- CheckMates
- :
- Products
- :
- Harmony
- :
- Endpoint
- :
- Endpoint on domain servers
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Endpoint on domain servers
anyone have experience running anti-malware, anti-bot, forensics and anti-ransomware and Threat emulation on domain servers like Active Directory, SQL server, terminal server, and file shares? I am thinking file shares and terminal server might be fine. Looking for any documentation or any feed back from anyone that has done this. Any folders to exclude (other than what Microsoft recommends for SQL).
- Tags:
- active directory
- sql
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Joe,
I have only been using Microsoft recommendation when I should exclude files from being touched by the Endpoint Software.
Though I have had problems with how to exclude directories or files. Check Point did an upgrade of their documentation.. in their sk122706.
This guide will help you to exclude folder and and sub-folders and files
Will check which blades we use and get back to you.
Thanks
Kim
Kim
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Joe,
With Endpoint on servers, with the version E80.71.0232, we run the following blades.
Anti-Malware
Sandblast Forensics, Remidiation and Anti-Ransomware
Sandblast Agent Anti-bot
Sandblast Agent Treat Extraction and Emulation
We have in the first place disabled the firewall, because we not able to control the firewall rules like in the secure gateway. We had create one policy with all the needed open ports or create one policy per server.
It is something we will dig into in the near future if time allow us to do so 🙂
Thanks
Kim
Kim
