topic Re: Potential issue with Check Point Endpoint Security in Endpoint

Potential issue with Check Point Endpoint Security

Bachan — Tue, 21 May 2024 16:06:33 GMT

Can anyone Please provide details for the below 2 Queries.

1. Cooperation of Check Point Endpoint Security with ThousandEyes Agent - are there any known cases of problems related to the cooperation of these two applications? ThousandEyes sometimes indicates that there is no communication through the VPN tunnel, although everything is fine, so far we have not found any irregularities on the ThousandEyes side.

2. Is there any rate limiting regarding session setup in the Check Point Endpoint Security? We are asking because when using 1000eyes in a mode where TCP SYN packets are used, we see some drops. When doing the same using Selective ACKs mode (1 TCP session using malformed sequence numbers) we do not see any drops.

Re: Potential issue with Check Point Endpoint Security

PhoneBoy — Tue, 21 May 2024 16:36:49 GMT

Not familiar with any incompatibilities between ThousandEyes and Harmony Endpoint.
The Harmony Endpoint agent includes a firewall, though what it blocks would most likely be dependent on the configuration.

Re: Potential issue with Check Point Endpoint Security

the_rock — Wed, 22 May 2024 02:59:46 GMT

Thousandeyes is more of monitoring, rather than EDR, which is what harmony endpoint is. So as Phoneboy said, there would not be any issues there.

Keep in mind, like with most vendors who are in endpoint space, you got basic vpn client with just vpn capability and then EDR, or endpoint detection and response, which includes threat prevention blades on top of vpn.

Best,

Andy

Re: Potential issue with Check Point Endpoint Security

the_rock — Thu, 17 Oct 2024 14:14:04 GMT

@Bachan Were you able to sort this all out?

Andy

Re: Potential issue with Check Point Endpoint Security

Bachan — Thu, 17 Oct 2024 14:56:01 GMT

Yes, thanks for your inputs.