Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Eugene_Tcheby
Employee Alumnus
Employee Alumnus

Sandblast Cloud for Office 365 ---> CloudGuard SaaS migration Step by Step - version 1.1

Hi everyone,

I've put together a step by step guide about Sandblast Cloud for Office 365 ---> CloudGuard SaaS (Office 365 emails) migration.

This document can also serve as guide to help new customers setup their CloudGuard SaaS portal and connect to their Office 365 account. Looking forward to your feedback and questions. 

7 Replies
Jeroen_Demets
Collaborator

Hi, thanks for your document!

A little suggestion: Threat Extraction is a new feature for CloudGuard SaaS and isn't shown yet in your screenshots. SandBlast Cloud had that feature already but the first versions of CGS didn't.

Kim_Moberg
Advisor

Hi Eugene,

Thanks for the sharing the document.

Do you have suggestion or best practice for implementing E-mail Threat Detection Policy?

I've asked this question but no one have made any comments yet

Best practice for implementing CG SaaS for O365 E-mail Threat Detection policy 

Do you have any new experience you might be sharing in this forum?

Thanks

Kim

Best Regards
Kim
Blason_R
Leader
Leader

Hi there,

How do I identify my portal name to start the journaling rule? I need to implement for one customer and I am being a partner to checkpoint have activated it for myself but wondering what could be portal name so that mails will start scanning or pass through the office 365?

Thanks and Regards,
Blason R
CCSA,CCSE,CCCS
Eugene_Tcheby
Employee Alumnus
Employee Alumnus

Hi Blason,

Sorry for late response. Once your portal is created on Check Point Infinity Portal , it's still needs to be approved on the back end by one of our threat prevention experts which is at the moment still a manual process. Therefore, I would advise to contact your local SE to ensure portal is activated and you would simply login using credentials provided during registration. 

Eugene_Tcheby
Employee Alumnus
Employee Alumnus

Hi Kim,

I apologize for replying just now. 

I would say it depends also on the size of organization. it can be more than one week but the objective to go in detect mode is to have visibility, identifying potential false positive, making security exceptions, and gradually moving inline by fine tuning your policy with specific test users/test groups before globally going inline. 

Kim_Moberg
Advisor

Hi Eugine

I am now running Protect inline have have done this now the last month.

The CG SaaS solution raises more questions due to new functionalities vs Sandblast for O365. It is running smooth now 🙂

I could hope the TAC support was more up to what this CG SaaS can do and also have people to assist to solve issues. 

Experience pending back and forth between agents and no one knows anything about the product. I know its now a new product so I am patient. 🙂

Thanks

Kim


Best Regards
Kim
Eugene_Tcheby
Employee Alumnus
Employee Alumnus

I understand, although product became GA only this past December.

In the meantime feel free to leverage me, Checkmates and I'll make sure you get all the help you need and/or direct you to the right resources.

Upcoming Events

    CheckMates Events