Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
kanah
Ambassador
Ambassador

HEC Protection mode

Jump to solution

When do customers use detect and remediate protection mode in HEC?

CheckPoint recommend Prevent (Inline) mode, but what is useful for customer  when they decide to create policy in detect and remediate mode? 

 

0 Kudos
1 Solution

Accepted Solutions
Chris_Atkinson
Employee
Employee

Customers often start in Detect modes during their initial pilot / onboarding and later shift towards Prevent when comfortable. 

This allows time to tune settings and analyse detections or perform comparison with existing solutions where necessary. 

View solution in original post

0 Kudos
3 Replies
Chris_Atkinson
Employee
Employee

Customers often start in Detect modes during their initial pilot / onboarding and later shift towards Prevent when comfortable. 

This allows time to tune settings and analyse detections or perform comparison with existing solutions where necessary. 

0 Kudos
kanah
Ambassador
Ambassador

Thank you!

How about detect and remediate mode? 

When is it useful for the customers?

0 Kudos
Chris_Atkinson
Employee
Employee

It ultimately helps to provide a phased approach to introducing the technology:

In Detect/Monitor mode, Office 365 Emails are delivered to end-users immediately. In parallel, CloudGuard SaaS inspects emails but takes no immediate remediation action if it finds malicious content. Visibility is provided for administrators.

In Detect and Remediate mode, Office 365 Emails are delivered to end-users immediately. In parallel, CloudGuard SaaS inspects emails and automatically takes a remediation action if it finds malicious content. In this mode user notifications and quarantine release workflows are available.

Protect (Inline) mode provides the highest level of protection and scans emails prior to delivery to the end user’s mailbox. Leveraging the same SaaS email provider API’s and implementing mail flow rules Harmony Email & Collaboration can scan email with a best of breed security stack to protect end users from malware, data leaks, phishing attacks and more. Scanning and quarantining takes place before email is delivered to the user’s mailbox. This mode insures that threats are detected and remediated before the user has access to the email.

0 Kudos