Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
BarYassure
Employee
Employee

Harmony Endpoint - Product Updates (June)

ba.jpg

Hi

The Harmony Endpoint team is Happy to share the Following Updates from June 2024:

 

Main Updates

  • Browser-Based DLP (GA) –  We are excited to announce that with the next Endpoint client version (E88.50), our browser-based DLP solution will be GA.
    We can already see customer’s excitement about it, and believe it will be one of our main growth accelerators in 2024 & 2025.  
    Feel free to use the attached assets – Solution Brief, Customer Deck.

DLP.jpg

 

  • Semi Isolated Environments (GA) – with client version 88.50 for Windows, our new
    Semi Isolated environment support will be GA.
    To support it, our Super-Node will work as a “Full proxy” and will allow:
    • Lower Bandwidth consumption
    • Support Semi-Isolated environments.

Please check the attached customer presentation with additional details.

 

se.png

 

  • Prevention of DLL Sideloading attack – With our latest client version, E88.41, we have added advanced protection against DLL Sideloading attacks.
    Take a look at the latest blog from the research team to learn more about these attacks.

 

  • New Linux Distros Support – With our latest Linux client version 1.15.10, We are now supporting additional Linux distros.
    • Fedora 34-37 – all supported blades.
    • Fedora 38-39 – only Anti-Malware blade is supported.
    • openSUSE 15.4 & 15.5 – all supported blades.
    • The full list of supported Linux distributions and versions can be found at sk170198.

 

  • Technical Training – Our last training session was focused on DNS security and our newest Integration with Infinity PlayBlocks. Feel free to catch up :-)

Tecni.jpg

 

Security Client

Windows:

  • Harmony Endpoint latest released version for Windows is E88.41.
    Released in June 2024 as GA (General Availability).
    Please see sk182237 for more information.
  • Harmony Endpoint Recommended released version for Windows is E88.00.
    Released in January 2024 as GA (General Availability).
    Please see sk181675 for more information.

 

MacOS:

  • Harmony Endpoint latest released version for MacOS is E88.40.
    Released in June 2024 as GA (General Availability).
    Please see sk182239 for more information.
  • Harmony Endpoint Recommended released version for MacOS is E87.71.
    Released in January 2023 as GA (General Availability).
    Please see sk181857 for more information.

 

Linux:

  • Harmony Endpoint latest released version for Linux is 1.15.10
    Released in April 2024 as GA (General Availability).
    Please see sk170198 for more information.

 

17 Replies
gg_fga
Contributor

Hello,

Concerning super-nodes, is it possible to define a super-node based on IP addresses or other criteria? I mean, without having to make several rules based on computers (in Client Settings). If I assign several nodes to clients that are spread over different sites, which one will be used first?

Concerning the roadmap, I had seen that work was in progress for server endpoints, with a different binary. Is it possible to have a progress report on this feature?

 

Kind regards,

0 Kudos
JonnyRabinowitz
Employee
Employee

To answer the question on what happens "If I assign several nodes to clients that are spread over different sites, which one will be used first". When working in "Semi-isolated environments" the Windows client checks each of the assigned clients to see which gives the best service; including factors such as round trip time / delay. Super Node that gives best service will be selected. In your example is likely to be the super node that is located in the same site.

Assigning multiple super nodes to a client is important to provide redundancy and client will fail-over to another super-node if connection through super node is lost

gg_fga
Contributor

It's great how it works! In terms of blade and installation for a super-node, no prerequisites? once they are designated in the as super-node, it works?
Also, at network level, between the clients and the super-node, what ports need to be opened?

0 Kudos
Luiz_
Collaborator

Super Nodes are cool. We are deploying 3100 licenses on a new customer and they asked us to see Super Node statistics (traffic, usage, etc). I think it's a cool suggestion to add to the roadmap.

BarYassure
Employee
Employee

Cool idea @Luiz_ . we will add it to the roadmap

JonnyRabinowitz
Employee
Employee

[ I noticed that the presentation about semi-isolated networks did not make it through with Bar's updates and so attaching here ] 

The presentation has some additional details and answers the questions on this thread

To summarize:

  • Semi isolated functionality extends functionality provided by super node to include full duplex communication with management through super node
  • The same Windows based super node will support Mac, Linux clients as well as Windows
  • Was available for early availability from E88.20 and will be Generally Available (GA) in E88.50. As part of GA activities all the relevant documentation and SKs should be updated
  • There are plans to add monitoring / status information for super nodes and should be available in the second part of the year
  • Can see in the presentation information on the ports to be used
    • Uses ports 4434 (existing super node functionality) and 3128 for duplex functionality
gg_fga
Contributor

Thanks for the doc.

 

On the client interface, is it possible to see which super-node it is connected to?

0 Kudos
JonnyRabinowitz
Employee
Employee

[ Disclaimer: reference below is to planned functionality and target time frames - we are now in second half of year. May be subject to change ]

Sure. Glad it helps

I had mentioned in the last comment - 

  • There are plans to add monitoring / status information for super nodes and should be available in the second part of the year and post E88.50

The plans include presenting related super node information on the client interface and also in the Inventory management table on the management portal so can view / filter by the super-node data

I am not aware of what can be seen when working with E88.50

Pawel_eM
Participant

Hello,

Any info when 88.50 will be in GA? 

0 Kudos
BarYassure
Employee
Employee

Hi

Within a week

0 Kudos
RS_Daniel
Advisor

Hello @BarYassure ,

We have a situation with one customer where semi isolated enviroments would help us a lot. We are testing it with E88.60 but the connections are still going to internet ignoring super node. The client machine has configured authenticated proxy under windows settings, is this scenario supported? do we need something else to test this feature?

Regards

0 Kudos
BarYassure
Employee
Employee

Hi

Please email me and i will help.
bary@checkpoint.com

0 Kudos
RS_Daniel
Advisor

Hello,

I sent you an email. Thanks!

0 Kudos
jurgenvrieze
Participant

is there some generic solution?
We also have a super-node config that seems to be ignored after migrating to 88.x E2.

0 Kudos
RS_Daniel
Advisor

Hello,

No, it is not a generic solution, you will need to contact to CheckPoint to get it working. Maybe Bar can help you too.

0 Kudos
Mitja-S3NEXT
Collaborator

Why there are vesion metioned E88.41 and E88.00 as latest and recommended, sincer there was a deadline in the portal.checkpoint.com to migrate to DHS compliant versions till 27.09.2024?

0 Kudos
AdiGH
Employee
Employee

Hey, If you are seeing 88.41 as the latest it means that you haven't migrated your server to E2 yet. Please migrate your server first and then you'll be able to see DHS complaint versions. 
These are the steps: 

 

 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events