This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
kanah
Ambassador
Ambassador
‎2022-07-25 02:11 AM
Jump to solution

HEC Protection mode

When do customers use detect and remediate protection mode in HEC?

CheckPoint recommend Prevent (Inline) mode, but what is useful for customer  when they decide to create policy in detect and remediate mode? 

 

0 Kudos
1 Solution

Accepted Solutions
Chris_Atkinson
Employee Employee
Employee
‎2022-07-25 05:23 AM
Jump to solution

Customers often start in Detect modes during their initial pilot / onboarding and later shift towards Prevent when comfortable. 

This allows time to tune settings and analyse detections or perform comparison with existing solutions where necessary. 

CCSM R77/R80/ELITE

View solution in original post

0 Kudos
3 Replies
Chris_Atkinson
Employee Employee
Employee
‎2022-07-25 05:23 AM
Jump to solution

Customers often start in Detect modes during their initial pilot / onboarding and later shift towards Prevent when comfortable. 

This allows time to tune settings and analyse detections or perform comparison with existing solutions where necessary. 

CCSM R77/R80/ELITE
0 Kudos
kanah
Ambassador
Ambassador
‎2022-07-25 05:50 PM
In response to Chris_Atkinson
Jump to solution

Thank you!

How about detect and remediate mode? 

When is it useful for the customers?

0 Kudos
Chris_Atkinson
Employee Employee
Employee
‎2022-07-25 06:40 PM
In response to kanah
Jump to solution

It ultimately helps to provide a phased approach to introducing the technology:

In Detect/Monitor mode, Office 365 Emails are delivered to end-users immediately. In parallel, CloudGuard SaaS inspects emails but takes no immediate remediation action if it finds malicious content. Visibility is provided for administrators.

In Detect and Remediate mode, Office 365 Emails are delivered to end-users immediately. In parallel, CloudGuard SaaS inspects emails and automatically takes a remediation action if it finds malicious content. In this mode user notifications and quarantine release workflows are available.

Protect (Inline) mode provides the highest level of protection and scans emails prior to delivery to the end user’s mailbox. Leveraging the same SaaS email provider API’s and implementing mail flow rules Harmony Email & Collaboration can scan email with a best of breed security stack to protect end users from malware, data leaks, phishing attacks and more. Scanning and quarantining takes place before email is delivered to the user’s mailbox. This mode insures that threats are detected and remediated before the user has access to the email.

CCSM R77/R80/ELITE

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    Top