This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have one, create one now for free!
K-R_-Trust-Net
Contributor
‎2022-02-08 07:28 PM

How to check if FDE now works on Test PC?

Hi Everyone.

This link was solved by disabling the pre-boot option of the FDE blade.
https://community.checkpoint.com/t5/Endpoint/Cannot-access-the-remote-PC-after-i-tried-to-deploy-FDE...

i was successfully can log to Dan-PC yet the problem is that i cant check if the FDE is pushing to the PC.
i cant see the padlock icon on the system tray (taskbar)
https://sc1.checkpoint.com/documents/R80.40/SmartEndpoint_OLH/EN/Topics-EPSG/FDE-CPEncryptionPolicy-...

i tried to check and update the magnifying glass icon in system tray but it seems that the blades that i disable in the deployment tab of Dan-PC in the smartEndpoint still looks updated and working.. is this a system limitation of the checkpoint demo environment?? if not, how could i make fde works in Dan-PC??

Labels
Preview file
63 KB
Preview file
85 KB
Preview file
160 KB
0 Kudos
10 Replies
PhoneBoy
Admin
Admin
‎2022-02-08 09:02 PM

I believe FDE isn't supported in virtual environments.

0 Kudos
K-R_-Trust-Net
Contributor
‎2022-02-08 09:25 PM
In response to PhoneBoy

How can i test it out if that would be the case?? 

0 Kudos
Chris_Atkinson
Employee
Employee
‎2022-02-09 04:58 AM
In response to K-R_-Trust-Net

Provision a eval instance of Harmony Endpoint @ portal.checkpoont.com and enroll a non-production test PC that you don't mind reimaging etc

K-R_-Trust-Net
Contributor
‎2022-02-09 08:50 PM
In response to Chris_Atkinson

may i know how i can do this suggestion?? do you mean to test it in infinity portal?? 

0 Kudos
Chris_Atkinson
Employee
Employee
‎2022-02-09 11:55 PM
In response to K-R_-Trust-Net

Correct register for the Infinity Portal and commence a trial of Harmony Endpoint.

Alternately if you have the means you could install a cloud or on-prem hosted management if you have a lab?

0 Kudos
K-R_-Trust-Net
Contributor
‎2022-02-10 12:39 AM
In response to Chris_Atkinson

seems like i will need to install a vmware worstation environment that i will use to connect to infinity portal to play with FDE. (i hope this one would work or else the option below would be the most viable one.)

yet, i think its a hard pass, though if i would really want to implement it into the smartEndpoint, it would be painful since i will need to install GAIA on a vmware environment, set it up and download the smartEndpoint and deploy it to another vmware environment.. am i right??

0 Kudos
Chris_Atkinson
Employee
Employee
‎2022-02-10 02:39 AM
In response to K-R_-Trust-Net

No all you need is the Infinity portal - harmony endpoint and test PC.

VMware workstation isn't required here unless you choose not to use the Infinity portal hosted Harmony Endpoint.

0 Kudos
K-R_-Trust-Net
Contributor
‎2022-02-10 03:38 PM
In response to Chris_Atkinson

Hi Chris, Maybe i try to do this suggestion then ill get back to you what results would i get.

0 Kudos
jcortez
Employee
Employee
‎2022-02-17 06:26 AM
In response to MirkaMralo

@K-R_-Trust-Net 

What @PhoneBoy mentioned, FDE not being supported on VM, is very accurate. It is only meant for testing and does not always work. As others have suggested you should always be testing FDE on physical machines to get a true testing scenario.


Justin Cortez
Technology Leader | Endpoint Cyber Security Products | Americas Endpoint Team
0 Kudos
jcortez
Employee
Employee
‎2022-02-17 06:32 AM
In response to jcortez

@K-R_-Trust-Net 

Also when using/enabling FDE the is a FDE Preboot that is enabled for logging into the machine securely. There is no network connectivity when at preboot. The FDE Preboot login is meant for a user to be directly at the machine and not accessing the machine remotely.

If you are trying to access machine remotely that have our FDE solution on them and Preboot is enabled, the user(s) would first need to login through preboot in order for you to remote into the machine/Windows. This is expected behavior and how the product is designed.

If you do not want to use preboot it can be disabled. However, this is not recommended as this would decrease the level of security being offered by FDE.


Justin Cortez
Technology Leader | Endpoint Cyber Security Products | Americas Endpoint Team
0 Kudos