This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
king_slavcho
Participant
‎2022-07-06 02:10 AM
Jump to solution

Disable checkpoint endpoint antivirus for one PC

Hello friends,

I wanted to ask you how can i disable checkpoint endpoint antivirus on one particular PC. I can not see an option to do that.. I can just create a group and disable all the policies there. I that the only option to disable antivirus on a PC or there is an another option.. Thank you.

0 Kudos
3 Solutions

Accepted Solutions
PhoneBoy
Admin
Admin
‎2022-07-06 07:59 PM
Jump to solution

Yes, you create a group with the relevant blade settings and assign the PC to that group.
That would be how you disable a blade on a specific PC.

View solution in original post

0 Kudos
MikeB
Advisor
‎2023-08-25 08:16 AM
In response to JulianAF
Jump to solution

If you are the admin, you can access management portal and check policy tab ->"client Settings" -> General ->  Allow users to disable capabilities is ON for your machine policy.

 

image.png

View solution in original post

MikeB
Advisor
‎2023-09-28 11:36 AM
In response to scenarist
Jump to solution

Hi @scenarist , you need to create the rule in "Software Deployment" policy. (not in threat prevention policy).

I would recommend that you use the option to disable features from the endpoint itself (which I discussed previously in this post).

If you decide to use this method, take into account the version of the endpoint when configuring the rule (it should be the same version of the devices you want to disable their protections).

 

image.png

View solution in original post

(2)
10 Replies
PhoneBoy
Admin
Admin
‎2022-07-06 07:59 PM
Jump to solution

Yes, you create a group with the relevant blade settings and assign the PC to that group.
That would be how you disable a blade on a specific PC.

0 Kudos
king_slavcho
Participant
‎2022-07-07 03:06 AM
In response to PhoneBoy
Jump to solution

Thank you for your reply. Let me give you an example of what i want to do exactly. If you have an ordinary antivirus (exp Avast) you can go and disable shields for a certain time (10 minutes or permanently).. I am searching for a similar option here.. Is there an option like that to turn it off on a particular PC or i have to disable all the policies in a group and than move the PC to the group there?

0 Kudos
MikeB
Advisor
‎2022-07-07 06:14 AM
In response to king_slavcho
Jump to solution

you can create a special group (for example NOTSECURE) and in the deployment rules disable all security blades for this group. You can move the client to this group.

The other option would be to use E86.50 and you can find "Edit Capabilities" button in the new UI and disable the security modules you want for this PC.

MikeB_0-1657199628327.png

MikeB_1-1657199647085.png

 

JulianAF
Explorer
‎2023-08-25 03:04 AM
In response to MikeB
Jump to solution

Hello,

i have the E87.31.1016 and the "Edit capabilities" isn't present. Any idea to solve this ? 

Thank you

0 Kudos
MikeB
Advisor
‎2023-08-25 08:16 AM
In response to JulianAF
Jump to solution

If you are the admin, you can access management portal and check policy tab ->"client Settings" -> General ->  Allow users to disable capabilities is ON for your machine policy.

 

image.png

Mitja-S3NEXT
Collaborator
‎2023-08-25 05:03 AM
In response to king_slavcho
Jump to solution

There is no way to just temporarly disable the antivirus like in Avast, you have to use the solution described by @PhoneBoy 

0 Kudos
scenarist
Contributor
‎2023-09-27 05:16 AM
In response to Mitja-S3NEXT
Jump to solution

Yes. I use @PhoneBoy solution and create special virtual group with name "NOT SECURE" and turn off all capabilites but after that harmony endpoint still have TURN ON all capabilities excpet AntiMalware and still running all services in task manager. I am using E86.60 endpoint client. I would like to know how to turn off all capabilities ?2023-09-27 14 15 26.jpg

 

 

2023-09-27 14 10 41.jpg

0 Kudos
MikeB
Advisor
‎2023-09-28 11:36 AM
In response to scenarist
Jump to solution

Hi @scenarist , you need to create the rule in "Software Deployment" policy. (not in threat prevention policy).

I would recommend that you use the option to disable features from the endpoint itself (which I discussed previously in this post).

If you decide to use this method, take into account the version of the endpoint when configuring the rule (it should be the same version of the devices you want to disable their protections).

 

image.png

(2)
scenarist
Contributor
‎2023-09-29 12:33 AM
In response to MikeB
Jump to solution

@MikeB Great. Thank you very much Mike.

0 Kudos
PhoneBoy
Admin
Admin
‎2023-09-28 11:59 AM
In response to scenarist
Jump to solution

Possible this is a (display) bug.
I recommend engaging with the TAC here: https://help.checkpoint.com 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events