cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post

Detect Client's App or Service Request To Malicious Website

Dear All,

I have one concern from my client as they tracked on SmartTracker and SmartEvent and see some traffics from client to malicious URL in the network. And we want to know which application or which service are performing this action? So any idea or recommend on Checkpoint firewall or endpoint protection that we can see kind of this log? As on SmartEvent or SmartTracker we saw only source and malicious URL.

Thanks!

0 Kudos
3 Replies
Admin
Admin

Re: Detect Client's App or Service Request To Malicious Website

Are you running SandBlast Agent on the Endpoint?

If so it would be possible to run a forensics report to see what on the Endpoint reached out.

0 Kudos

Re: Detect Client's App or Service Request To Malicious Website

Hello Dameon,

Thanks for your reply. Actually, we don't have SandBlast Agent on endpoint. I just looking for any way that we can show on Checkpoint firewall based on our current environment of Threat Prevention or on SmartEvent.

0 Kudos
Admin
Admin

Re: Detect Client's App or Service Request To Malicious Website

Unless you had an agent on the endpoint tracking what process issued what request, how would the gateway or the management know?

Also, how would an on-premise gateway protect an endpoint when it is outside your corporate perimeter?

This is why we offer SandBlast Agent (among other solutions) and they are meant to work together.

0 Kudos