This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
mistercinux
Contributor
‎2026-01-02 08:00 AM
Jump to solution

Harmony endpoint - How to scan an offline device without installing the endpoint agent

Hello guys, 

We receieved new computers managed by the machine manufacturer.

Those machines are isolated in separeted networks, but we can’t install the endpoint agent on them.

However, we  would like to scan those machines for malicious files before connecting them to the network. 

Can I do that with my harmony endpoint ?

 

Best ragerds,

Chris

0 Kudos
2 Solutions

Accepted Solutions
the_rock
MVP Diamond
MVP Diamond
‎2026-01-02 08:11 AM
Jump to solution

Im fairly positive Chris that can NOT be done without harmony endpoint agent installed.

 

Best,
Andy
"Have a great day and if its not, change it"

View solution in original post

0 Kudos
lluner
Advisor
‎2026-01-02 11:15 AM
Jump to solution

@mistercinux 

The only option is to use Microsoft Defender offline.

-----------AI ------------------

How to Run a Microsoft Defender Offline Scan

  1. Open Windows Security (search for it in the Start menu or go to Settings > Privacy & security > Windows Security > Open Windows Security).
  2. Select Virus & threat protection.
  3. Under Current threats, click Scan options.
  4. Choose Microsoft Defender Offline scan.
  5. Click Scan now.
  6. Confirm the prompt: Save any open work, as your PC will restart soon.

View solution in original post

(2)
10 Replies
the_rock
MVP Diamond
MVP Diamond
‎2026-01-02 08:11 AM
Jump to solution

Im fairly positive Chris that can NOT be done without harmony endpoint agent installed.

 

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos
mistercinux
Contributor
‎2026-01-02 08:23 AM
In response to the_rock
Jump to solution

Hi Andy 

Thank you for your answer. 

Are there some good recommendation / best practices we can apply in this scenario ? 

 

Best regards,

Chris

0 Kudos
the_rock
MVP Diamond
MVP Diamond
‎2026-01-02 08:25 AM
In response to mistercinux
Jump to solution

Never really tried this myself, but here is what I found online..

*************************************

Bootable malware scanning media (Best option)

Use a bootable AV scanner that runs outside the OS:

  • Microsoft Defender Offline

  • ESET SysRescue

  • Kaspersky Rescue Disk

  • Sophos Bootable Anti-Virus

Why this works well

  • No agent installation required

  • Scans disks before the OS loads

  • Ideal for air‑gapped or isolated networks

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos
lluner
Advisor
‎2026-01-02 11:15 AM
Jump to solution

@mistercinux 

The only option is to use Microsoft Defender offline.

-----------AI ------------------

How to Run a Microsoft Defender Offline Scan

  1. Open Windows Security (search for it in the Start menu or go to Settings > Privacy & security > Windows Security > Open Windows Security).
  2. Select Virus & threat protection.
  3. Under Current threats, click Scan options.
  4. Choose Microsoft Defender Offline scan.
  5. Click Scan now.
  6. Confirm the prompt: Save any open work, as your PC will restart soon.
(2)
the_rock
MVP Diamond
MVP Diamond
‎2026-01-02 11:18 AM
In response to lluner
Jump to solution

Definitely seems like a logical approach!

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos
mistercinux
Contributor
‎2026-01-07 02:02 AM
In response to lluner
Jump to solution

Hello lluner, 

 

This seem to be the good way for us. 

Thank you very much for your help! 

 

Best regards,

0 Kudos
lluner
Advisor
‎2026-01-02 11:28 AM
Jump to solution

@mistercinux 

At this link you can download offline Windows Defender signatures.

 

https://www.microsoft.com/en-us/wdsi/defenderupdates

the_rock
MVP Diamond
MVP Diamond
‎2026-01-02 11:34 AM
In response to lluner
Jump to solution

Excellent stuff @lluner 

Best,
Andy
"Have a great day and if its not, change it"
0 Kudos
lluner
Advisor
‎2026-01-02 11:40 AM
Jump to solution

You can create a package with the firewall blades and use it to allow access only to your Super Node. If you need help, I can provide more information.

1- Offline package

2- Updates via Supernode

0 Kudos
lluner
Advisor
‎2026-01-02 11:58 AM
In response to lluner
Jump to solution

@mistercinux 

an example with images

firewall3.pngfirewall2.png

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events