Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Chinmaya_Naik
Advisor

Checkpoint Endpoint Blades (User/Machine Based)

Its a Important part when we going to create a new virtual group during implementation to segregate the machine/user with different group.

But when you going to create a new virtual group then we able to see two option :

  1. Virtual Group (Used for Both User & Machine)
  2. Computer Group (Used Only for Machine)
 

Different blades group is use base in the following chart :

FDE – Machine Based
MEPP – User Based
One Check – User Based
Capsule Docs – User Based
Anti-Malware – User Based
Anti -Ransomware, Forensics and remediation – Machine Based
Anti-Bot – User Based
Threat Emulation and Threat Extraction – User Based
Compliance – User Based
URL Filtering – Machine Based
Firewall – User based
Access Zones – User Based
Application Control – User Based
Client Settings – User Based

As per my personal experience use “computer group” for machine based policy even you have a option to create "virtual group" for machine based.

 

Regards

@Chinmaya_Naik

0 Kudos
4 Replies
PhoneBoy
Admin
Admin

What's the logic here?
0 Kudos
Chinmaya_Naik
Advisor

Hi @PhoneBoy 

Thanks for the update.

The login behind is :

As I was face a challenge  on multiple environment , when I create a Virtual Group instead of computer group and create a policy for Media encryption , Full disk encryption and Anti -Ransomware then policy is not applied on End machine its reflect the default policy only.

Regards

@Chinmaya_Naik 

0 Kudos
Norbert_Bohusch
Advisor

To correct things.

If you are applying a virtual group to a policy, then the content is only taken based on the blade type.

So user-based blades use the users in this group and machine-based blades use the machines in this virtual group.

 

If you want to apply machine-based groups to a user-based blade this can be forced using machine-groups.

There is no other way around to force machine-based blades to use users for rules.

Reason: Think of FDE encrypting/decrypting disk based on logged on user...

0 Kudos
PhoneBoy
Admin
Admin

Right and that makes total sense.
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events