Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Chinmaya_Naik
Advisor

Sandblast Agent using TE Appliance (Solution)

Jump to solution

Dear All,

Question regarding Sandblast Agent

Setup:

Endpoint Server

OS: GAIA R77.30 with 143 hotfix and R77.30 Adds on package installed.

Blade Enabled:

1.Sandblast Agent Anti-Ransomware, behavioral guard and Forensics
2.Sandblast Agent Anti-Bot
3.Sandblast Agent Threat extraction and emulation

We use TE appliance for extraction and emulation (Local Emulation).

As per my understanding if I am downloading some file that may be exe, pdf, docs, etc then that file goes to TE appliance for emulation and extraction.

Question: Now suppose if I am transferring any malicious FILE through Pendrive or any external storage device then, can that particular file that I copy to my PC where sandblast agent is already installed, can it send to the TE appliance for extraction and emulation.

NOTE: We are not using Checkpoint Antimalware Balde.

Thank You

Regards
Chinmaya Naik

1 Solution

Accepted Solutions
G_W_Albrecht
Champion
Champion

Yes, see sk116381: SandBlast Agent Threat Emulation Appliance certificates installation

Also SandBlast Agent for Browsers can perform SandBlast Threat Emulation and SandBlast Threat Extraction on:

  • Check Point Threat Cloud
  • Security Gateway or TE Appliance running R77.30 with Jumbo Hotfix. Instructions are available at sk113599.

View solution in original post

2 Replies
G_W_Albrecht
Champion
Champion

Yes, see sk116381: SandBlast Agent Threat Emulation Appliance certificates installation

Also SandBlast Agent for Browsers can perform SandBlast Threat Emulation and SandBlast Threat Extraction on:

  • Check Point Threat Cloud
  • Security Gateway or TE Appliance running R77.30 with Jumbo Hotfix. Instructions are available at sk113599.

View solution in original post

Chinmaya_Naik
Advisor

Thank You Sir Smiley Happy

It's really a good feature I did the lab also and its work.

Thank You Smiley Happy

0 Kudos