This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
MikeB
Advisor
‎2020-08-19 03:46 PM
Jump to solution

Anti-Exploit and Zero Phishing Licensing Problem in SBA

Hi,

I have several customers with SBA Basic package, that according to the Product Web Page also includes Anti-Exploit / Zero Phishing / Static File analysis protections.

This features are enabled and configured with Threat Emulation and Extraction modules so we need to deploy this modules with the agent.

The problem is that in the License Report we always receive a compliance violation alert which leads to some susceptibilities and long conversations with clients.

image.png

is there anything that can be done to fix this? or some official documentation regarding this problem?

 

0 Kudos
1 Solution

Accepted Solutions
Guy_Avnet
Employee
Employee
‎2020-08-24 04:10 AM
In response to PhoneBoy
Jump to solution

Hi,

 

TE blade includes several technologies besides TE & TEX, like – Static Analysis, File Reputation, AnTEX, and more.

The current installation flow is to choose TE even when not using TE/TEX for the rest of the functionalities.

 

Now, the license violation alert you are getting is wrong and I will make it fixed.

In addition to that, the entire installation flow will be re-evaluated, trying to make that scenario clearer.

 

Thanks for your feedback and feel free to contact me again for any additional comment.

Guy

View solution in original post

4 Replies
PhoneBoy
Admin
Admin
‎2020-08-21 05:18 PM
Jump to solution

Threat Emulation/Extraction is not included with SBA Basic.
Here's what the Product Catalog says:

Screen Shot 2020-08-21 at 5.17.47 PM.png

0 Kudos
MikeB
Advisor
‎2020-08-21 05:54 PM
In response to PhoneBoy
Jump to solution

Hi PhoneBoy! 

Yes, I know that we need SBA Advance for TE and TX, but what I really mean is that with SBA Basic we get Zero-Phishing / Anti-Exploit / Static File, features that you need to configure within TE and TX policy, so you need also to deploy this blade to the endpoint to make them work (Or Not?) and thats why you get the licensing alert event if you disable TE and TX inspections (see the "do not..." actions in the policy)

image.png

0 Kudos
PhoneBoy
Admin
Admin
‎2020-08-21 06:32 PM
In response to MikeB
Jump to solution

From what I can tell from TAC cases, this is expected behavior.
Maybe @Lior_Arzi can confirm.

Guy_Avnet
Employee
Employee
‎2020-08-24 04:10 AM
In response to PhoneBoy
Jump to solution

Hi,

 

TE blade includes several technologies besides TE & TEX, like – Static Analysis, File Reputation, AnTEX, and more.

The current installation flow is to choose TE even when not using TE/TEX for the rest of the functionalities.

 

Now, the license violation alert you are getting is wrong and I will make it fixed.

In addition to that, the entire installation flow will be re-evaluated, trying to make that scenario clearer.

 

Thanks for your feedback and feel free to contact me again for any additional comment.

Guy

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events