cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Tal_Eisner
inside Endpoint Security Products 30m ago
views 6 1 1
Employee+

Forrester names Check Point a Leader in Endpoint Security Suites

    Forrester Research, Inc. conducted an extensive, in-depth analysis of endpoint security features amongst 15 different enterprise cyber security solutions. They evaluated 25 criteria, including malware prevention, data security, mobile and a zero-trust framework alignment.Check Point’s SandBlast Agent supplies a comprehensive enterprise endpoint security solution, assuring organizations are protected from advanced zero-day attacks. Some key features of the solution include Threat Emulation, Threat Extraction, Anti-Ransomware, Zero-Phishing, and more.The criteria in which Check Point obtained the highest possible scores in Enterprise Endpoint Security were: Malware prevention Exploit prevention Secure configuration management Data security Mobile Zero-trust framework alignment Download the report to learn about Forrester’s evaluation of the endpoint security market and why Check Point was recognized as a leader.From the report:“Check Point’s focus on integrating the endpoint security capabilities with its network security portfolio has led to one of the tightest integrations between the two layers in this study, helping customers to enforce a Zero-Trust approach on their endpoint devices.”The Forrester Wave™: Endpoint Security Suites, Q3 2019
Chinmaya_Naik
Chinmaya_Naik inside Endpoint Security Products 5 hours ago
views 2196 4

How to recover the data on the encrypted Hard Disk (Full Disk Encryption)

Hii Team,Requirement: How to recover the data on the encrypted Hard Disk.I follow the sk105523 to make the below process.Step 01: Remove the HARD Drive from encrypted PC.Step 02: Connect to the Another PC (Example: HOST_A) through USB port by using a converter to access the Hard Drive (Encrypted PC).Note: HOST_A must have Endpoint Security Client installed with FD blade enabled. (E80.51 or Above)Step 03: GO to location "%programfiles(x86)%\CheckPoint\Endpoint Security\Full Disk Encryption" on HOST_A.Note: You found the "FDE_Drive_Slaving.exe".After complete above step follows the below final step.Step 04: Open the "FDE_Drive_Slaving.exe" then select the Drive of encrypted PC and start to recover.NOTE: Make sure you open the FDE_Drive_Slaving.exe utility as an administrator, and once that is open connect the mounted drive.  Connecting the mounted drive before opening the FDE_Drive_Slaving.exe utility may sometimes not work correctly. (Thanks Steve_Lander for this information) Once the drive shows up on the list, you can click on it and unlock it with FDE credentials.Also Please suggest If any other simple procedure apart from using "Dynamic Mount Utility".Regards@Chinmaya Naik
sharkbone
sharkbone inside Endpoint Security Products 9 hours ago
views 203 10

Screenmirroring (Miracast) connection error

We have had the scenario where our Screen mirroring via Miracast or any other technology works only after uninstalling Checkpoint VPN/Firewall software from the affected client. Research shows that most third party VPN solutions identify WiFi Direct (the underlying technology for Miracast/screensharing) as a "Split Tunnel" connection and deem it a risk to security so they disable the functionality.Are there alternative workarounds to this instead of totally uninstalling Checkpoint in order to get this working? We can only keep Checkpoint as our endpoint security solution (vpn / firewall) if we find a permanent solution to this problem or else management will be forced to turn to another solution. Refer to this post https://superuser.com/questions/1353896/miracast-connection-error-after-joining-ad-domain
Alex_Gilis
Alex_Gilis inside Endpoint Security Products 12 hours ago
views 76 2

Chrome 77 & Sandblast Agent

Since Chrome update to version 77, it's impossible to open PDF anymore when the Sandblast Agent extension is present and the user doesn't have admin rights. Clicking on a link supposed to open a PDF opens a new tab with an empty page and "About:blank" in the URL.If a user has admin rights, it works. If the tab is open in an incognito page, it works. Using IE (no agent there), it also works. Obviously, it's out of the question to give admin rights to the full user base. This behavior was seen with E80.92 & E81.30. If I uncheck "Protect web downloads" and choose "Do not emulate web content" in the policy for Antimalware & TP, nothing changes. Workaround now is to instruct users to go Incognito or use IE for some specific business-related websites, but it's not really handy. I couldn't find specific errors in the logs.Any idea before I make a TAC case?

Endpoint client server IP change

Hi,Is there any way to change management server IP in Endpoint Client?or can we add a secondary source to update the database?ThanksBalakrishna 

How to exclude IP addresses in SB4B for Chrome.

Hi Team,I have EPM 80.30 and agent 81.30 with sandblast for Chrome plugin is installed automatically. However I exlcuded certain domains under AntiRansomware. Threat Extraction blade since the browser was stopping certain PDF files and creating lot of issues.However after exlcuding domain things have started working fine. Now my wuery is the agent is creating an issue for internal portals as well which are being accessed using IP addresses.http://172.16.8.7/interna/agent.aspxIf I exlcude the IP addresses the log shows the exceptions hence wanted to know if there are other ways to bypass the IP addresses from scanning? TIABlason R 

How to create script to see active endpoint users.

Hi Everyone,Can one help me to create script to see active endpoint users in Check Point R80. Thanks in advance for your kind support. 

Checked SmartCards for preBoot authentication

Hi,Can any one experienced advice some checked SmartCards models for preBoot authentication for CP EndPoint?The problem is that we were using attached compatibility list to choose compatible SmartCard. We've chosen IDPrime 830 and get that our card IDPrime 830 is not compatible, because has Revision B.This card have also another Revision A, but our partner told, that this revision was replaced by Revision B, which is no supported.
Blason_R
Blason_R inside Endpoint Security Products Tuesday
views 90 1

Only 14 Policy servers can be added in Console

Hi Guys,I am implementing EPM suite and we have to add around 17 Policy servers however adding EPM option is disable after 14. Has anyone seen this behavior before?TIABlason R

smartcard for pre-boot authentication with FDE

Hello CheckMates,has anyone any experience with certificates stored on smartcards and using this for pre-boot authentication with FDE, Windows-Logon and VPN ?Any advice which cards are supported ?Wolfgang
Ankit
Ankit inside Endpoint Security Products a week ago
views 76 2

EPM_Policy server Miscommunication issue

Hello team ,  We are implementing EPM server with unlimited Policy server and will be deploying 15 policy servers across. Issue:- As system from kolkata location should be connecting to kolkata location policy server. But its connecting to some other location policy server. how to rectify this issue.It must be connecting to nearest policy server....Please rectify the issue.
Ankit
Ankit inside Endpoint Security Products a week ago
views 82 2

EPM_Eval License Issue

Hello Team,We are implementing EPM server with unlimited Policy server and will be deploying 15 policy servers across. Since EPM license is attached to Mgmt Server how do I license Policy servers.Since those says we are running on Eval licenses
Kilian_Huber
Kilian_Huber inside Endpoint Security Products a week ago
views 2465 8 1

Endpoint Security on VMware Horizon View with Instant Clones

Does anybody have any experience with running Endpoint Security in a VMware Horizon View infrastructure with instant clones? I have found two related threads on CheckMates here (here and here) but they are not really conclusive to me.If working with Instant Clones, the EP client would be deployed on the master image. Whenever a new VDI session is being established to Horizon View, a new clone of this image would be deployed. However, since the EPGUID of the master is already registered with the EPS server, the clone would not be able to synchronize with the EPS server (duplicate EPGUID on the server). Are my assumptions correct? Is there any design guide or paper whatsoever on this subject? I can't find anything neither in SK nor in the admin guides. I also cannot find an explicit statement as to the support of Endpoint Security with VMware Horizon View.
ritenm
ritenm inside Endpoint Security Products a week ago
views 86 2

Local Policy Server connecting issue with local agent

I am unble to connect my local agent with local policy server in management server R80.20 its connecting to other location of policy server. For Ex : If i have Mumbai policy server deployed so agent is connecting to Bangalore policy server etc.
Danny_Olson
Danny_Olson inside Endpoint Security Products 2 weeks ago
views 95

Windows 10 and 1903 issue?

Hello All, has anyone seen this error before? We have 81.10.7191, but this happens on the 81.30.8020 as well. It's not a consistent issue.  We have deployed multiple builds of 1903. we have used .116, .239, .267, .295, .329, .356, all in the 18362 build. I am trying to pull some check point deployment logs, and see what i can find. I thought there might be a different build of 81.10 to use, but i don't know there is a different build other than 7191?there is nothing in C:\ProgramData\Check Point\Endpoint Security\Logs\ except for epslog.inithough in C:\ProgramData\Check Point\Endpoint Security\ i do see the following file, and the following info below: EPS_Check Point Endpoint Total Security x64_81.10.7191_200771_msi_log_2.txt I tried 81.30, but the log file does not show up for that for some reason, but it happens in that build as well.  MSI (s) (D4:D8) [17:20:05:053]: PROPERTY CHANGE: Adding WIN_BUILD property. Its value is '18362'.MSI (s) (D4:D8) [17:20:05:053]: Doing action: LaunchConditionsAction ended 17:20:05: AppSearch. Return value 1.Action start 17:20:05: LaunchConditions.MSI (s) (D4:D8) [17:20:05:053]: Product: Check Point Endpoint Security -- Check Point Endpoint Agent requires Windows 7 SP1 or a greater Windows version up to Windows 10.0.18200 I have tried to install all the latest windows updates, no change.