This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Diego_Carreno
Contributor
‎2019-04-05 08:29 AM

Downloadable application lock by SmartEndpoint policies.

Hi all,

Currently I have the following scenario:

I need to block a downloadable application through policies of Smartendpoint and its client.

It is possible to customize such blocking, that is, a "test.exe" program can not be downloaded by a user.

Thank you very much for your attention!

0 Kudos
3 Replies
PhoneBoy
Admin
Admin
‎2019-04-06 02:44 PM

On SmartEndpoint you should be able to prevent the application from running by using Application Control.
To prevent downloading, it's possible URL Filtering might be able to do it, but not sure.
A gateway running Anti-virus blade could do it (possibly requiring HTTPS Inspection).
Arkavia_Network
Explorer
‎2019-04-08 08:35 AM
In response to PhoneBoy

Thanks for your answer.

Finally I spoke with TAC and they told me that it was not possible to carry out that configuration through SmarEndpoint policies.

Maksym_Sofer
Employee Alumnus
Employee Alumnus
‎2019-04-21 05:29 AM
In response to Arkavia_Network

SandBlast extension could block specific file type to be downloaded at all.

 

It could be either Standalone extension which is managed from gateway or extension installed as part of Threat Extraction and Emulation (TE) blade.

TE blade it is controlled in the following way:

SmartEndpoint -> Policy Tab -> "Threat Extraction and Emulation"  section -> Protect web download with Threat Emulation.
Right-click and select "Edit shared action", now click on "Override default file action per file type".

Ther you can set for EXE - Block Download.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events
    Top