Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Contributor

How do I disabled endpoint on a client

Does anyone know how to quickly disable all endpoint blades on a client machine, for say software installation or troubleshooting?

I was given the idea of using a policy to disable blades, but that only disables some blades, not all, and it really isn't very convenient when you're just troubleshooting or doing a quick install. 

Any ideas?

Thanks 

Tags (1)
7 Replies
Highlighted
Admin
Admin

Unfortunately, the only way to disable blades is through use of policy.

If this doesn't work as you expect, you need to work with the TAC to understand why.

How To Open a Case with TAC and/or Account Services

0 Kudos
Highlighted
Participant

Kevin, Tech support can provide you with a file named passdialog.exe

You run it, type in the uninstall password you have set.

Change the blade service to disabled.

Stop the blade service via task manager.

Highlighted
Contributor

I actually was provided that file, but it didn't work properly for us. 

Using the policy method does work, except for the firewall. I was told that this year they will be coming out with a method to completely disable endpoint on the client. See what happens. 

0 Kudos
Highlighted
Contributor

Hi Team,

I have the same requirement,please let me know if we can the disable the endpoint client on the user machine or from the Endpoint Console for temporary purpose(for troubleshooting).

0 Kudos
Highlighted
Advisor

Any news on this subject?.
We have the same requirement from a customer to be able to quickly disable the blades/protections only for troubleshooting purposes.
0 Kudos
Highlighted
Admin
Admin

From a security perspective, this doesn't seem like a great idea.
If I can execute some command that disables the security blades, so can a potential attacker.
Or an unsuspecting user could be "socially engineered" to do it.
That's just my take.

That said, if this is a hard requirement, I recommend engaging with your local Check Point office.
Highlighted
Advisor

thank you for your answer PhoneBoy. I agree with you about the security risks that this would imply if the user could do it, but it would be very useful if this could be done with a push from SmartEndpoint.

I think SBA solution is really excellent in terms of security, but it lacks the ability to provide more tools/options for troubleshooting that can assist the helpdesk team.

Typically these endpoint solutions are also managed on the front line by a help desk team (not directly by a security or incident response team) who value the fact that the solution has a tool that provides them with the ability to manage 1000 or more devices.
0 Kudos