- CheckMates
- :
- Products
- :
- Harmony
- :
- Endpoint
- :
- Re: Does Sandblast Endpoint agent provide offline ...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Does Sandblast Endpoint agent provide offline update for anti-virus blade?
Hi,
It looks like the anti-virus signatures or other information are only updated through the Internet. I am wondering if a laptop disconnect from the internet for a couple days and the laptop received a unknown malware from a USB. How sandblast agent provide the security?
Let me know if the sandblast agent can be updated by other means. Thank you.
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
For reference, attached is a screenshot of the update configuration options showing how multiple sources can be specified to increase the update probability for roaming machines.
For more information pertaining to the advanced configurations please refer:
Endpoint Policy Servers:
How Do Endpoint Policy Servers Work?
Offline Updates:
sk87180: Anti-Malware Offline Updates for Endpoint Security Client E80.40 and above
Private ThreatCloud:
Private ThreatCloud | Check Point Software
Also if you are interested there are some specific SandBlast Agent eLearning materials available here:
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The answer is somewhat provided in the question itself, any solution relying solely on signatures alone will provide inferior levels of protection against unknown malwares, SBA isn't one such solution.
Distributed Endpoint Policy Servers, Offline Updates and Private ThreatCloud deployments are some options that will aid in ensuring that Endpoints otherwise receive the necessary updates and Threat Intelligence desired in connectivity limited situations to complement the in-built Forensic capabilities and more!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
Thanks for your reply. I am kind of new to check point products so I do apologize for anything stupid.
Back to my question:
I am wondering if a laptop disconnect from the internet for a couple days and the laptop received a unknown malware from a USB. How sandblast agent provide the security?
You mentioned the endpoint agent can be updated by endpoint servers, offline updates, and Threat Intelligence. Can you please give me a little bit more detailed answer related to my question above? Thank you. I do appreciate any help you provide!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
For reference, attached is a screenshot of the update configuration options showing how multiple sources can be specified to increase the update probability for roaming machines.
For more information pertaining to the advanced configurations please refer:
Endpoint Policy Servers:
How Do Endpoint Policy Servers Work?
Offline Updates:
sk87180: Anti-Malware Offline Updates for Endpoint Security Client E80.40 and above
Private ThreatCloud:
Private ThreatCloud | Check Point Software
Also if you are interested there are some specific SandBlast Agent eLearning materials available here:
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks Chris. That's a lot of useful information.