https://community.checkpoint.com/t5/Endpoint/Host-IPS/m-p/98169#M2659 <P>Not exactly sure how that would work since code would have to execute code on the host itself to process packets from the network.<BR />A properly configured desktop firewall (which we do offer) can help limit what is processed by the host.<BR />Also, if the traffic is encrypted, there's not much to process until the packets are decrypted, where our existing SandBlast Agent protections will help.</P> Mon, 05 Oct 2020 05:48:04 GMT PhoneBoy 2020-10-05T05:48:04Z https://community.checkpoint.com/t5/Endpoint/Host-IPS/m-p/96958#M2618 <P>Is adding Host IPS on the roadmap for endpoints? This would be beneficial as another layer to prevent an exploit of the system.</P> Thu, 17 Sep 2020 15:06:59 GMT https://community.checkpoint.com/t5/Endpoint/Host-IPS/m-p/96958#M2618 JoSec 2020-09-17T15:06:59Z https://community.checkpoint.com/t5/Endpoint/Host-IPS/m-p/97112#M2626 <P>I would say the entire SandBlast Agent suite functions as a host IPS.<BR />What precise functionality do you perceive as missing?</P> Sun, 20 Sep 2020 21:41:27 GMT https://community.checkpoint.com/t5/Endpoint/Host-IPS/m-p/97112#M2626 PhoneBoy 2020-09-20T21:41:27Z https://community.checkpoint.com/t5/Endpoint/Host-IPS/m-p/97950#M2653 <P>The ability to provide prevention at the network layer prior to any code execution on the host itself.&nbsp;</P> Wed, 30 Sep 2020 17:43:52 GMT https://community.checkpoint.com/t5/Endpoint/Host-IPS/m-p/97950#M2653 JoSec 2020-09-30T17:43:52Z https://community.checkpoint.com/t5/Endpoint/Host-IPS/m-p/98169#M2659 <P>Not exactly sure how that would work since code would have to execute code on the host itself to process packets from the network.<BR />A properly configured desktop firewall (which we do offer) can help limit what is processed by the host.<BR />Also, if the traffic is encrypted, there's not much to process until the packets are decrypted, where our existing SandBlast Agent protections will help.</P> Mon, 05 Oct 2020 05:48:04 GMT https://community.checkpoint.com/t5/Endpoint/Host-IPS/m-p/98169#M2659 PhoneBoy 2020-10-05T05:48:04Z https://community.checkpoint.com/t5/Endpoint/Host-IPS/m-p/139596#M5046 <P>Would a standalone sandblast agent on a remote laptop outside the corporate network provide CVE specific IPS type protection?</P><P>For example, the Log4j IPS on the Security Gateway product:</P><P><A href="https://www.checkpoint.com/defense/advisories/public/2021/CPAI-2021-0936.html" target="_blank">https://www.checkpoint.com/defense/advisories/public/2021/CPAI-2021-0936.html</A></P> Wed, 26 Jan 2022 14:57:17 GMT https://community.checkpoint.com/t5/Endpoint/Host-IPS/m-p/139596#M5046 IP2 2022-01-26T14:57:17Z https://community.checkpoint.com/t5/Endpoint/Host-IPS/m-p/139636#M5050 <P>Behavioural protection in prevent mode provides coverage here, stay tuned for some specific compliance enhancements in this regard.</P> <P>Otherwise comparative like-to-like gateway protection for roaming users would be the Harmony Connect solution for a layered defense.</P> Wed, 26 Jan 2022 22:56:00 GMT https://community.checkpoint.com/t5/Endpoint/Host-IPS/m-p/139636#M5050 Chris_Atkinson 2022-01-26T22:56:00Z