Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Seth
Explorer

Endpoint Security white list domains for Sandblast agent for browsers Phishing check

first time poster, long time(1 year) listener.

I am trying to white list internal(not going through a gateway) homemade websites. When a user with E82.30.0530 (or any version) endpoint client tries to click on the username/password field they get blocked by the "SandBlast Agent for Browsers": Beware! Deceptive site blocked.

endpoint2.jpg

The error then goes on to explain itself and gives a link "if this is incorrect, send a report" (is that internal? can't find it)

I have added the site to the white-list in 2 places in the  SmartEndpoint management console. properties calls this area "Exclusions" under "inspect all domains and files" and "Protected Domains" under "Zero Phishing Settings.

endpoint.jpg

 

 

 

 

What am i doing wrong? Where do i white-list sites for the browser agent to not check for Phishing?

 

Seth in St. Louis

Labels (1)
0 Kudos
1 Reply
Seth
Explorer

I found the answer. I was typing the domain name wrong.

answer was in this post:

https://community.checkpoint.com/t5/Endpoint-Security-Products/Zero-Phishing-Exceptions/td-p/49595

Talya towards the bottom pointed out:

When defining a domain for exclusion\protection, you should only consider the domain portion of the URL (shown in bold): https://www.checkpoint.com:8080/path/to/page
A domain will be classified as excluded\protected, if any entry in the exclusion list is a suffix of it.
For example, if the exclusion list contains the entry .checkpoint.com, then www.checkpoint.com will be excluded.

that was under "inspect all domains and files"

 

the Zero phishing "protected sites" is for data-mining the credentials to not allow to be used elsewhere. 

 

hope that helps.

Seth