This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Chinmaya_Naik
Advisor
‎2018-11-13 09:58 PM
Jump to solution

Sandblast Agent using TE Appliance (Solution)

Dear All,

Question regarding Sandblast Agent

Setup:

Endpoint Server

OS: GAIA R77.30 with 143 hotfix and R77.30 Adds on package installed.

Blade Enabled:

1.Sandblast Agent Anti-Ransomware, behavioral guard and Forensics
2.Sandblast Agent Anti-Bot
3.Sandblast Agent Threat extraction and emulation

We use TE appliance for extraction and emulation (Local Emulation).

As per my understanding if I am downloading some file that may be exe, pdf, docs, etc then that file goes to TE appliance for emulation and extraction.

Question: Now suppose if I am transferring any malicious FILE through Pendrive or any external storage device then, can that particular file that I copy to my PC where sandblast agent is already installed, can it send to the TE appliance for extraction and emulation.

NOTE: We are not using Checkpoint Antimalware Balde.

Thank You

Regards
Chinmaya Naik

1 Solution

Accepted Solutions
G_W_Albrecht
Legend Legend
Legend
‎2018-11-14 02:24 AM
Jump to solution

Yes, see sk116381: SandBlast Agent Threat Emulation Appliance certificates installation

Also SandBlast Agent for Browsers can perform SandBlast Threat Emulation and SandBlast Threat Extraction on:

  • Check Point Threat Cloud
  • Security Gateway or TE Appliance running R77.30 with Jumbo Hotfix. Instructions are available at sk113599.
CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

View solution in original post

2 Replies
G_W_Albrecht
Legend Legend
Legend
‎2018-11-14 02:24 AM
Jump to solution

Yes, see sk116381: SandBlast Agent Threat Emulation Appliance certificates installation

Also SandBlast Agent for Browsers can perform SandBlast Threat Emulation and SandBlast Threat Extraction on:

  • Check Point Threat Cloud
  • Security Gateway or TE Appliance running R77.30 with Jumbo Hotfix. Instructions are available at sk113599.
CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
Chinmaya_Naik
Advisor
‎2018-11-18 10:31 PM
In response to G_W_Albrecht
Jump to solution

Thank You Sir Smiley Happy

It's really a good feature I did the lab also and its work.

Thank You Smiley Happy

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    Top