cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question
Valeri_Loukine
inside SandBlast Agent Friday
views 95
Admin

White Paper - Minimizing SBA Notifications with Check Point GuiDBedit

Author @Krzysztof__Chri Abstract: In some cases, customers needs to minimize notifications to end user as they may get overwhelmed with the notifications. This document will allow you to minimize SBA notifications by modifying the policy using Check Point Database Tool (GuiDBedit).
Shahar_Grober
Shahar_Grober inside SandBlast Agent 2 weeks ago
views 521 6

Sandblast Agent end-user guide

Hi, I am looking for Sandblast Agent user guide which explains for End-users how to work with SandBlast agent (SBA for browsers, TE/TEX on the endpoint) Is there such an animal?
Dan_Roddy
Dan_Roddy inside SandBlast Agent 3 weeks ago
views 753 5 2

Internet Exlplorer is not a browser according to Microsoft

If the intended use of IE is for legacy applications, we really need Sandblast support for Edge.Here is what Microsoft is saying about IE:"Is Internet Explorer (IE) a browser? According to Microsoft, no. Today, it's a 'compatibility solution' for enterprise customers to deal with legacy sites that should be updated for modern browsers.Chris Jackson, Microsoft's worldwide lead for cybersecurity, really doesn't want enterprise customers to use IE for all web traffic, even though for some organizations that would be the easiest option.Companies in that situation are willing to take on 'technical debt', such as paying for extended support for a legacy software, but that habit needs to stop in the case of IE, argues Jackson in a new blog post, 'The perils of using Internet Explorer as your default browser'."credit goes to ZDnet for this piece: https://www.zdnet.com/article/microsoft-security-chief-ie-is-not-a-browser-so-stop-using-it-as-your-default/
ISA_License_Adm
ISA_License_Adm inside SandBlast Agent 2019-04-19
views 480 1

Sandblast Endpoint R80.20 partitioning assistance

Hi, I'm looking for some assistance around partition sizes when deploying the Sandblast agent to around 4000 users. I received feedback on roughly the size of the mgmt. and policy servers but nothing on the partitioning on the mgmt server. I'm fairly new to the Sandblast agent and need some guidance in how to partition the mgmt. and proxy servers.Specs for the mgmt. server would be a VM with 8 cores, 64Gb of ram and a 1TB HDD. Any help would be greatly appreciated. Regards,Ernest
Sanja_Rakic
Sanja_Rakic inside SandBlast Agent 2019-04-12
views 40

SandBlast agent Authentication

Hello everyone,I am facing issues with setting active directory authentication.These issues are consequence of configuration steps that cannot be done on domain controller, so this is not the question. I just want to know what are the consequences if working in authenticated mode is not set? What are exact security risks?Best regards,Sanja
Gad_Naveh
inside SandBlast Agent 2019-03-31
views 143 3
Employee+

LockerGoga from Norsk Hydro Analysis

#Edited# , a recording of the Threat Gazette Live session on the Norsk Hydro Cyber Attack and SandBlast Agent prevention for it is now available. The ongoing Cyber Attack on Norsk Hydro is changing fronts, adding fraud attempts that are trying to leverage the still not fully operational enterprise, still suffering from a cyber attack that started on March 19th . For more details you can join @Marcel_Afrahim and myself for the Threat Gazette Live on April 1st, scroll down for details. The following initial analysis by @Marcel_Afrahim shows LockerGoga is using multi process operation, where each process encrypts a few files. This is done to bypass detection and work in parallel together with having a separate decryption key for every bunch, supposedly to make it harder to break. You can deep dive and analyze the malware yourself using its online SandBlast Agent forensic report. Here is a view to the multi process using SandBlast Agent forensic report: The main process doesn't try to move laterally, suggesting an initial dropper insert it. On execution it enumerates the files and executes a child process to encrypt each bunch. After that he will cut the computer communication. Join Threat Gazette Live on April 1st to hear more, click a link for your preferred webinar time: Click to Register for the 8 a.m. GMT for EMEA and APAC Click to Register for the 11 a.m. EST for Americas Thanks, Gadi
Ami_Barayev1
inside SandBlast Agent 2019-03-25
views 94 1
Employee

Endpoint Security / SandBlast Agent Newsletter - Version – E80.92 & E80.94

We are happy to announce SandBlast Agent E80.94 Additional information can be found in below link: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk147532&partition=General&product=Endpoint
Adnan_Pajalic
Adnan_Pajalic inside SandBlast Agent 2019-03-19
views 157 4

R77.30 sandblast to new virtual machine

Hello,i have a customer that have r77.30 management server with sandblast. It is currently running in vmplayer as a virtual machine.We want it to migrate to ESX as a new virtual management center running r77.30.My question is , how much problems can i encounter if i make a clean install of r77.30 with sandblast if we have around 200 workstations with sandlast agents running.Do i need to reinstall agents with new server or will they automatically be registered if the IP address of management center remains the same ?
Tal_Eisner
inside SandBlast Agent 2019-03-07
views 108 1
Employee+

Check Point SandBlast Agent Earns ‘NSS Labs Recommended’ Rating in 2019 Advanced Endpoint Protection Test

NSS Labs, Inc. released results for their Advanced Endpoint Protection test and recognized Check Point SandBlast Agent as NSS Recommended, our debut appearance in this report. This achievement marks our first NSS Recommended rating this year and our 18th NSS Recommended rating since 2010.The results establish SandBlast Agent as a comprehensive endpoint protection solution and core component of our Check Point Infinity architecture. This latest achievement helps reinforce the Check Point Infinity vision of delivering effective and efficient security to our customers across all vectors – network, mobile, cloud, and the endpoint.AEP Test highlights:100% HTTP block rate100% Email block rate100% Offline threats block rate100% Evasions block rate0% False positives@@Get the Report
Tim_McColgan
Tim_McColgan inside SandBlast Agent 2019-03-07
views 265 4 4

Sandblast for browsers and continual running processes

Has anyone seen with sandblast for browser agents continuing to run the iexplore.exe process even when Internet explorer windows/tabs are closed?
CHINMAYA_NAIK
CHINMAYA_NAIK inside SandBlast Agent 2019-03-01
views 455 3 1

Internet Explorer is Slow working (Sandblast Agent)

Dear All,OS: R77.30Package: E80.84 Local Emulation.We face an issue with the SandBlast agent that IE (Internet Explorer) is working slow.We face the issue on most of the machine.Below is my concern.1. Because of the proxy as we face the challenge on Sandblast agent in IE?2. Because of the third party antivirus is causing the issue?3. Because of the third party antimalware cause the issue.4. Because of the E80.84 package have challenges. Please help to resolve the issue #Chinmaya NaikNetwork Security Engineer, QOS Technology Pvt Ltd, INDIA
Serhii_Yaholnyt
Serhii_Yaholnyt inside SandBlast Agent 2019-03-01
views 890 10 2

Password Reuse testing

I need to test #password_reuse function on SandBlast Agent for browser, but I can not find enough information about it. My client computer is in AD domain, I've entered into my internal RDWeb Access page with AD credentials few times to make my Agent store my password, but I still can use it anywhere in internet without alerting or logging. What makes SBA for browser record my internal password and in what situation it would alert/log? (Policy is configured correctly and SandBlast Agent for browser is installed automaticaly after installing SandBlast Agent dwonloaded from SmartEndpoint Server -> Packages For Export.)
Arun_R
Arun_R inside SandBlast Agent 2019-02-27
views 105 1

how to export endpoint agents with latest Anti-malware version

Hi all,I have recently deployed Endpoint Server with R80.20 and take_33 (Note: Check_Point_EP_AM_updater_T16_sk127074_FULL.tgz).Recently I noticed when I am exporting the EPS package from endpoint server it comes with old Anti-malware version even though my endpoint server has the latest one.Is there is any way that I can export the Agent with latest anti-malware version.?- Arun.R
Jose_Ferreira
Jose_Ferreira inside SandBlast Agent 2019-02-25
views 158 3 3

Disable Threat Protection in Mac OS

We have Endpoint Security (80.89.0076) in Mac computers, and users can disable the Threat Protection by selecting "QUIT" in the agent menu.Is there anyway to prevent it?Can I set a password to protect agent?tks