Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
kanah
Ambassador
Ambassador
Jump to solution

HEC Protection mode

When do customers use detect and remediate protection mode in HEC?

CheckPoint recommend Prevent (Inline) mode, but what is useful for customer  when they decide to create policy in detect and remediate mode? 

 

0 Kudos
1 Solution

Accepted Solutions
Chris_Atkinson
Employee Employee
Employee

Customers often start in Detect modes during their initial pilot / onboarding and later shift towards Prevent when comfortable. 

This allows time to tune settings and analyse detections or perform comparison with existing solutions where necessary. 

CCSM R77/R80/ELITE

View solution in original post

0 Kudos
3 Replies
Chris_Atkinson
Employee Employee
Employee

Customers often start in Detect modes during their initial pilot / onboarding and later shift towards Prevent when comfortable. 

This allows time to tune settings and analyse detections or perform comparison with existing solutions where necessary. 

CCSM R77/R80/ELITE
0 Kudos
kanah
Ambassador
Ambassador

Thank you!

How about detect and remediate mode? 

When is it useful for the customers?

0 Kudos
Chris_Atkinson
Employee Employee
Employee

It ultimately helps to provide a phased approach to introducing the technology:

In Detect/Monitor mode, Office 365 Emails are delivered to end-users immediately. In parallel, CloudGuard SaaS inspects emails but takes no immediate remediation action if it finds malicious content. Visibility is provided for administrators.

In Detect and Remediate mode, Office 365 Emails are delivered to end-users immediately. In parallel, CloudGuard SaaS inspects emails and automatically takes a remediation action if it finds malicious content. In this mode user notifications and quarantine release workflows are available.

Protect (Inline) mode provides the highest level of protection and scans emails prior to delivery to the end user’s mailbox. Leveraging the same SaaS email provider API’s and implementing mail flow rules Harmony Email & Collaboration can scan email with a best of breed security stack to protect end users from malware, data leaks, phishing attacks and more. Scanning and quarantining takes place before email is delivered to the user’s mailbox. This mode insures that threats are detected and remediated before the user has access to the email.

CCSM R77/R80/ELITE
Upcoming Events

    CheckMates Events