Showing results for 
Search instead for 
Did you mean: 
Create a Post

New mechanism for inspecting files

According to sk144293, one new feature brought by R80.30 is the following:"Endpoint and Network compatibility including a new mechanism that inspects files just once, either by the Security Gateway or by the Endpoint Client, eliminating redundancy."Could somebody please clarify for me what that mechanism is as I struggle to find it in the R80.30 admin guide.Many thanks.
DRC inside Endpoint Security Products 7 hours ago
views 67 2

Error 0x5001604 (0) when write response in FDE, so no decrypt volume

Hello, I have my hard drive with Windows problems, so I am using the FDE booting thru USB, I have the challenge and response.When write the correct response and click OK button, an error appears and the drive is not decrypted. I tryed in different computers and is the same problem. Why happen this? what is the solution?Thank you for your help in advance
Hrvoje_Brlek inside Endpoint Security Products yesterday
views 386 9

Enable any port on Register to Hotspot (SmartEndpoint or Global Properties)

Hi,We are using Endpoint Security clients from E80.87 to E82.10, on approximately 1000 users. Our firewall gateway is on version R80.30, and our Endpoint Security Management Server is also on R80.30 (with two external Endpoint Policy Servers). As we have a lot of roaming users we need the ability to use the Register to Hotspot functionality with all ports open during the registration.I followed the sk41586 and defined the any_port through GuiDBedit tool, and applied it on the Global Properties (see attachment below) on the firewall gateway. But, as we are using the SmartEndpoint console, there is also the ability to define the ports to be used for Hotspot registration (Policy -> Allow hotspot registration). How can I define the any_port through SmartEndpoint, what value do I have to use (see attachment below)? There is no description in the admin guide what to use for any port if you define it through SmartEndpoint. And the thing that confuses me the most. What configuration will be applied on the client side when connected to VPN, the one defined on the gateway in Global Properties or the one defined in the SmartEndpoint Policy? Below is the configuration I get in trac.config when I connect to the VPN:<PARAM fw_hotspot_ports="&lt;any_port>"></PARAM><PARAM fw_hotspot_ports="443"></PARAM><PARAM fw_hotspot_ports="80"></PARAM><PARAM fw_hotspot_ports="8080"></PARAM><PARAM fw_hotspot_ports="8080"></PARAM><PARAM fw_hotspot_ports="8444"></PARAM> Thanks,Hrvoje  

Endpoint Security / SandBlast Agent Newsletter - Version – E82.00 for macOS GA

Hi all, We are happy to announce the release of Endpoint Security Client E82.00 for macOS to general availability. E82.00 introduce new functionalities and quality improvements. The complete list of improvements can be found in the version release’s Secure Knowledge sk158913   Support for macOS Catalina E82.00 support the macOS version 10.15 AKA Catalina   Forensic support SandBlast Agent Forensics enables automated data analysis for detailed insights into threats: Continuously collects run-time events and occurrences in the system for effective forensics analysis. Automatically builds actionable Forensics reports with important attack information. Generate the full attack flow and automated remediation. Ease the security analyst work with ability to fully understand the attack, its impact and remediation actions taken. Integrates monitoring and investigation of security events through SmartEvent and SmartLog   Additional enhancement: New user interface aligned with the look-and-feel of SandBlast Agent for Windows This release includes stability, quality and performance fixes   
ake_schmidi inside Endpoint Security Products yesterday
views 3807 23

kernel panic macOS 10.15 Beta (19A526h) Catalina

Hello TogetherI have with the latest beta of macOS Catalina some kernel panics when macOS is starting up.Installed versions:Endpoint Security: E80.89macOS: 10.15 Beta (19A526h)Is there already a new version? Or does anyone have a workaround?

How URL filtering and Application control work in Checkpoint Firewall

Hello Everyone, I want to know about "how URL filtering and Application Control work in checkpoint Firewall:.  Thanks in advance!!!

Endpoint E80.89 on MacOS 10.15.2 - No Endpoint icon on top menu

We had a Mac returned to us running 10.12.6 and E80.64.  We decrypted and uninstalled Endpoint, upgraded MacOS to 10.15.2, then installed E80.89.Everything seems to be working except the padlock icon is not appearing in the top menu.  I can search for "Endpoint Security" and manually run it, then it does appear, but after a reboot it doesn't automatically load.I've built a few machines with both this version of Endpoint and OS before and not seen this, although I think this might be the first which had a previous version before.Perhaps something got left behind of the old version?  What would be the simplest way to ensure the icon gets loaded corretly for all users, without having to add the application as a startup item for each and every user, which would be tedious.The other thing I just noticed is that on a Mac that shipped with 10.15.1 installed, the icon does load and its menu has a "Connect" option.On the upgraded Mac, I can run Endpoint, with no "Connect" option, and cannot configure VPN from within the client either, but I can also manually run "Endpoint Security VPN", which then gives me two icons on the top menu!Howard


Is there a way to blacklist applications by filehashes? If so how do I do it. Thanks!
PBOON inside Endpoint Security Products Friday
views 251 3

Enforce Policy Firewall fail on MAC 10.15.2

I got the error message Enforce Policy Firewall fail while connecting to VPN on MAC 10.15.2 on Check Point Security Endpoint E82.00. Anyone face the same issue and how to solve this?
Sucream inside Endpoint Security Products Thursday
views 124 1

Client information is missing in SmartEndpoint

Hello,We have problem with displaying EPS Client status in SmartEndpoint console.After upgrade Smart Endpoint Management (method:CPUSE) from R80.20 to R80.30 Endpoint Client status is missing in SmartEndpoint. We have problem with all clients.On the user host - EPS client status is compliant and all blades have been installed correctly. Tested with SmartConsole:R80_30_jumbo_HF_B36R80_30_jumbo_HF_B42 EPS client:-versions:   E81.10, E81.30, E82.00, E82.10, E82.20-blades: Anti-Malware, Compliance, Firewall, App Control Any ideas? Best,  
Sergo89 inside Endpoint Security Products a week ago
views 283 4

Endpoint Security VPN, remotely create site

Hello,do we have any way how to push a new VPN Site address to Endpoint Security clients (create it)? i know we can play with MSI file and trac.defaults, but endpoint client deployed on 500 computers already (we began from Endpoint and gateway should be next step).Advanced Package settings in SmartEndpoint looks like change MSI file also.And do we have any feature in SmartEndpoint for VPNs, because its part of client....please advise.thanks
J_Saun inside Endpoint Security Products a week ago
views 440 2

Firewall not forwarding traffic - policy unloaded

We have a 5000 series appliance that has not been added to a management station yet. In order to permit traffic through temporarily while we build other components we issues the 'fw unloadlocal' command. When we try to route through the firewall (using ping from a src outside one int and destined for a host on a different int) we see it get processed on the inbound interface (little i and big I) but it never leaves the destination interface.We have verified we can ping the destination and that a route exists.With the policy unloaded AND the firewall not being part of a management station would it not just act as a router and process traffic? Is there a debug command that can tell us whats going on?
Mahdi_Haghani inside Endpoint Security Products a week ago
views 357 3

MFA for remote VPN users

Hi Guys,In my organization we have many people that using checkpoint VPN software to connect to work space.Could we make the authentication more secure with some kind of the MFA? Looking for some solution purely by checkpoint if its possible.Would appreciate if you can share your experience.Regards,Mahdi 
Terry inside Endpoint Security Products 2 weeks ago
views 259 2

Endpoint Security VPN IP Pools

Hello, We have Checkpoint VPN setup on R77.30. One of the requirements is that we have a separate "DHCP" assignment for network engineers to allow for more significant restrictions on everyone else. I can't think of a way to do this with IP Pools. Has anyone had this requirement in the past? How did you accomplish this? 
Lubomir_Cerny inside Endpoint Security Products 2 weeks ago
views 169

Endpoint E82.20 - no pre-boot background image

Hi folks.I am testing upgrade from E82.10 to E82.20 on Windows10 and new 82.20 version ignores background image policy settings. E82.10 is OK, Policy updated with current R77.30.03 EPS console.This is just cosmetic issue, all other features is working.Any glue where to search? Can anybody confirm this also ?thx.