This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Gro_Tea
Contributor
‎2022-08-09 11:42 PM
Jump to solution

Missing feature in HEC: define attachment types to be blocked

Hello,

we are on our way migrating to HEC and in our former SEG we blocked most potentially dangerous files (exe, bat, ...) as well as old MS Office formats like .doc, xls, ppt etc. by default. Now I see that this feature is not availabe in HEC. Why? Is the strategy, that HEC is so good in discovering malware or malicious files, that there is no need to block certain attachments? Not even exe? 

I think it would be worth a feature request for defining attachment types beeing blocked by default.

Thanks,

Frank

0 Kudos
1 Solution

Accepted Solutions
SimonDrapeau
Employee
Employee
‎2023-11-30 06:36 AM
Jump to solution

 

Menu Settings / Anti-Malware Exceptions / Block-List / Create Block-List Rule 

 

 

 

 

View solution in original post

Preview file
64 KB
0 Kudos
4 Replies
Chris_Atkinson
Employee Employee
Employee
‎2022-08-10 05:42 AM
Jump to solution

Interested in your feedback, why did you do this in your SEG rather than natively in O365/EOP?

As it currently stands this is something we plan to add in the near term to limit multiple points of management for security controls.

CCSM R77/R80/ELITE
0 Kudos
Gro_Tea
Contributor
‎2022-08-10 05:51 AM
In response to Chris_Atkinson
Jump to solution

Hi,

this was configured in a combination SEG -> Exchange onprem, prior to moving to O365. We left the configuration there, because we dont want several administrative frontends (SEG, EOP). Would be nice to have the possibility to configure it in HEC.

Frank

Chris_Atkinson
Employee Employee
Employee
‎2022-08-10 05:56 AM
In response to Gro_Tea
Jump to solution

Can confirm it's in the near term plans. 🙂

CCSM R77/R80/ELITE
0 Kudos
SimonDrapeau
Employee
Employee
‎2023-11-30 06:36 AM
Jump to solution

 

Menu Settings / Anti-Malware Exceptions / Block-List / Create Block-List Rule 

 

 

 

 

Preview file
64 KB
0 Kudos
Trending Discussions
HEC temporary bypass - possible?
Upcoming Events

    CheckMates Events