- CheckMates
- :
- Products
- :
- Developers
- :
- API / CLI Discussion
- :
- Re: Sandblast Cloud emulation integration with Fir...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Sandblast Cloud emulation integration with Fireglass via API
Dear Experts,
I 'd like to ask if anybody has experience with Fireglass integration with Sandblast Cloud emulation via API. Is there a timeout when file being hold in Sandblast cloud for too long? I have an ongoing POC, it seems we can not see the Sandblast logs from Fireglass management portal, is this common?
Regards,
Coco
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Coco, have you made the integration between Check Point and web isolation (fireglass now Symantec)?
Antonio
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Antonio,
We did a POC with Symantec, apparently the API integration still stays. The enforcement point is on Fireglass portal, Sandblast provides emulation and extraction results. but no visibility in Sandblast logs. But there is no further development on this integration after Fireglass acquired by Symantec.
Regards,
Coco
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks Coco for sharing your experience.
I've read a Symantec document where in the Download profile of the Web Isolation appliance you can decide to use Check Point Sandblast for the file sanitization, but is necessary to fill a lot of paramters (example Sandblast API key, etc...and are not well documentated).
Somewhere else instead I've seen a diagram, where seems is possible on Check Point to do a selective redirect of the web traffic with a rule (that use the UserCheck interaction) on the Check Point gateway for redirect the traffic to the isolation appliance for the browser isolation...
But all the documents that I've read are poor of informations and examples of this specific configuration.
Regards,
Antonio