpoint.com/t5/Endpoint/Endpoint-Security-Install-on-Servers/m-p/55133#M1213 <P>For Servers deployment I would run Anti-Malware and Forensics with Learning mode configuration at first</P> <P>Then I would add additional components, such as Anti-Ransomware and Behavioral Guard, Anti-Bot and Threat Emulation for the file system. I would start with learning mode configuration and create the relevant exclusions based on the server type and the component deployed</P> <P>It is recommended that&nbsp; for servers deployment and policy configuration you will separate the policy rules that will provide you with more complete control over the servers deployment and policy</P> <P>please read the following SK to learn more about learning mode to best practice and the configuration</P> <P><A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk153713" target="_blank">https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk153713</A></P> <P>&nbsp;</P> <P>&nbsp;</P> Wed, 05 Jun 2019 20:26:03 GMT https://community.checkpoint.com/t5/Endpoint/Endpoint-Security-Install-on-Servers/m-p/55133#M1213 Boaz_Barzel 2019-06-05T20:26:03Z https://community.checkpoint.com/t5/Endpoint/Endpoint-Security-Install-on-Servers/m-p/55226#M1214 <P>Thanks for the reply;</P><P>I am reading through the sk's you referenced regarding Learning Mode. This is very helpful... Is this something that is incorporated in official training / documentation?</P><P>Cheers!</P><P>&nbsp;&nbsp;</P> Thu, 06 Jun 2019 15:49:51 GMT https://community.checkpoint.com/t5/Endpoint/Endpoint-Security-Install-on-Servers/m-p/55226#M1214 David_Levine 2019-06-06T15:49:51Z https://community.checkpoint.com/t5/Endpoint/Endpoint-Security-Install-on-Servers/m-p/55231#M1215 SecureKnowledge is a form of official documentation. <BR />I imagine we'll add it to the product documentation in upcoming releases. Thu, 06 Jun 2019 17:28:49 GMT https://community.checkpoint.com/t5/Endpoint/Endpoint-Security-Install-on-Servers/m-p/55231#M1215 PhoneBoy 2019-06-06T17:28:49Z https://community.checkpoint.com/t5/Endpoint/Endpoint-Security-Install-on-Servers/m-p/55238#M1216 Totally agree... just hadn't seen it before, and am finding it helpful! Thu, 06 Jun 2019 19:03:34 GMT https://community.checkpoint.com/t5/Endpoint/Endpoint-Security-Install-on-Servers/m-p/55238#M1216 David_Levine 2019-06-06T19:03:34Z