Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
ikokkoris
Contributor
Jump to solution

HARMONY ENDPOINT DIGITAL SIGNATURED FILES

Hello,

I have noticed that Treat Extraction removes digital signatures from pdf documents (.cleaned) and makes them being invalid.

In Threat Prevention Policy -> Web & Files Protection -> Advanced Settings -> Download Protection -> Extract potential malicious elements -> Elements to Extract, everything is checked. 

Is there any chance digital signatures fall under one of these categories and after unchecking them, digital signatures are not removed from Threat Extracted  pdf files?

I know that I can only emulate these files or just exclude the relevant URLs, but it is not suittable in my case.

 

 Regards,

Ioannis

0 Kudos
1 Solution

Accepted Solutions
ikokkoris
Contributor

Hi,

As informed from TAC, we excluded the relevant URLs from Threat Emulation and the problem is solved.

View solution in original post

0 Kudos
3 Replies
_Val_
Admin
Admin

I do not think it si possible. However, there should be an option to request an original file.

0 Kudos
PhoneBoy
Admin
Admin

If we left the digital signature in there, it would be invalid since the file served to the user is different from it's original and the signature is based on the file contents.
This means we would have to generate a new digital signature for the cleaned file.
This is probably an RFE and if this is a hard requirement, I suggest engaging with your local Check Point office.

0 Kudos
ikokkoris
Contributor

Hi,

As informed from TAC, we excluded the relevant URLs from Threat Emulation and the problem is solved.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events