- CheckMates
- :
- Products
- :
- Infinity Global Services
- :
- NDR
- :
- Re: NDR Smart Intel User Guide
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Infinity NDR Intel User Guide
The attached document provides detailed instructions on the use of the Check Point Infinity NDR Intel facility for threat indicator (IOC) management.
Among other fun activities, you'll learn how to:
- Use Smart Intel to manage IOCs at scale
- Deliver IOCs not only to Check Point Gateways but 3rd party firewalls as well!
- Configure automated input feeds
- Manage Snort rules using a user-friendly User Interface, including automated error checking!
- Control indicator output of the NDR Behavioral Analytics AI engines
- Integrate the NDR platform with CMDB systems
Labels
- Labels:
-
intelligence
3 Replies
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Updated November 18th, 2021 with the following information:
- Clarifications for delta feed vs. full feed behavior in relation to indicator expiration
- Added example for feed integration with Fortigate
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Updated December 15th, 2021 with the following information:
- Document aligned with new Check Point Infinity NDR branding
- Added reference to IPv6 indicator support
- New "GENERATE USER-FRIENDLY URLs" feature allows customers to share feeds with other customers
- Policies consolidated into input feed definition
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Updated May 6th, 2022 with the following information:
- Added Multi-type CSV/list input feed type - for PAN XSOAR support
- Added IOC Harvester input feed type - IOC extraction from Check Point Anti-Virus/Anti-Bot/Threat Emulation logs
- Added "Minimum confidence" selector for input feed policy PREVENT mode
