https://community.checkpoint.com/t5/Endpoint/Endpoint-on-domain-servers/m-p/36392#M910 <HTML><HEAD></HEAD><BODY><P>anyone have experience running anti-malware, anti-bot, forensics and anti-ransomware and Threat emulation on domain servers like Active Directory, SQL server, terminal server, and file shares?&nbsp; I am thinking file shares and terminal server might be fine.&nbsp; Looking for any documentation or any feed back from anyone that has done this.&nbsp; Any folders to exclude (other than what Microsoft recommends for SQL).&nbsp; </P></BODY></HTML> Mon, 19 Mar 2018 12:52:01 GMT Joe_Matthews 2018-03-19T12:52:01Z https://community.checkpoint.com/t5/Endpoint/Endpoint-on-domain-servers/m-p/36392#M910 <HTML><HEAD></HEAD><BODY><P>anyone have experience running anti-malware, anti-bot, forensics and anti-ransomware and Threat emulation on domain servers like Active Directory, SQL server, terminal server, and file shares?&nbsp; I am thinking file shares and terminal server might be fine.&nbsp; Looking for any documentation or any feed back from anyone that has done this.&nbsp; Any folders to exclude (other than what Microsoft recommends for SQL).&nbsp; </P></BODY></HTML> Mon, 19 Mar 2018 12:52:01 GMT https://community.checkpoint.com/t5/Endpoint/Endpoint-on-domain-servers/m-p/36392#M910 Joe_Matthews 2018-03-19T12:52:01Z https://community.checkpoint.com/t5/Endpoint/Endpoint-on-domain-servers/m-p/36393#M911 <HTML><HEAD></HEAD><BODY><P class="">Joe,</P><P class="">I have only been using Microsoft recommendation when I should exclude files from being touched by the Endpoint Software.</P><P class=""><BR /></P><P class="">Though I have had problems with how to exclude directories or files. Check Point did an upgrade of their documentation.. in their sk122706.</P><P class="">This guide will help you to exclude folder and and sub-folders and files</P><P class=""><A href="https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.SearchResultMainAction&amp;eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk122706">https://supportcenter.checkpoint.com/supportcenter/portal?action=portlets.SearchResultMainAction&amp;eventSubmit_doGoviewsolutiondetails=&amp;solutionid=sk122706</A>&nbsp;<BR /></P><P class=""><BR /></P><P class="">Will check which blades we use and get back to you.</P><P class=""><BR /></P><P class="">Thanks</P><P class="">Kim</P></BODY></HTML> Tue, 20 Mar 2018 06:37:01 GMT https://community.checkpoint.com/t5/Endpoint/Endpoint-on-domain-servers/m-p/36393#M911 Kim_Moberg 2018-03-20T06:37:01Z https://community.checkpoint.com/t5/Endpoint/Endpoint-on-domain-servers/m-p/36394#M912 <HTML><HEAD></HEAD><BODY><P>Joe,</P><P>With Endpoint on servers, with the version E80.71.0232, we run the following blades.</P><P></P><P>Anti-Malware<BR />Sandblast Forensics, Remidiation and Anti-Ransomware<BR />Sandblast Agent Anti-bot<BR />Sandblast Agent Treat Extraction and Emulation</P><P></P><P>We have in the first place disabled the firewall, because we not able to control the firewall rules like in the secure gateway. We had create one policy with all the needed open ports or create one policy per server.</P><P>It is something we will dig into in the near future if time allow us to do so <span class="lia-unicode-emoji" title=":slightly_smiling_face:">🙂</span></P><P></P><P>Thanks</P><P>Kim</P></BODY></HTML> Tue, 20 Mar 2018 07:20:23 GMT https://community.checkpoint.com/t5/Endpoint/Endpoint-on-domain-servers/m-p/36394#M912 Kim_Moberg 2018-03-20T07:20:23Z