This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
dt7
Contributor
‎2023-07-25 09:15 PM

Harmony Endpoint client package and blades enabled/disabled

Dear community,

I am deploying the Harmony Endpoint client via dynamic package to my users, and I would like to know how to manage the different blades moving forward.

Right now, I have only enabled a subset of the blades to match what I is needed at the moment, in order to reduce the package size and not enabled unnecessary blades that I won't be using at the moment:

- Enabled (ticked): URL Filtering, RA VPN, Compliance

- Disabled (unticked): Anti-Malware, all of Data Protection, Capsule Docs, Firewall & App control

I have attached some screenshots to illustrate the above.

For example, aside being more optimal and to reduce the package size, I have especially disabled the Data Protection features in the package because I don't want to use the encryption policies, I have not found a way to disable the default encryption policies in the Harmony Endpoint interface and they apply by default, so to avoid any issues I just disabled them on the package. Is there something I missed here?

In addition, I would like to understand if there are best practices on how to manage blades in case there are changes in the future, I have not seen this part really detailed in the admin guide. For example, if in the future I want to enable Anti-Malware or Firewall & App control, is it enough to just configure it in the Harmony Endpoint Policy and push it to the client to update their settings and enable it? Or it won't work since the blade is disabled on the package that was installed on the devices? Does that mean that to enable new blades I need to reinstall/push a new package with those blades enabled? If that's the case it's not really practical..

I would be glad to hear some feedback if you have been using the Harmony Endpoint solution and if you have best practices regarding the above or in general.

Thank you.

0 Kudos
2 Replies
PhoneBoy
Admin
Admin
‎2023-07-26 06:29 AM

"If in the future I want to enable Anti-Malware or Firewall & App control, is it enough to just configure it in the Harmony Endpoint Policy and push it to the client to update their settings and enable it?" yes, this is exactly how it works.

0 Kudos
dt7
Contributor
‎2023-07-26 07:02 PM
In response to PhoneBoy

Thanks for the confirmation!

So even if the blades were disabled when the client was initially pushed, it can still be controlled and pushed/enabled on the client later when the feature is configured via policy for the client basically? Which makes sense.

Thanks for the clarification.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    Top