Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Jirao_Wang
Employee
Employee
Jump to solution

Does Sandblast Endpoint agent provide offline update for anti-virus blade?

Hi,

It looks like the anti-virus signatures or other information are only updated through the Internet. I am wondering if a laptop disconnect from the internet for a couple days and the laptop received a unknown malware from a USB. How sandblast agent provide the security?

Let me know if the sandblast agent can be updated by other means. Thank you.

1 Solution

Accepted Solutions
Chris_Atkinson
Employee Employee
Employee

For reference, attached is a screenshot of the update configuration options showing how multiple sources can be specified to increase the update probability for roaming machines.

For more information pertaining to the advanced configurations please refer:

Endpoint Policy Servers:

How Do Endpoint Policy Servers Work? 

Offline Updates:

sk87180: Anti-Malware Offline Updates for Endpoint Security Client E80.40 and above 

Private ThreatCloud:

Private ThreatCloud | Check Point Software 

Also if you are interested there are some specific SandBlast Agent eLearning materials available here:

https://community.checkpoint.com/community/training-and-certification/blog/2018/07/20/emerging-techn...

CCSM R77/R80/ELITE

View solution in original post

4 Replies
Chris_Atkinson
Employee Employee
Employee

The answer is somewhat provided in the question itself, any solution relying solely on signatures alone will provide inferior levels of protection against unknown malwares, SBA isn't one such solution.

Distributed Endpoint Policy Servers, Offline Updates  and Private ThreatCloud deployments are some options that will aid in ensuring that Endpoints otherwise receive the necessary updates and Threat Intelligence desired in connectivity limited situations to complement the in-built Forensic capabilities and more!

CCSM R77/R80/ELITE
0 Kudos
Jirao_Wang
Employee
Employee

Hi,

Thanks for your reply. I am kind of new to check point products so I do apologize for anything stupid.

Back to my question:

I am wondering if a laptop disconnect from the internet for a couple days and the laptop received a unknown malware from a USB. How sandblast agent provide the security?

You mentioned the endpoint agent can be updated by endpoint servers, offline updates, and Threat Intelligence. Can you please give me a little bit more detailed answer related to my question above? Thank you. I do appreciate any help you provide!

0 Kudos
Chris_Atkinson
Employee Employee
Employee

For reference, attached is a screenshot of the update configuration options showing how multiple sources can be specified to increase the update probability for roaming machines.

For more information pertaining to the advanced configurations please refer:

Endpoint Policy Servers:

How Do Endpoint Policy Servers Work? 

Offline Updates:

sk87180: Anti-Malware Offline Updates for Endpoint Security Client E80.40 and above 

Private ThreatCloud:

Private ThreatCloud | Check Point Software 

Also if you are interested there are some specific SandBlast Agent eLearning materials available here:

https://community.checkpoint.com/community/training-and-certification/blog/2018/07/20/emerging-techn...

CCSM R77/R80/ELITE
Jirao_Wang
Employee
Employee

Thanks Chris. That's a lot of useful information.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events