This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
K-R_-Trust-Net
Contributor
‎2022-02-08 07:28 PM

How to check if FDE now works on Test PC?

Hi Everyone.

This link was solved by disabling the pre-boot option of the FDE blade.
https://community.checkpoint.com/t5/Endpoint/Cannot-access-the-remote-PC-after-i-tried-to-deploy-FDE...

i was successfully can log to Dan-PC yet the problem is that i cant check if the FDE is pushing to the PC.
i cant see the padlock icon on the system tray (taskbar)
https://sc1.checkpoint.com/documents/R80.40/SmartEndpoint_OLH/EN/Topics-EPSG/FDE-CPEncryptionPolicy-...

i tried to check and update the magnifying glass icon in system tray but it seems that the blades that i disable in the deployment tab of Dan-PC in the smartEndpoint still looks updated and working.. is this a system limitation of the checkpoint demo environment?? if not, how could i make fde works in Dan-PC??

Labels
Preview file
63 KB
Preview file
85 KB
Preview file
160 KB
0 Kudos
10 Replies
PhoneBoy
Admin
Admin
‎2022-02-08 09:02 PM

I believe FDE isn't supported in virtual environments.

0 Kudos
K-R_-Trust-Net
Contributor
‎2022-02-08 09:25 PM
In response to PhoneBoy

How can i test it out if that would be the case?? 

0 Kudos
Chris_Atkinson
Employee Employee
Employee
‎2022-02-09 04:58 AM
In response to K-R_-Trust-Net

Provision a eval instance of Harmony Endpoint @ portal.checkpoont.com and enroll a non-production test PC that you don't mind reimaging etc

CCSM R77/R80/ELITE
K-R_-Trust-Net
Contributor
‎2022-02-09 08:50 PM
In response to Chris_Atkinson

may i know how i can do this suggestion?? do you mean to test it in infinity portal?? 

0 Kudos
Chris_Atkinson
Employee Employee
Employee
‎2022-02-09 11:55 PM
In response to K-R_-Trust-Net

Correct register for the Infinity Portal and commence a trial of Harmony Endpoint.

Alternately if you have the means you could install a cloud or on-prem hosted management if you have a lab?

CCSM R77/R80/ELITE
0 Kudos
K-R_-Trust-Net
Contributor
‎2022-02-10 12:39 AM
In response to Chris_Atkinson

seems like i will need to install a vmware worstation environment that i will use to connect to infinity portal to play with FDE. (i hope this one would work or else the option below would be the most viable one.)

yet, i think its a hard pass, though if i would really want to implement it into the smartEndpoint, it would be painful since i will need to install GAIA on a vmware environment, set it up and download the smartEndpoint and deploy it to another vmware environment.. am i right??

0 Kudos
Chris_Atkinson
Employee Employee
Employee
‎2022-02-10 02:39 AM
In response to K-R_-Trust-Net

No all you need is the Infinity portal - harmony endpoint and test PC.

VMware workstation isn't required here unless you choose not to use the Infinity portal hosted Harmony Endpoint.

CCSM R77/R80/ELITE
0 Kudos
K-R_-Trust-Net
Contributor
‎2022-02-10 03:38 PM
In response to Chris_Atkinson

Hi Chris, Maybe i try to do this suggestion then ill get back to you what results would i get.

0 Kudos
jcortez
Employee
Employee
‎2022-02-17 06:26 AM
In response to MirkaMralo

@K-R_-Trust-Net 

What @PhoneBoy mentioned, FDE not being supported on VM, is very accurate. It is only meant for testing and does not always work. As others have suggested you should always be testing FDE on physical machines to get a true testing scenario.


Justin Cortez
Technology Leader | Endpoint Cyber Security Products | Americas Endpoint Team
0 Kudos
jcortez
Employee
Employee
‎2022-02-17 06:32 AM
In response to jcortez

@K-R_-Trust-Net 

Also when using/enabling FDE the is a FDE Preboot that is enabled for logging into the machine securely. There is no network connectivity when at preboot. The FDE Preboot login is meant for a user to be directly at the machine and not accessing the machine remotely.

If you are trying to access machine remotely that have our FDE solution on them and Preboot is enabled, the user(s) would first need to login through preboot in order for you to remote into the machine/Windows. This is expected behavior and how the product is designed.

If you do not want to use preboot it can be disabled. However, this is not recommended as this would decrease the level of security being offered by FDE.


Justin Cortez
Technology Leader | Endpoint Cyber Security Products | Americas Endpoint Team
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events