This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Chris_Butler
Collaborator
‎2017-11-08 02:45 PM

What does the SNX limitation in E80.70 mean?

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

There is a known limitation in the Sandblast client heading that DOES NOT HAVE A LIMITATION ID TO SEARCH ON

SandBlast Agent
02524725Zero-Phishing logs have the action Detect instead of Prevent.
02522863There is a long delay in emulation for files downloaded with Mozilla Firefox.
02526247When a file is extracted on a Threat Emulation appliance that uses the Internet Explorer SandBlast Browser Extension, the file does not download to the user's computer.
02522887There is no Emulation Report for files downloaded with Internet Explorer or Mozilla Firefox.
02515394When using a Threat Emulation appliance, there are no screenshots in Emulation Reports.
02529246.EXE Files with certificate excluded from remediation are still quarantined.
 

SNX is not compatible for SandBlast Agent Anti Bot or Forensics blades

What does this mean? We use SNX  with the Mobile Access SSL client, authenticated with SecurID and RSA.

It works fine now, but I am about to deploy CP Endpoint Security full with Sandblast, replacing our Symantec Endpoint Protection suite.

Where is the incompatibility? On the machine running SNX?

The computers on which SNX will be running are employee's personal home computers and they are running their own Antivirus packages, not CheckPoint.

However we do test authentication and connection here for users we add or recreate in Mobile Access and RSA using the sole company laptop, which WILL be running CheckPoint Endpoint Security including Anti Bot and Forensics.

Check Point R&D API Teamhttps://community.checkpoint.com/community/threat-prevention/sandblast-agent-endpoint

4 Replies
PhoneBoy
Admin
Admin
‎2017-11-09 05:26 PM

The way I read this is that SNX is not compatible with systems have SandBlast Agent, Anti-Bot, or Forensics installed on them.

Which makes sense, if you think about it, as you use SNX on systems that are not under corporate control typically and SBA et. al. on systems that are.

Chris_Butler
Collaborator
‎2018-11-08 07:32 AM
In response to PhoneBoy

Do you know if this is still a limitation? Or likely a permanent limitation?

I am not sure how I would easily look this up myself, as "known limitations" for any release is not a cumulative list, so going to the latest endpoint client and looking there does not tell me anything. It seems I would have to go through each and every release from 80.71 on and look at the What's New section of each to find out if a known limitation is still an issue.

0 Kudos
PhoneBoy
Admin
Admin
‎2018-11-08 07:49 AM
In response to Chris_Butler

If you require SNX to be supported with SBA, you should communicate this through your local office.

Documented Known Limitations are typically brought forward with each release either as:

  • Something previously known
  • Something that is fixed in a given version 

However, at least for Endpoint, there doesn't appear to be a single list that contains all of the issues.

Something we have done for R80.20(.M1): R80.20 GA and R80.20 Management Feature Release Known Limitations 

Ronen Zel‌ think we can get a consolidated "Known Limitations" SK for Endpoint releases similar to the R80.20 Known Limitations SK?

0 Kudos
Ronen_Zel
Mod
Mod
‎2018-11-10 10:58 PM
In response to PhoneBoy

Almost every new release is usually released with what we call "Release Kit SKs": A home page sk, a known limitations, and a resolved issues one. Endpoint Security Server is part of the main-train releases for quite some time now, and therefore its limitations will appear in the main-train's known limitations sk. For example, R80.20 GA and R80.20 Management Feature Release Known Limitations.

Endpoint Security Client has its own set of release kit SKs, which is not part of the main-train release. Since client releases are usually relatively small, in most cases their home pages already include the known limitations and resolved issues lists. For example see the latest Enterprise Endpoint Security E80.88 Windows Clients released a few days ago.  

I believe the last time we had a client release with a dedicated known limitations sk was with E80.71.

I will forward the feedback above to the relevant Project Managers and see if they agree to aggregate all limitations in one place (as well as commit to update it with each new release...).

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events