Harmony Endpoint 86.60 with Full Prevention

Tony_Graham — Tue, 18 Oct 2022 17:41:50 GMT

All,

I deployed Harmony Endpoint over the course of the last month to all of our endpoints.

I don't really believe in the 'lets test it and see what we can add later' method, I like to toss

everything at the users at once. Kind of like get all the complaints out of the way and then dial

back if needed. So far I have to say with everything set to On, Endpoint pushback has been pretty light.

That being said, I do see some areas of pain. FIrst, we get a lot of files inbound. I mean a lot. It is not

unusual for some users to get 20-30 Excel files in the AM. That quickly dials back to very little for the rest

of the day. However, take 20-30 Excel files and multiply it by an average of 30 seconds per file to be scanned

and approved and you start to see the issue. Some of these files are coming from trusted sources. Is there

a way to approve certain sites so that this check can be avoided. Sometimes the same file is getting checked twice.

Once during the download and again on access. Also, not really required. One last thing, what is the max zip file size

people are scanning. I notice a lot of users are getting their zips unchecked because they exceed the maximum

size. I assume even if it comes in unchecked that Endpoint looks at the files at local extraction time. Sorry so many

questions.

Re: Harmony Endpoint 86.60 with Full Prevention

Chris_Atkinson — Wed, 19 Oct 2022 13:29:26 GMT

The default file size limit for Threat Emulation is 15MB configurable up to 100MB as I recall.

Exceptions can be configured per sk128472.