https://community.checkpoint.com/t5/Endpoint/SandBlast-Chrome-plug-in-setup/m-p/5617#M74 <HTML><HEAD></HEAD><BODY><P style="margin: 0in 0in 0pt;"><SPAN style="color: #1f497d; font-size: 11pt;">The web extension plugin settings are under the “SandBlast Agent Threat Extraction and Emulation” policy section in SmartEndpoint.</SPAN></P><P style="margin: 0in 0in 0pt;"><SPAN style="color: #1f497d; font-size: 11pt;">&nbsp;</SPAN></P><P style="margin: 0in 0in 0pt;"><SPAN style="color: #1f497d; font-size: 11pt;">The setting for it is under the first action of “Protect web downloads …”.</SPAN></P><P style="margin: 0in 0in 0pt;"><SPAN style="color: #1f497d; font-size: 11pt;">But in the scenario you describe, I think that what you want is to exclude this internal site from inspection, as the documents there are probably trusted.</SPAN></P><P style="margin: 0in 0in 0pt;"><SPAN style="color: #1f497d; font-size: 11pt;">To do this, go to the 4<SUP>th</SUP> action. In your case it is probably “Inspect all domains and files” and add this internal domain to the exclusion list.</SPAN></P></BODY></HTML> Fri, 25 Aug 2017 17:32:31 GMT Lior_Arzi 2017-08-25T17:32:31Z https://community.checkpoint.com/t5/Endpoint/SandBlast-Chrome-plug-in-setup/m-p/5616#M73 <HTML><HEAD></HEAD><BODY><P>Hi everyone, I don't find where to setup the options of sandblast chrome plugin, in smartendpoint console. The management server is a R77.30.03. The client has some issues with the pop-up windows of the plug-in when scanning PDF files, they have an internal site that has many previews of PDF's files, and when they get in, the sandblast plug-in pop-up windows, start to pop in one after another for each file preview. They want to turn off the pop-up windows, but I don't find where to setup this.</P><P></P><P>In advance, thanks for your help.</P></BODY></HTML> Fri, 25 Aug 2017 16:08:22 GMT https://community.checkpoint.com/t5/Endpoint/SandBlast-Chrome-plug-in-setup/m-p/5616#M73 David_Munoz 2017-08-25T16:08:22Z https://community.checkpoint.com/t5/Endpoint/SandBlast-Chrome-plug-in-setup/m-p/5617#M74 <HTML><HEAD></HEAD><BODY><P style="margin: 0in 0in 0pt;"><SPAN style="color: #1f497d; font-size: 11pt;">The web extension plugin settings are under the “SandBlast Agent Threat Extraction and Emulation” policy section in SmartEndpoint.</SPAN></P><P style="margin: 0in 0in 0pt;"><SPAN style="color: #1f497d; font-size: 11pt;">&nbsp;</SPAN></P><P style="margin: 0in 0in 0pt;"><SPAN style="color: #1f497d; font-size: 11pt;">The setting for it is under the first action of “Protect web downloads …”.</SPAN></P><P style="margin: 0in 0in 0pt;"><SPAN style="color: #1f497d; font-size: 11pt;">But in the scenario you describe, I think that what you want is to exclude this internal site from inspection, as the documents there are probably trusted.</SPAN></P><P style="margin: 0in 0in 0pt;"><SPAN style="color: #1f497d; font-size: 11pt;">To do this, go to the 4<SUP>th</SUP> action. In your case it is probably “Inspect all domains and files” and add this internal domain to the exclusion list.</SPAN></P></BODY></HTML> Fri, 25 Aug 2017 17:32:31 GMT https://community.checkpoint.com/t5/Endpoint/SandBlast-Chrome-plug-in-setup/m-p/5617#M74 Lior_Arzi 2017-08-25T17:32:31Z https://community.checkpoint.com/t5/Endpoint/SandBlast-Chrome-plug-in-setup/m-p/5618#M75 <HTML><HEAD></HEAD><BODY><P>Thank you for your answer.<BR />Exactly, the documents are trusted, but in case the files became infected, when the user downloads it, the SBA will prevent the computer to get infected, right?</P><P></P><P>additionally, If the option of Protect web downloads is disable, the browser extension doesn't scan files being downloaded, but the browser extension zero phishing it's still active?</P></BODY></HTML> Fri, 25 Aug 2017 19:11:03 GMT https://community.checkpoint.com/t5/Endpoint/SandBlast-Chrome-plug-in-setup/m-p/5618#M75 David_Munoz 2017-08-25T19:11:03Z https://community.checkpoint.com/t5/Endpoint/SandBlast-Chrome-plug-in-setup/m-p/5619#M76 <HTML><HEAD></HEAD><BODY><P>Hi David,</P><P>If the customer has SBA with TE blade running, then once the&nbsp;file will be downloaded and stored on the drive, the TE will emulate it and block if it is malicious.<BR /><BR /></P><P>as for the second question:<BR />1. if web downloads is disable, Zero Phishing&nbsp;will still work&nbsp;&nbsp;</P><P>2. if a domain is excluded for emulation\extractin, it will also be excluded from zero phishing</P></BODY></HTML> Tue, 29 Aug 2017 05:35:49 GMT https://community.checkpoint.com/t5/Endpoint/SandBlast-Chrome-plug-in-setup/m-p/5619#M76 Ziv_Sahar 2017-08-29T05:35:49Z https://community.checkpoint.com/t5/Endpoint/SandBlast-Chrome-plug-in-setup/m-p/5620#M77 <HTML><HEAD></HEAD><BODY><P>Thank you very much, that's all I needed to understand.</P></BODY></HTML> Tue, 29 Aug 2017 14:59:22 GMT https://community.checkpoint.com/t5/Endpoint/SandBlast-Chrome-plug-in-setup/m-p/5620#M77 David_Munoz 2017-08-29T14:59:22Z https://community.checkpoint.com/t5/Endpoint/SandBlast-Chrome-plug-in-setup/m-p/5621#M78 <HTML><HEAD></HEAD><BODY><P>I have a client with SBA with TE blade running and Anti-phising is still blocking even though we have added the site in question to the&nbsp;exclusions for inspect all domain and&nbsp;sites, but anti-phish is still happening and blocking.</P></BODY></HTML> Tue, 11 Sep 2018 13:59:51 GMT https://community.checkpoint.com/t5/Endpoint/SandBlast-Chrome-plug-in-setup/m-p/5621#M78 Ted_Serreyn 2018-09-11T13:59:51Z https://community.checkpoint.com/t5/Endpoint/SandBlast-Chrome-plug-in-setup/m-p/5622#M79 <HTML><HEAD></HEAD><BODY><P>Hello!</P><P>You must sign in / sign out on the computer after policy install.</P></BODY></HTML> Tue, 11 Sep 2018 14:22:12 GMT https://community.checkpoint.com/t5/Endpoint/SandBlast-Chrome-plug-in-setup/m-p/5622#M79 Olga_Kuts 2018-09-11T14:22:12Z