This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
G_W_Albrecht
Legend
Legend
‎2023-05-10 03:11 AM

Low Memory Mode w. Endpoint Security E87.30 Windows Clients

The newest Endpoint Security E87.30 Windows Clients have a new feature:

Behavioral Guard
EPS-50725 NEW: Added Low Memory Mode, which reduces memory consumption. Note that this mode may change the security level because it is based on a smaller amount of signatures.

 

We can enable it here:

Bildschirmfoto 2023-05-10 um 12.16.17.png

We can use this new feature when configuring a package for export:

Min1.png

Now we can enable the Minimize Package size option and select the Anti-Malware Settings signature profile footprint:

Min2.png

I would think that Minimum signatures means only most important signatures, but when selecting none, at least part of Anti-Malware blade gets disabled.

Is there any detailed information available, e.g.:

Which kind of signatures are included ?

Which kind of signatures are not included ?

Is this Behavioral Guard or AV or what ?

@Chris_Atkinson any internal hints 😉

CCSE CCTE CCSM SMB Specialist
4 Replies
G_W_Albrecht
Legend
Legend
‎2023-05-11 07:15 AM

Any idea, @BarYassure ?

CCSE CCTE CCSM SMB Specialist
0 Kudos
MikeB
Advisor
‎2023-05-12 07:55 AM
In response to G_W_Albrecht

Hi @G_W_Albrecht.

If I'm not mistaken, the option to include the anti-malware signatures when configuring a package for export has been available for some time and I would understand that it refers to whether or not the installer package includes the signatures at deployment time. This makes the installer more or less large in size. If configured without signatures, at the end of the installation the agent downloads them, while if configured complete, the agent has much less to update.

I'm not sure if this is related to the new "low memory mode" in Behavioral Guard.

 

0 Kudos
G_W_Albrecht
Legend
Legend
‎2023-05-12 12:19 PM
In response to MikeB

I am also not sure - that is the reason of my post 😎

> Note that this mode may change the security level because it is based on a smaller amount of signatures.

Does not sound like all will be downloaded. The TinyClient Package is used to make the installer less large in size and download the rest in parts.

CCSE CCTE CCSM SMB Specialist
0 Kudos
anstelios
Collaborator
‎2023-05-15 01:48 AM
In response to G_W_Albrecht

"Note that this mode may change the security level because it is based on a smaller amount of signatures."

 

This  warning is about "low memory mode" as shown in Behavioral Protection advanced settings and it's not related to export package options.
"Included Signatures" in "Minimize package" has been available for a long time now and it should reduce the the size of the exported package and not the security effectiveness of the client since all signatures would be downloaded after installation.

A verification of the above from a CP representative would be appreciated.

Also we would like to know what kind of signatures are disabled in low memory mode..

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events