cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Blason_R
Blason_R inside Endpoint Security Products 9 hours ago
views 28 1

Can agent exported from one EPM server connect to other?

Hi Folks,Somehow I believe I need to re-format the existing EPM R77.30.03 server due to hard disk failure and unfortunately I do not have a backup of that.Now the only option left in front of me is to create a new R80.30/80.20 server and get the new agent. Wondering if the existing agents deployed on endpoints can they be configured so that they can connect to the new EPM server?Or at the max, I do not have any option left but to deploy new agents, but as a last resort if the above can be done? TIABlason R
TheRealDiZ
TheRealDiZ inside Endpoint Security Products yesterday
views 80 3

Upgrade SmartEndPoint from R77.30.03 to R80.20 with migration

Hi guys, Anyone has already tried to upgrade SmartEndPoint server from R77.30.03 to R80.20?In the R80.20 Install & Upgrade guide is stated :"These instructions equally apply to:• Security Management Server• Endpoint Security Management Server"!Is that true?Anyone that has upgraded a SmartEndPoint before has tips or suggestions about it? I'm concern about for example:1. The FDE feature where the EndPoint keys are stored on SmartEndPoint Server.. what happens to these keys? They will be export via migrate export?2. Software deployment rules are based on a specific client package that will be pushed to EndPoint clients that will match that rule.. When you do an upgrade with migration the current packages will be exported via migrate export or I have to upload them manually on the new machine? Let me know guys.. It will be very very appreciated 😆

1470 - Policy not working working

Hi,I have created two policies in checkpoint 1470 but it is not working properly as expected. The first policy is like -source (new IP group)---Destination (server ip-121)-----services(port no.)---Allow.and other policy is likeSource (any) ----Destination (server ip-121) -----service(any)----Block. After this, I am still able to access the server IP from different IP other then group IP. Allow policyBlock policyAccording to the above policy no one access the IP-121 from unknown IP address, but it not happening.What could be the issue here ?Please help.

Blue screen (PFN_LIST_CORRUPT) after E80.94 to E81.10 upgrade Windows 10 1703

Hi,We've now had two instances where a Windows 10 1703 machine running E80.94 has failed to upgrade correctly to E81.10.The package appears to deploy and install okay. Upon restart the pre-boot screen shows it is running E81.10 but then the OS loads, gets to the login screen and within a few seconds it blue screens with the error:PFN_LIST_CORRUPTFor the first machine, a laptop, I created recovery media for, stripped off FDE, and then performed a system restore to a previous point. I was then able to uninstall the Endpoint software and am in the process of patching the machine to 1809.During the removal of Endpoint I observed that it was still running E80.94, which was the version shown on the recovery key, not E81.10. Perhaps this is the reason for the blue screen.In any case I am about to investigate the second machine and will hopefully have the same workaround.I can say I have successfully upgraded 150 machines to E81.10, with a further 103 awaiting upgrade from E80.94, so these are small numbers, thankfully.Howard
Employee

Endpoint VPN and auto connect before Windows 10 Login Prompt...

Hello, Is there any way to force the Endpoint VPN to prompt for credentials and connect prior to the Windows Login prompt (either via boot-up or returning from sleep / standby mode). This is available on Windows 7 machines however I haven't seen an equivalent feature for Windows 10. I know with location awareness and auto connect you can force the client to prompt the user to authenticate and connect, etc... however the client doesn't prompt the user to connect until they are already logged into Windows and the user can just keep cancelling the prompt and continue to use the laptop without the VPN being connected. Ultimately my customer is trying to ensure that when a user takes their laptop home and boots up / open the lid they are forced to connect to the VPN before they can do anything else (Unlock the laptop, etc...). Even on Windows 7 machines when we were able to get the VPN client to prompt the user to connect before the Windows Login prompt, the user could still simply click cancel and proceed to windows without forcing the VPN. Any help would be appreciated. Thanks.

Sandblast IE Plugin support for Enhanced Protected Mode

Hi Community,we noticed, that the Sandblast browser plugin for IE is incompatible with the Enhanced Protected Mode from Internet Explorer.Is there anybody from product team or similar, who can explain, why this plugin is incompatible and when the plugin is planned to be certified? The EPM mode from IE got a few nice security features, we would miss by deactivating it.I guess Microsoft does a plugin-verification like all the other vendors and for EPM mode, the plugin needs to implement all the requirements - which are these and why aren't they implemented yet?I'm thankful for any thoughts on thisProblem is described with SK154912 , but I don't think this is a permanent solution, more a workaround.Best RegardsJohannes
foxcon
foxcon inside Endpoint Security Products Saturday
views 85 1

Error durin installation of Checkpoint E80.92

Dear Community,im deploying over 4000 CheckPoint clients in our infrastructure and over 95 % were installed successfully.On some machines i got the following error:Error 1935. An error occurred during the installation of assembly 'Microsoft.VC80.ATL,type="win32",version="8.0.50727.42",publicKeyToken="1fc8b3b9a1e18e3b",processorArchitecture="x86'. Please refer to Help and Support for more information. HRESULT: 0x8007054F. All machines in our infrastructure are Windows 7 x64 or Windows 10 1809. If i deploy it via SCCM or install it via cmd with ADM priviliges, the same result. I have attached a log file. If i check the logfile, it says i should have a look in the %windir%\logs\cbs folder buti cant find anything which helps me.Thank you very much!
Ankit
Ankit inside Endpoint Security Products Saturday
views 75 2

Sandblast forensic report generation through smart endpoint console .

Hello Team,We are facing issue while generating forensic report through smart endpoint console. we are able to view detail forensic report through sandblast agent while click to incidentid.below are forensic report we capture from agent . same we need to generatethough smart console.
Heng_Eng
Heng_Eng inside Endpoint Security Products Friday
views 1182 5

Connectivity with the Check Point Endpoint Security service is lost

I have just installed Endpoint Security VPN E80.90 Build 986100112. After rebooting, all I get is:Connectivity with the Check Point Endpoint Security service is lost.Clicking any button, eg Disconnect or VPN Options will simply produce the same error message: Connectivity with the Check Point Endpoint Security service is lost.I checked and both Check POint Endpoint Client Watchdog service and Check Point Endpoint Security VPN service are running.What can I do? I am totally lost. I have to connect to a client's site urgently to investigate an issue.Thanks.
Jason_Dance
Jason_Dance inside Endpoint Security Products Wednesday
views 219 1 1

Policy Server

Hi Community!I'm currently on R80 for management, and R77.30.03 for Endpoint management. EPM is its own separate management/endpoint management server, and won't be associated with my R80 management until CP are able to release a supportable version on the R80 train with the latest feature set.Is there a solution for specifying a NAT/external IP on the R77.30.03 Endpoint management server without needing to establish SIC or a separate log server acting as a Policy Server in the DMZ?Regards,Jason
Sanja_Rakic
Sanja_Rakic inside Endpoint Security Products a week ago
views 165 11

Active Directory scanner settings

Hi, I see that I can't change scan interval in active directory scanner configuration using Check Point Smart Endpoint console. Is there some other way to change this setting?
Andrea_Poiesi
Andrea_Poiesi inside Endpoint Security Products a week ago
views 7358 15 1

Endpoint client and Windows 10 1903

Hi everyone,has anyone tried to upgrade windows 10 to the 1903 version and install the endpoint client? in the release notes of ver 80.94 and 80.96 I see that it is not mentioned and does not seem to be supported yet. does anyone have feedback?
Mahdi_Haghani
Mahdi_Haghani inside Endpoint Security Products a week ago
views 70 1

MFA for remote VPN users

Hi Guys,In my organization we have many people that using checkpoint VPN software to connect to work space.Could we make the authentication more secure with some kind of the MFA? Looking for some solution purely by checkpoint if its possible.Would appreciate if you can share your experience.Regards,Mahdi
Akeel_Sayed
Akeel_Sayed inside Endpoint Security Products 2 weeks ago
views 65 1

Checkpoint Endpoint Licence Expiry

Hi Please can someone advise regarding what happens to the computers with CP Full Disk Encryption once the licence expires? Can SmartEndpoint Manager still provide passwords for the devices to be decrypted? Thanks
Employee

Endpoint Security / SandBlast Agent Newsletter - Version – E81.10

We recently released SandBlast Agent E81.10. E81.10 introduces new features, stability and quality improvements. A complete list of improvements can be found on the release Secure Knowledge sk155792 Enterprise Endpoint Security E81.10 Windows Clients. Support for windows 10 19H1 E81.10 supports Windows 10 19H1 (version 1903), the latest version. Please note that Anti-Malware support with Windows 10 19H1 requires a server hotfix. Please refer to sk141033 for more information. Optimized Agent Package Size E81.10 introduces 32-bit and 64-bit download packages for the Threat Prevention Client (SBA/Threat Prevention services and Anti-Malware). The new package size is reduced from ~680MB to ~245MB. Note that the Threat prevention package includes an initial set of Anti-Malware signatures. The complete set updates right after the client connects to the update server. We continue to work on optimizing the package size and plan to introduce in the next releases even smaller package and dynamic updates which will improve dramatically the deployments package size. Stay tuned. J BlueKeep (CVE-2019-0708) Microsoft has announced that a critical vulnerability exists in Remote Desktop Services (RDS) relevant to several Windows products, including Windows 7 and Windows Server 2008 R2. The vulnerability allows either Remote Code Execution or Denial of Service attacks when any unauthenticated user communicates with the machine. SandBlast Agent Provide protection against BlueKeep vulnerability using SBA Anti-Exploit technology. Additional information on how to protect against BlueKeep: How to protect RDP servers from CVE-2019-0708 (BlueKeep) sk154732 SandBlast Agent Protects Against BlueKeep RDP Vulnerability New Threat Emulation Report E81.10 now supports by default the new Threat Emulation report with improved UI. Additional intelligence data enables better understanding of the malicious file and its effect on the machine. The new report format has server version requirements: All R80.30 versions are acceptable. The R80.20 version must be R80.20M2 or R80.20 Jumbo Hotfix 4. Customers who use server version 77.30.03 must use the SmartLog version released with Endpoint Security E80.92 or higher.