This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have one, create one now for free!
pfilipe
Participant
‎2021-10-20 04:33 AM

Firewall with SCV WindowsSecurityMonitor

Jump to solution

Hello Everyone,

 

So i Need a litle help, i am setting up a SCV for Endpoint when they connect to VPN.

One of the things i need is for the SCV check for WindowsSecurityMonitor : VirusProtection, WindowsUpgrade, SpywareProtection and NetworkFirewall.

 

The things is when i connect with the Firewall disabled it continues to say that i am compliant with the Site. On the other end VirusProtection Works Fine.

 

This is the Configuration i am using.

: (WindowsSecurityMonitor
:type (plugin)
:parameters (
:VirusProtectionRequired (true)
:VirusProtectionRequiredMismatchMessage ("Please verify that your virus protection is up to date and virus scanning is on.")
:VirusProtectionInstalledPrograms ("any")
:VirusProtectionInstalledProgramsMismatchMessage ("There is no anti-virus program installed on the machine.")
:WindowsUpdateRequired (true)
:WindowsUpdateRequiredMismatchMessage ("Please make sure that windows automatic updates is turned on")
:SpywareProtectionRequired (true)
:SpywareProtectionRequiredMismatchMessage ("Please verify that your spyware protection is turned on.")
:SpywareProtectionInstalledPrograms ("any")
:SpywareProtectionInstalledProgramsMismatchMessage ("There is no anti-spyware program installed on the machine.")
:NetworkFirewallRequired (true)
:NetworkFirewallRequiredMismatchMessage ("Please verify the your network firewall is turned on.")
:NetworkFirewallInstalledPrograms ("any")
:NetworkFirewallInstalledProgramsMismatchMessage ("There is no network firewall program installed on the machine.").

 

Captura de ecrã 2021-10-20 122838.png

Sem Título.png

Does anyone have any clue why this is happening? Is there any proccess i should monitor?

 

Best Regards,

Pedro Filipe

 

0 Kudos
1 Solution

Accepted Solutions
_Val_
Admin
Admin
‎2021-10-20 11:50 PM
In response to pfilipe

Jump to solution

I believe you need to install Remote Access VPN client and not Endpoint Client. Look into sk175451 under "StandAlone Clients"

View solution in original post

6 Replies
_Val_
Admin
Admin
‎2021-10-20 05:38 AM

Jump to solution

Make sure you do not use endpoint policy and FW blade on the Endpoint client itself. 

0 Kudos
pfilipe
Participant
‎2021-10-20 06:48 AM
In response to _Val_

Jump to solution

Hello @_Val_ ,

 

Yes i have the FW blade on the Enpoint enable on the client. Once i turn i disable it i get the error for the Windows Firewall.

Is there anyway i have the FW Blade enabled but still checks for the windows Firewall?

 

Thanks

0 Kudos
_Val_
Admin
Admin
‎2021-10-20 07:40 AM
In response to pfilipe

Jump to solution

I do not think so. Once Endpoint client has a policy, it counts for a FW. Also, having two separate FWs on a client is not a good idea.

0 Kudos
pfilipe
Participant
‎2021-10-20 09:22 AM
In response to _Val_

Jump to solution

And how can i disable completely the FW Blade, since i only find a way that the users disable it. I would like to disable it globally and not giving the chance do enable/disable.

 

Thanks

0 Kudos
_Val_
Admin
Admin
‎2021-10-20 11:50 PM
In response to pfilipe

Jump to solution

I believe you need to install Remote Access VPN client and not Endpoint Client. Look into sk175451 under "StandAlone Clients"

pfilipe
Participant
‎2021-10-21 03:19 AM
In response to _Val_

Jump to solution

Yeah thats it, you need as well to make true the SCVGlobalParams ( :skip_firewall_enforcement_check (true))

Thank you!

 

If anyone needs the SCV i will leave it here.

local.zip
0 Kudos