cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Aleksandrs_Pisk
Aleksandrs_Pisk inside Endpoint Security Products 2 hours ago
views 283 1

Checked SmartCards for preBoot authentication

Hi,Can any one experienced advice some checked SmartCards models for preBoot authentication for CP EndPoint?The problem is that we were using attached compatibility list to choose compatible SmartCard. We've chosen IDPrime 830 and get that our card IDPrime 830 is not compatible, because has Revision B.This card have also another Revision A, but our partner told, that this revision was replaced by Revision B, which is no supported.
Blason_R
Blason_R inside Endpoint Security Products yesterday
views 24

How to exclude IP addresses in SB4B for Chrome.

Hi Team,I have EPM 80.30 and agent 81.30 with sandblast for Chrome plugin is installed automatically. However I exlcuded certain domains under AntiRansomware. Threat Extraction blade since the browser was stopping certain PDF files and creating lot of issues.However after exlcuding domain things have started working fine. Now my wuery is the agent is creating an issue for internal portals as well which are being accessed using IP addresses.http://172.16.8.7/interna/agent.aspxIf I exlcude the IP addresses the log shows the exceptions hence wanted to know if there are other ways to bypass the IP addresses from scanning? TIABlason R 
Blason_R
Blason_R inside Endpoint Security Products yesterday
views 77 1

Only 14 Policy servers can be added in Console

Hi Guys,I am implementing EPM suite and we have to add around 17 Policy servers however adding EPM option is disable after 14. Has anyone seen this behavior before?TIABlason R
Wolfgang
Wolfgang inside Endpoint Security Products yesterday
views 45

smartcard for pre-boot authentication with FDE

Hello CheckMates,has anyone any experience with certificates stored on smartcards and using this for pre-boot authentication with FDE, Windows-Logon and VPN ?Any advice which cards are supported ?Wolfgang
sharkbone
sharkbone inside Endpoint Security Products Saturday
views 159 9

Screenmirroring (Miracast) connection error

We have had the scenario where our Screen mirroring via Miracast or any other technology works only after uninstalling Checkpoint VPN/Firewall software from the affected client. Research shows that most third party VPN solutions identify WiFi Direct (the underlying technology for Miracast/screensharing) as a "Split Tunnel" connection and deem it a risk to security so they disable the functionality.Are there alternative workarounds to this instead of totally uninstalling Checkpoint in order to get this working? We can only keep Checkpoint as our endpoint security solution (vpn / firewall) if we find a permanent solution to this problem or else management will be forced to turn to another solution. Refer to this post https://superuser.com/questions/1353896/miracast-connection-error-after-joining-ad-domain
Ankit
Ankit inside Endpoint Security Products Saturday
views 69 2

EPM_Policy server Miscommunication issue

Hello team ,  We are implementing EPM server with unlimited Policy server and will be deploying 15 policy servers across. Issue:- As system from kolkata location should be connecting to kolkata location policy server. But its connecting to some other location policy server. how to rectify this issue.It must be connecting to nearest policy server....Please rectify the issue.
Ankit
Ankit inside Endpoint Security Products Saturday
views 71 2

EPM_Eval License Issue

Hello Team,We are implementing EPM server with unlimited Policy server and will be deploying 15 policy servers across. Since EPM license is attached to Mgmt Server how do I license Policy servers.Since those says we are running on Eval licenses
Kilian_Huber
Kilian_Huber inside Endpoint Security Products Friday
views 2450 8 1

Endpoint Security on VMware Horizon View with Instant Clones

Does anybody have any experience with running Endpoint Security in a VMware Horizon View infrastructure with instant clones? I have found two related threads on CheckMates here (here and here) but they are not really conclusive to me.If working with Instant Clones, the EP client would be deployed on the master image. Whenever a new VDI session is being established to Horizon View, a new clone of this image would be deployed. However, since the EPGUID of the master is already registered with the EPS server, the clone would not be able to synchronize with the EPS server (duplicate EPGUID on the server). Are my assumptions correct? Is there any design guide or paper whatsoever on this subject? I can't find anything neither in SK nor in the admin guides. I also cannot find an explicit statement as to the support of Endpoint Security with VMware Horizon View.
ritenm
ritenm inside Endpoint Security Products Friday
views 76 2

Local Policy Server connecting issue with local agent

I am unble to connect my local agent with local policy server in management server R80.20 its connecting to other location of policy server. For Ex : If i have Mumbai policy server deployed so agent is connecting to Bangalore policy server etc.

Windows 10 and 1903 issue?

Hello All, has anyone seen this error before? We have 81.10.7191, but this happens on the 81.30.8020 as well. It's not a consistent issue.  We have deployed multiple builds of 1903. we have used .116, .239, .267, .295, .329, .356, all in the 18362 build. I am trying to pull some check point deployment logs, and see what i can find. I thought there might be a different build of 81.10 to use, but i don't know there is a different build other than 7191?there is nothing in C:\ProgramData\Check Point\Endpoint Security\Logs\ except for epslog.inithough in C:\ProgramData\Check Point\Endpoint Security\ i do see the following file, and the following info below: EPS_Check Point Endpoint Total Security x64_81.10.7191_200771_msi_log_2.txt I tried 81.30, but the log file does not show up for that for some reason, but it happens in that build as well.  MSI (s) (D4:D8) [17:20:05:053]: PROPERTY CHANGE: Adding WIN_BUILD property. Its value is '18362'.MSI (s) (D4:D8) [17:20:05:053]: Doing action: LaunchConditionsAction ended 17:20:05: AppSearch. Return value 1.Action start 17:20:05: LaunchConditions.MSI (s) (D4:D8) [17:20:05:053]: Product: Check Point Endpoint Security -- Check Point Endpoint Agent requires Windows 7 SP1 or a greater Windows version up to Windows 10.0.18200 I have tried to install all the latest windows updates, no change.   
Herson_A
Herson_A inside Endpoint Security Products Thursday
views 106 5

SmartEndpoint changing the number of total endpoints

Each day I open the SmartEndpoint I found different totals of endpoint installed, sometimes it goes up and sometimes goes down.What could be the reason for that, as I need to send a report to my CISO every week.How does heartbeat work to check if a machine is alive? 
RyanJohnson
RyanJohnson inside Endpoint Security Products Thursday
views 204 8

Creating a simple VPN connection (Having a nightmare)

Hi everyone,  I have a CheckPoint 3000 Application running  R80.10 software.  I have been attempting to create a simple VPN setup for the last few weeks and failing miserably.  What I want to achieve. I want to be able to have clients use the CheckPoint VPN client software, to connect to my CheckPoint appliance and access the local LAN.  I have followed a number of guides to no avail, I'm hoping someone has set this up on their appliance and can point me in the right direction.  Cheers

R80:10 Jumbo fix upgrade verification message clarification

HiWe got the following message when doing the Installer Verify checks prior to a Jumbo Hotfix install on our R80:10 Open Server Security GatewayInstallation is allowed but with additional text about file differencesIs this just an Informational message or do we need to be concerned?We backed out of applying until we could clarify the messageThank youESMFWE01> installer verify 1Info: Initiating verify of Check_Point_R80_10_JUMBO_HF_Bundle_T189_sk116380_FULL.tgz...Interactive mode is enabled. Press CTRL + C to exit (this will not stop the operation)Result: Installation is allowed. Relation between the installed packages and the verified package: * R80_10_JUMBO_HF contains files whose content is contained in the verified package, and additional files that are not present in the verified package. * R80_10_New_Image contains files whose content is contained in the verified package, and additional files that are not present in the verified package.

Access rule based on endpoint conditions?

Hi,Is it possible to have a VPN network access rule depending on an endpoint condition?Example:A user is connecting by VPN from a FDE encrypted device. An access rule should allow traffic.The same user is connecting from another device without FDE, this access rule should not allow traffic.Can this be done?

How to create script to see active endpoint users.

Hi Everyone,Can one help me to create script to see active endpoint users in Check Point R80. Thanks in advance for your kind support.