https://community.checkpoint.com/t5/Endpoint/Sandblast-Agent-using-TE-Appliance-Solution/m-p/16519#M3405 <HTML><HEAD></HEAD><BODY><P>Dear All,</P><P></P><P><STRONG>Question regarding Sandblast Agent</STRONG></P><P><SPAN style="text-decoration: underline;"><STRONG>Setup:</STRONG></SPAN></P><P>Endpoint Server</P><P>OS: GAIA R77.30 with 143 hotfix and R77.30 Adds on package installed.</P><P></P><P><SPAN style="text-decoration: underline;"><STRONG>Blade Enabled: </STRONG></SPAN></P><P></P><P>1.Sandblast Agent Anti-Ransomware, behavioral guard and Forensics<BR />2.Sandblast Agent Anti-Bot<BR />3.Sandblast Agent Threat extraction and emulation<BR /> <BR />We use TE appliance for extraction and emulation (Local Emulation).</P><P></P><P>As per my understanding if I am downloading some file that may be exe, pdf, docs, etc then that file goes to TE appliance for emulation and extraction.</P><P></P><P><SPAN style="text-decoration: underline;"><STRONG>Question:</STRONG></SPAN> Now suppose if I am transferring any malicious FILE through <STRONG>Pendrive</STRONG> or any external storage device then, can that particular file that I copy to my PC where sandblast agent is already installed, can it send to the TE appliance for extraction and emulation.</P><P></P><P><SPAN style="text-decoration: underline;"><STRONG>NOTE:</STRONG> </SPAN>We are not using Checkpoint Antimalware Balde.</P><P></P><P><STRONG>Thank You</STRONG></P><P></P><P>Regards<BR />Chinmaya Naik</P></BODY></HTML> Wed, 14 Nov 2018 05:58:42 GMT Chinmaya_Naik 2018-11-14T05:58:42Z https://community.checkpoint.com/t5/Endpoint/Sandblast-Agent-using-TE-Appliance-Solution/m-p/16519#M3405 <HTML><HEAD></HEAD><BODY><P>Dear All,</P><P></P><P><STRONG>Question regarding Sandblast Agent</STRONG></P><P><SPAN style="text-decoration: underline;"><STRONG>Setup:</STRONG></SPAN></P><P>Endpoint Server</P><P>OS: GAIA R77.30 with 143 hotfix and R77.30 Adds on package installed.</P><P></P><P><SPAN style="text-decoration: underline;"><STRONG>Blade Enabled: </STRONG></SPAN></P><P></P><P>1.Sandblast Agent Anti-Ransomware, behavioral guard and Forensics<BR />2.Sandblast Agent Anti-Bot<BR />3.Sandblast Agent Threat extraction and emulation<BR /> <BR />We use TE appliance for extraction and emulation (Local Emulation).</P><P></P><P>As per my understanding if I am downloading some file that may be exe, pdf, docs, etc then that file goes to TE appliance for emulation and extraction.</P><P></P><P><SPAN style="text-decoration: underline;"><STRONG>Question:</STRONG></SPAN> Now suppose if I am transferring any malicious FILE through <STRONG>Pendrive</STRONG> or any external storage device then, can that particular file that I copy to my PC where sandblast agent is already installed, can it send to the TE appliance for extraction and emulation.</P><P></P><P><SPAN style="text-decoration: underline;"><STRONG>NOTE:</STRONG> </SPAN>We are not using Checkpoint Antimalware Balde.</P><P></P><P><STRONG>Thank You</STRONG></P><P></P><P>Regards<BR />Chinmaya Naik</P></BODY></HTML> Wed, 14 Nov 2018 05:58:42 GMT https://community.checkpoint.com/t5/Endpoint/Sandblast-Agent-using-TE-Appliance-Solution/m-p/16519#M3405 Chinmaya_Naik 2018-11-14T05:58:42Z https://community.checkpoint.com/t5/Endpoint/Sandblast-Agent-using-TE-Appliance-Solution/m-p/16520#M3406 <HTML><HEAD></HEAD><BODY><P>Yes, see <A class="" href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk116381&amp;partition=Advanced&amp;product=SandBlast">sk116381: <STRONG>SandBlast</STRONG> <STRONG>Agent</STRONG> Threat Emulation Appliance certificates installation</A></P><P></P><P>Also SandBlast Agent for Browsers can perform SandBlast Threat Emulation and SandBlast Threat Extraction on:</P><UL><LI>Check Point Threat Cloud</LI><LI>Security Gateway or TE Appliance running R77.30 with Jumbo Hotfix. Instructions&nbsp;are available at <A href="https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk113599">sk113599</A>.</LI></UL></BODY></HTML> Wed, 14 Nov 2018 10:24:38 GMT https://community.checkpoint.com/t5/Endpoint/Sandblast-Agent-using-TE-Appliance-Solution/m-p/16520#M3406 G_W_Albrecht 2018-11-14T10:24:38Z https://community.checkpoint.com/t5/Endpoint/Sandblast-Agent-using-TE-Appliance-Solution/m-p/16521#M3407 <HTML><HEAD></HEAD><BODY><P>Thank You Sir&nbsp;<img id="smileyhappy" class="emoticon emoticon-smileyhappy" src="https://community.checkpoint.com/i/smilies/16x16_smiley-happy.png" alt="Smiley Happy" title="Smiley Happy" /></P><P></P><P>It's really a good feature I did the lab also and its work.</P><P></P><P>Thank You&nbsp;<img id="smileyhappy" class="emoticon emoticon-smileyhappy" src="https://community.checkpoint.com/i/smilies/16x16_smiley-happy.png" alt="Smiley Happy" title="Smiley Happy" /></P></BODY></HTML> Mon, 19 Nov 2018 06:31:22 GMT https://community.checkpoint.com/t5/Endpoint/Sandblast-Agent-using-TE-Appliance-Solution/m-p/16521#M3407 Chinmaya_Naik 2018-11-19T06:31:22Z