Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
dw_Cold
Participant
Jump to solution

Harmony Endpoint Client Installs Outlook Add-in

Hello,

We are using Harmony Endpoint web portal to build and deploy Endpoint Security clients to our enterprise.

During testing we've noticed that users who have the client installed on their Windows machines have the 'Check Point Harmony Addin' added to their list of Add-ins within thier Microsoft Outlook clients.

We're deploying 86.51 and 86.60. How do we prevent the add-in from being installed during the EPS install?

Would someone be in a postion to expalin where specifically this setting is configured please? We want to avoid having to remove the Add-in via GPO after the fact.

Thank you in advance.

0 Kudos
1 Solution

Accepted Solutions
dw_Cold
Participant

Hello, 

Adding a new exclusion within Harmony Endpoint Cloud Portal appears to have worked. The add-in is listed as 'inactive' within Outlook which suggests the action was performed by the EPS as expected. I will test what happens during a clean install of EPS.

In the meantime I've found that the configuration from sk175845 https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut... can be performed in Harmony Endpoint Cloud Portal in two places:

1) Threat Prevention > Policy Capabilities > Capabilities and Exclusions >  Exclusions Center > Forensics Monitoring Exclusions 

2) Threat Prevention > Global Exclusions

In both cases you just add a new exclusion of type process. See attached image.

View solution in original post

0 Kudos
7 Replies
Chris_Atkinson
Employee Employee
Employee

Did you already review: sk175845 - How to disable the Outlook add-in

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

Note: Some things still require configuration via SmartEndpoint.

CCSM R77/R80/ELITE
dw_Cold
Participant

Hello Chris, thanks for your reply.

I did read the article but wasn't sure it applied to our situation. The document mentions connecting to the SMS server via SmartEndPoint. 

Forgive my lack of understanding but does the article mean the SMS server that we use to configure our firewalls? The reason I ask is we moved from an on-prem endpoint manager and gateway scenario when we migrated to Harmony Endpoint in the cloud.

Our EPS client connect only to the Harmony Endpoint cloud solution and of course the firewalls.

0 Kudos
PhoneBoy
Admin
Admin

You can use SmartEndpoint for your cloud-managed Harmony Endpoint.
This is currently necessary to configure specific features.

In Infinity Portal, go to Harmony Endpoint > Service Management.
You will find a download link to SmartConsole and the necessary information to connect to your cloud instance.

dw_Cold
Participant

Thank you very much for the above. I understand now, and have been able to access the SMS server in this way using SmartEndpoint. 

However my next issue is that the step in sk175845 (see below) mentions a Forensics Policy. I don't see Forensics Policy within Policy.

 

To disable the utility from SmartEndpoint with the Security Management Server:

  1. Connect to the Security Management Server > Policy > Forensics policy > Monitoring and Exclusions.

0 Kudos
dw_Cold
Participant

... I have just found a similar setting within the Harmony Endpoint Cloud Portal (please see attachment monitoring_exclusions.png).

It was found in Policy > Threat Prevention > Global Exclusions > 'Start by adding a new Exclusion'

Would this be where I add the information from sk175845 in lieu of Forensics being available in SmartEndpoint?

Thanks again.

0 Kudos
PhoneBoy
Admin
Admin

I would try that, yes.
If this doesn't work, I recommend engaging with the TAC so we can get the correct procedure included in the SK for cloud-managed Harmony Endpoint.

dw_Cold
Participant

Hello, 

Adding a new exclusion within Harmony Endpoint Cloud Portal appears to have worked. The add-in is listed as 'inactive' within Outlook which suggests the action was performed by the EPS as expected. I will test what happens during a clean install of EPS.

In the meantime I've found that the configuration from sk175845 https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut... can be performed in Harmony Endpoint Cloud Portal in two places:

1) Threat Prevention > Policy Capabilities > Capabilities and Exclusions >  Exclusions Center > Forensics Monitoring Exclusions 

2) Threat Prevention > Global Exclusions

In both cases you just add a new exclusion of type process. See attached image.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events