This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Herson_A
Participant
‎2019-09-12 12:43 AM
Jump to solution

SmartEndpoint changing the number of total endpoints

Each day I open the SmartEndpoint I found different totals of endpoint installed, sometimes it goes up and sometimes goes down.

What could be the reason for that, as I need to send a report to my CISO every week.

How does heartbeat work to check if a machine is alive? 

0 Kudos
1 Solution

Accepted Solutions
G_W_Albrecht
Legend Legend
Legend
‎2019-09-12 03:24 AM
In response to Herson_A
Jump to solution

So i would use the Activity Reports group that includes these endpoint and Endpoint Policy Server status reports: 

Endpoint Connectivity - Shows the last time each endpoint computer connected to the network. 

Endpoints with Not Running Blades - Shows the status of components for users and endpoint computers. You can use this report to see which components are running or not running. 

Protected by Endpoint Security - Shows if endpoint computers are protected by Endpoint Security. 

You can sort by status: 

Unprotected Computers - Computers that do not have the Endpoint Agent installed. 

Unassociated Users - Users who were identified in the Directory scan but did not log on to a computer with Endpoint Security. 

Endpoint Installed - Computers that have the Endpoint Agent installed. 

Endpoint Policy Server Status - Shows Endpoint Policy Server status (Active or Not Active) 

Endpoint Connectivity by External Policy Server - Shows which Endpoint Policy Server each endpoint communicates with. 

See Endpoint Security Administration Guide R80.30 p.34f for details.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

View solution in original post

5 Replies
G_W_Albrecht
Legend Legend
Legend
‎2019-09-12 02:26 AM
Jump to solution

Why did you ask this question in Developers > API / CLI Discussion and Samples ? I would rather use Endpoint Security Products instead !

Different totals of Endpoints installed is strange - connected / disconnected is the usual numbers game...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Herson_A
Participant
‎2019-09-12 02:31 AM
In response to G_W_Albrecht
Jump to solution

Thanks for the reply G_W_Albrecht, I didn't notice.

 

I will pay attention next time.

 

0 Kudos
Herson_A
Participant
‎2019-09-12 03:17 AM
In response to G_W_Albrecht
Jump to solution

Well all of them were connected and suddenly the number of machine has changed in a time period of a week.

I had 2204 machine installed with SandBlast Endpoint and now more than 100 machines are missing.

 

Is there a funtionality were checkpoint detach a machine from smartendpoint if that machine does not respond to heartbeat like in symantec? I remember symatec had 90 days rule to detach a machine.  

0 Kudos
G_W_Albrecht
Legend Legend
Legend
‎2019-09-12 03:24 AM
In response to Herson_A
Jump to solution

So i would use the Activity Reports group that includes these endpoint and Endpoint Policy Server status reports: 

Endpoint Connectivity - Shows the last time each endpoint computer connected to the network. 

Endpoints with Not Running Blades - Shows the status of components for users and endpoint computers. You can use this report to see which components are running or not running. 

Protected by Endpoint Security - Shows if endpoint computers are protected by Endpoint Security. 

You can sort by status: 

Unprotected Computers - Computers that do not have the Endpoint Agent installed. 

Unassociated Users - Users who were identified in the Directory scan but did not log on to a computer with Endpoint Security. 

Endpoint Installed - Computers that have the Endpoint Agent installed. 

Endpoint Policy Server Status - Shows Endpoint Policy Server status (Active or Not Active) 

Endpoint Connectivity by External Policy Server - Shows which Endpoint Policy Server each endpoint communicates with. 

See Endpoint Security Administration Guide R80.30 p.34f for details.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
PhoneBoy
Admin
Admin
‎2019-09-12 09:14 AM
In response to Herson_A
Jump to solution

We do remove systems we haven't seen in 30+ days.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events