This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
MildMcHaggis
Explorer
‎2020-10-22 12:45 PM
Jump to solution

How to tell which blades are installed in EPS.msi

Hi,

We are trying to determine whether or not our Desktop MSI files contain the Full Disk Encryption blade or not.  The version we are trying to install is 83.20.3692.

The team that is providing this install to us is giving us two MSIs - one is "WithFDE" (for laptops) and the other is "WithoutFDE" (for Desktops).   However... we are getting reports from our techs that desktop hard drives are being encrypted.

Both MSI files are the exact same size, and when using Orca to view the properties, I can see that the "FeaturesIncluded" property has a value of "DA,ME,FDE" in both MSIs.

Is there another way we can tell if the FDE blade is included in our MSI file?

 

0 Kudos
1 Solution

Accepted Solutions
jcortez
Employee
Employee
‎2020-10-23 06:30 AM
Jump to solution

You were close. The best way to see which software blades are included and will be installed in the EPS.msi package is using Orca. When you open our EPS.msi package in Orca you will see a Table in the left hand pane named 'Property'. Click on the 'Property' table and in the right hand pane look for 'USERINSTALLMODE'. This 'USERINSTALLMODE' will show you the Blade Mask of the EPS.msi package.

For example, I have a EPS.msi package I exported/created from my R80.30 EP MGMT Server with the Anti-Bot, Anti-Ransomware/Forensics and Threat Emulation Blades. So that is our client DA + 3 Software Blades. If I follow the same process above using Orca I can see that my 'USERINSTALLMODE' Blade Mask value is: 200705

With that you can then look at SK69040 and if you add up the Blade Mask value for each of those blades you get: 200705 (DA + Anti-Bot, Forensics & Threat Emulation)

This will definitely tell you with each EPS.msi package you have exported which blades will be installed. Please let me know if you have any other questions.


Justin Cortez
Technology Leader | Endpoint Cyber Security Products | Americas Endpoint Team

View solution in original post

0 Kudos
2 Replies
Chris_Atkinson
Employee Employee
Employee
‎2020-10-22 03:32 PM
Jump to solution

It sounds possibly like the source should double check their Virtual Groups & Deployment rules as seperate from the Endpoint Security Policy. Are they in fact crafting the relevant portions in each based on machine?

Note knowing the version of Endpoint Policy Manager may also be beneficial here.

CCSM R77/R80/ELITE
0 Kudos
jcortez
Employee
Employee
‎2020-10-23 06:30 AM
Jump to solution

You were close. The best way to see which software blades are included and will be installed in the EPS.msi package is using Orca. When you open our EPS.msi package in Orca you will see a Table in the left hand pane named 'Property'. Click on the 'Property' table and in the right hand pane look for 'USERINSTALLMODE'. This 'USERINSTALLMODE' will show you the Blade Mask of the EPS.msi package.

For example, I have a EPS.msi package I exported/created from my R80.30 EP MGMT Server with the Anti-Bot, Anti-Ransomware/Forensics and Threat Emulation Blades. So that is our client DA + 3 Software Blades. If I follow the same process above using Orca I can see that my 'USERINSTALLMODE' Blade Mask value is: 200705

With that you can then look at SK69040 and if you add up the Blade Mask value for each of those blades you get: 200705 (DA + Anti-Bot, Forensics & Threat Emulation)

This will definitely tell you with each EPS.msi package you have exported which blades will be installed. Please let me know if you have any other questions.


Justin Cortez
Technology Leader | Endpoint Cyber Security Products | Americas Endpoint Team
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events