cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
samuel11
samuel11 inside Endpoint Security Products yesterday
views 147 2

Windows update from 1809 to 1903 with Endpoint Security E82.00 breaks BCD Boot on Probook 640 G4

Has anyone experienced problems with Endpoint Security E82.00 breaking during the feature update to 1903? It's an identical problem to that described in this post:https://community.checkpoint.com/t5/Endpoint-Security-Products/Windows-10-1803-Auto-Upgrade-with-FDE-Failing/m-p/23293#M507The problem occurred on two Probook 640 G4s. Both had Endpoint Security E82.00 installed and Windows 10/1809 with recent security updates. In both cases, bcdboot was enabled (as advised in the other post) and the Bios was up to date.There is a boot loop as the 1903 update tries to finish installing, and Checkpoint is not listed among the devices in the boot menu. Decrypting the hard drive (via recovery media) allowed the 1903 update to complete and the machine to boot to Windows. Checkpoint then was uninstalled and reinstalled from scratch.  
nagaraja_cs
nagaraja_cs inside Endpoint Security Products yesterday
views 118 5

Full Disk Encryption stuck at 99%

Hi Team, FDE is stuck at 99%.OEM partition is not getting encrypting,it is stucked at 0%.Is there any solution for this ?Is there any exclusion we can add so that we can skip  this partition from being encrypted.Attaching the screenshots for the reference.   

Checkpoint Endpoint Blades (User/Machine Based)

Its a Important part when we going to create a new virtual group during implementation to segregate the machine/user with different group.But when you going to create a new virtual group then we able to see two option :Virtual Group (Used for Both User & Machine)Computer Group (Used Only for Machine) Different blades group is use base in the following chart :FDE – Machine BasedMEPP – User BasedOne Check – User BasedCapsule Docs – User BasedAnti-Malware – User BasedAnti -Ransomware, Forensics and remediation – Machine BasedAnti-Bot – User BasedThreat Emulation and Threat Extraction – User BasedCompliance – User BasedURL Filtering – Machine BasedFirewall – User basedAccess Zones – User BasedApplication Control – User BasedClient Settings – User BasedAs per my personal experience use “computer group” for machine based policy even you have a option to create "virtual group" for machine based. Regards@Chinmaya_Naik

Endpoint Security: Active Directory scanner LDAPS

Hi allI ran in problems while setting up Active Directory scanner with LDAPS enabled on a fresh installed R80.40 server.The only error message i got is: unable to establish a connection to the domain controllerI've imported the certificates to keystore and restarted the needed services.With 'bin/keytool -list -keystore lib/security/cacerts certificate.cer -storepass password' I can see the certificate listed. I also installed the intermediate cert.Because I wasn't sure where to install the certs, I've put them in both stores:- $CPDIR/jre_32- $CPDIR/jre_64From the CLI on the CP management server a 'telnet ip.add.re.ss 636' to the Active Directory domain controller is successfull.Another thing I've tried is to change the settings in file$UEPMDIR/engine/conf/ldap.utils.propertiesfrom use.ssl=false to use.ssl=trueThis didn't help either.I tried then the AD sync with LDAP. This was successfull.So it must have something to do with LDAPS. How can I troubleshoot this further?Thanks for a hint... 
J_B
J_B inside Endpoint Security Products Friday
views 180 4 1

Endpoint Policy Server

When pushing out new clients to devices, does the Endpoint Policy Server handle this, or will the new client be downloaded from the Primary Management Server? I was almost sure that the client would be downloaded from the Policy Server that the client is connected to, but it's not really clear within the documentation as it doesn't specify client upgrades?  We're gradually updating 4000+ clients and the comms links are getting hammered, almost as if all the client downloads are coming from the Primary Management Server.The Endpoint Policy Server handles the most frequent and bandwidth-consuming communication. The Endpoint Policy Server handles these requests without forwarding them to the Endpoint Security Management Server:All heartbeat and synchronization requests.Policy downloadsAnti-Malware updatesAll Endpoint Security client logs (the Endpoint Policy Server is configured as Log Server by default).It would be great if you could restrict the Policy Servers to only communicate with certain subnets that you specify, a bit like what you can do with distribution points within SCCM.  There doesn't seem to be any real logic behind the proximity analysis, apart from a simple ping command.

E82.20 allow change always connect setting

Does anyone know how to create a custom .msi file with an already defined site setting and the default always connected change to disabled but still allow users to enable always connect if they wish to? I have followed the documentation for creating my msi and trac.default file but no matter how I configure them the always connect box is always greyed out either with the setting on or off depending on neo_always_connected                                STRING      true                        GW_USER 1 being set to either true or false. I've tried other settings but none seem to help.  Our previous .msi for 81.00 installs our site and allows users to change the setting, I have compared the old and new trac.defaults files but there are not differences besides 82.20 having some new entries, none of which seem to address the problem. Thanks!
MattDunn
MattDunn inside Endpoint Security Products Thursday
views 88 2

Object is viewed in Read Only mode

Odd thing started happening today.  Most (not quite all) service groups are opening in Read Only mode, so I can't edit them.  As per the below screenshot.  Other objects are fine - I can edit at will.I've checked for old sessions.  There are none.  The only session showing is the one I'm logged in with, so nothing else should have any objects locked.I've rebooted, still the same problem.Anyone got any ideas?  I've been on a TAC chat for an hour and getting nowhere....
Gerry_Locke
Gerry_Locke inside Endpoint Security Products Thursday
views 544 18 1

Is there a way?

We recently had a bunch of laptops purchased, and apparently the only way to get them imaged by System Centre is if System Centre is deploying Windows 10 1909. So I updated our task sequence to use Windows 10 1909. Unfortunately, our current version of Checkpoint is 80.82, which won't install on Windows 10 1909......apparently. No problem (or so I thought)......just get a more recent version of Checkpoint. However it seems that all our Checkpoint infrastructure needs to be upgraded before we can use the current version of Checkpoint.So now we are stuck in a hard place - we tell the people who need computers that they can't have them because our antivirus is incompatible - and end up with a bunch of people who are employed to do no work, or we deploy a bunch of machines with no antivirus. The only person who knows anything about Checkpoint is our I.T. manager, who is generally too busy to worry too much about antivirus software, so at this point we have had to take the decision to deploy a bunch of machines with no antivirus.I have tried installing the version that I assume we need (82.10?), but it comes up and says 'no blades selected'Surely it shouldn't be this hard. Isn't there some plain vanilla version of Checkpoint I can install that will at least protect our PCs until someone has time to do the other upgrades required to support this version?
tom_allen
tom_allen inside Endpoint Security Products Thursday
views 126 2

Exclude Powershell Scripts

I have a need to for  a couple of users to be able to run some PowerShell scripts on their PC's. Currently they are getting flagged and the script put in quarantined. Its being flagged as PDM:Trojan.Win32.Generic with the category of riskware. How do I go about setting this up? Thanks!
MattDunn
MattDunn inside Endpoint Security Products Wednesday
views 106 1

FileVault Already Enabled

I've installed the Endpoint client to my first Mac, and FDE doesn't seem to be playing ball.Endpoint Client version:  80.89.0081MAC version:  Catalina 10.15.2I can't find much on SecureKnowledge, but I've tried sk122674, with the following confirmation that Secure token is ENABLED for user...MacBook-Pro:~ user$ sudo sysadminctl -secureTokenStatus userPassword:2020-02-10 16:31:01.101 sysadminctl[25535:209593] Secure token is ENABLED for user userMacBook-Pro:~ user$ It's stuck on acquiring the user, and after many many reboots all I see is this.  Anyone got any ideas? 
abdo
abdo inside Endpoint Security Products Wednesday
views 177 5

create firewall rule for r77.30 from web interface

hiI want to write a script to call r77.30 to create some firewall rules. and as you may know that there is no api for r77.30. if there is a way to create the rule from the web interface (not from smart dashboard] i can intercept the request and build it in my script.if you have any other workaround for this situation please share it with me. thanks
Norbo
Norbo inside Endpoint Security Products Tuesday
views 139 1

E-Mail Server configuration

Hello,I would like to configure the exchange server settings but I have a problem that our server does not have port 25 open outside our organization. We use Checkpoint Smart Edpoint in the cloud. What is the ability to receive email notifications without opening port 25? Thank You.
Prahteesh
Prahteesh inside Endpoint Security Products Tuesday
views 134 1

Windows Server Backup Error 2012 STD

We are using Checkpoint Endpoint Security for antivirus, One of our server we are taking windows backup and it will work for 7 days without any issues , after that it will give the error as this "Error in deletion of [D:\SandBlastBackup\{293aa93b-4a19-11ea-80c5-3863bb3f6ac3}.0.pdf] while runing the target VHD: Error [0x80070005] Access is denied." . If anybody knows please reply . 

Checkpoint Endpoint - Preboot

Dear team,After installing checkpoint endpoint, I rename my computer, and join domain. But it doesn't update on the pre-boot screen. Please help me to fix it.Thank you!
RoD
RoD inside Endpoint Security Products Tuesday
views 164 1

Endpoint Anti-Ransomware and Data snapshots

Hi,I question about Endpoint with Anti-Ransomware on Windows10 and data snapshots.If I understood well, Anti-Ransomware create data snapshots - short-term file backups. I have laptops with two hard disk [ C and D ],and all my personal and company documents and files is on disk D. My question is where Anti-Ransomware create data snapshots, on disk C or disk D ?Thank you