This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Coco_Wang
Employee
Employee
‎2018-10-10 10:09 AM

Sandblast Cloud emulation integration with Fireglass via API

Dear Experts,


         I 'd like to ask if anybody has experience with Fireglass integration with Sandblast Cloud emulation via API. Is there a timeout when file being hold in Sandblast cloud for too long? I have an ongoing POC, it seems we can not see the Sandblast logs from Fireglass management portal, is this common? 

Regards,

Coco

3 Replies
Antonio_Opromol
Contributor
‎2019-03-05 04:07 AM

Hi Coco, have you made the integration between Check Point and web isolation (fireglass now Symantec)?

Antonio

0 Kudos
Coco_Wang
Employee
Employee
‎2019-03-05 04:52 AM
In response to Antonio_Opromol

Hi Antonio,

      We did a POC with Symantec, apparently the API integration still stays. The enforcement point is on Fireglass portal, Sandblast provides emulation and extraction results. but no visibility in Sandblast logs. But there is no further development on this integration after Fireglass acquired by Symantec. 

Fireglass Integrates Isolation Platform with Check Point Next-Gen Firewalls and SandBlast to Elimina... 

Regards,

Coco

0 Kudos
Antonio_Opromol
Contributor
‎2019-03-05 05:55 AM
In response to Coco_Wang

Thanks Coco for sharing your experience.

I've read a Symantec document where in the Download profile of the Web Isolation appliance you can decide to use Check Point Sandblast for the file sanitization, but is necessary to fill a lot of paramters (example Sandblast API key, etc...and are not well documentated).

Somewhere else instead I've seen a diagram, where seems is possible on Check Point to do a selective redirect of the web traffic with a rule (that use the UserCheck interaction) on the Check Point gateway for redirect the traffic to the isolation appliance for the browser isolation...

But all the documents that I've read are poor of informations and examples of this specific configuration.

Regards,

Antonio

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events