cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
SandBlast Agent

SandBlast Agent is Check Point's Endpoint Protection and Threat Prevention solution.

Ami_Barayev1
inside SandBlast Agent Wednesday
views 92
Employee+

Endpoint Security / SandBlast Agent Newsletter - Version – E82.00 for macOS GA

Hi all, We are happy to announce the release of Endpoint Security Client E82.00 for macOS to general availability. E82.00 introduce new functionalities and quality improvements. The complete list of improvements can be found in the version release’s Secure Knowledge sk158913   Support for macOS Catalina E82.00 support the macOS version 10.15 AKA Catalina   Forensic support SandBlast Agent Forensics enables automated data analysis for detailed insights into threats: Continuously collects run-time events and occurrences in the system for effective forensics analysis. Automatically builds actionable Forensics reports with important attack information. Generate the full attack flow and automated remediation. Ease the security analyst work with ability to fully understand the attack, its impact and remediation actions taken. Integrates monitoring and investigation of security events through SmartEvent and SmartLog   Additional enhancement: New user interface aligned with the look-and-feel of SandBlast Agent for Windows This release includes stability, quality and performance fixes   
Kian_Ong_Tan
Kian_Ong_Tan inside SandBlast Agent Sunday
views 418 4

How to test if anti-bot feature of sandblast agent is working?

Hi everyone!I'm plan to do testing Anti-Bot software blade of sandblast agent from low to high confidence. Our endpoint security client is E82.20 windows client.I know there is Urls for gateway and some url for sandblast agent.Please kindly share me the urls if anyone know.Thanks
lkoh
inside SandBlast Agent 2 weeks ago
views 191 2
Employee

Microsoft SCCM

  A couples of questions in term of implementation. Can we configure Microsoft SCCM for automatic download SBA new Agents from Checkpoint sites. Can we upgrade SBA new agents using Microsoft SCCM. If yes, Please share the steps to do it. Can we configure SBA full package keeping the files in a remote location (Branch Location).
Ami_Barayev1
inside SandBlast Agent 2019-12-16
views 297 1 1
Employee+

Endpoint Security / SandBlast Agent Newsletter - Version – E82.00

Hi all,   We recently released SandBlast Agent E82.00!   E82.00 introduces new features, stability and quality improvements. The complete list of improvements can be found in the version release’s Secure Knowledge sk163233   BitLocker Management from SmartEndpoint BitLocker is a very popular full volume encryption feature included with Microsoft Windows versions. Due to its popularity we have integrated the management of BitLocker into SmartEndpoint to ease its operation to our customers and enable single management experience for endpoint security services. BitLocker management is available for data protection license endpoints with Full Disk Encryption service enabled. Note that single encryption method is supported, either Check’s Point Full Disk Encryption or BitLocker with the ability to switch between the two using Crossgrade Functionality. More information is available at BitLocker Management Administration Guide.   BitLocker management requirements: Endpoint Operating System –  Windows 10 Pro and Enterprise editions E82.00 R80.30 with the BitLocker Management Hotfix sk163297       New Detection Techniques E82.00 introduces new enhancements to the Behavioral Guard to detect and prevent complex Meterpreter/reverse shell and RDP Brute Force attacks. Reverse shell attacks obtain control over a compromised system, an attacker usually aims to gain interactive shell access for arbitrary command execution which is very complex to detect.   The detections is currently deployed is silent mode and will be activated in a later stage.   Important Note: If you’re participating in a POC, security lab evaluation or penetration test of SandBlast Agent, please contact us to activate these detection enhancements as we know pen-testers love such attacks J   VPN's Post Disconnect FeatureThe post disconnect script feature allows users to run scripts on client computers after disconnections from gateways. Please refer to the Revision History of Remote Access for Windows Administration Guide.     Best Ami.B  
PrinceJames12
PrinceJames12 inside SandBlast Agent 2019-12-15
views 203 1 1

Hello Guys

I am New in this platform. Please Can someone take me through threat Prevention extraction on how to Install it? 
Ami_Barayev1
inside SandBlast Agent 2019-12-09
views 333
Employee+

Endpoint Security / SandBlast Agent - Version – E82.00 for macOS Early Availability

Hi, SandBlast Agent E82.00 for macOS is available for Early Availability. E82.00 for macOS introduces new features, stability and quality improvements. The complete list of improvements can be found in the version release’s Secure Knowledge sk158913 Main Features are: SandBlast Agent E82.00 support macOS Catalina (10.15) Support of SandBlast Agent Forensics which enables automated attack analysis. Continuously collects data about user systems for later Forensics use. Automatically builds actionable Forensics reports with important attack information. Integrates monitoring and investigation of security events through SmartEvent and SmartLog New user interface, aligned with the look and feel of the SandBlast Agent for Windows   Supported services (Blades) in this version Remote Access VPN Firewall for desktop security Compliance Native Encryption Management Threat Emulation Anti-Ransomware Please note that the additional services (Blades), will be supported in the General Availability release.
Chinmaya_Naik
Chinmaya_Naik inside SandBlast Agent 2019-11-28
views 303 4 1

Checkpoint Sandblast Agent need to connect when in Roaming

Hi Team,Our requirement is to connect the Endpoint Security Management Server when the machine is outside of the organization. Like the machine should communicate to the Endpoint Management Server using public internet. So the Administrator able to see the live logs from the Management console.Some Few Solution:1. We can deploy Endpoint Security Management Server on Cloud. (Cloud Management for SandBlast Agent)(sk117536).2. We can use Remote Access VPN to able to communicate with the Endpoint Management Server which required additional Checkpoint Security Gateway to establish a tunnel or we also use the third party remote VPN solution if the customer is not using CP security Gateway.The reason that not feasible the above solution for Some customer:-Reason 1: Customer is not ready to deploy on the cloud Because they already have enough resources to deploy Endpoint Security Management Server On-premises.Reason 2: Most of the user are staying outside of the organization and also they don't have much idea that every time connects to the Endpoint Server using VPN. NOTE: Some of the other vendors such as Symantec is using one feature that gives you an option to define the public IP on the Management Server console with any PORT as per our choice. Also, that same PORT needs to define allow on the Internet-facing Firewall with Static NAT configuration so if the customer is outside of the organization able to communicate with Server without the need of any VPN solution. So My query is that, Is there any alternate solution that we able to communicate with the Endpoint Management Server when on outside of the organization. Regards@Chinmaya_Naik      
Gerry_Locke
Gerry_Locke inside SandBlast Agent 2019-11-21
views 291 2

The first time it was funny.....

The first time this happened I just had a bit of a laugh. Subsequent times made me question the effectiveness of Checkpoint.I have just done a fresh install of Windows on a Surface Pro. After the image was applied, I logged onto the device for the first time......and almost immediately I got a Checkpoint popup telling me that 18 files had been harmed by a ransomware attack and been quarantined. I clicked the link to show me that 18 files that had been quarantined.......only to find they all had names along the lines of 'checkpoint curriculum vitae-don'tdelete.pptx' or 'sandblast zero-day-funddon't-delete.txt'.I am not the Checkpoint administrator in my organisation, so my understanding of Checkpoint is fairly limited, but I believe these are honeypot files placed on my C drive by Checkpoint? I don't know if this is an indicator of the quality of Checkpoint - they have created honeypot files so convincing that it managed to fool itself, or an indicator of the lack of quality of Checkpoint - it doesn't know the difference between a real ransomware infection and it's own honeypot files. Either way doesn't really fill me with a lot of confidence.And on the subject of the honeypot files, we have had the odd user - admittedly only 1 or two - who have had gigabytes of these honeypot files placed in their user profiles. This causes major problems for users with roaming profiles!
Jan_Kleinhans
Jan_Kleinhans inside SandBlast Agent 2019-11-11
views 275 2 1

Sandblast Agent for Browsers Licensing

Hello,how to license SBA4B? At the moment we have Security Gateways with TE Cloud subscription.Can we install and use the SBA4B for free or do we need a license per PC?Best regards,Jan
Nbto
Nbto inside SandBlast Agent 2019-11-08
views 273 1

Environment actualization - order of devices update

Hello, Im planning to update my CHP enviroment from R77.30 to R80.xx. But the question is what's the order of update devices. Should I update first MGMT, next FW and then SandBlast ? Or it doesn't matter ? Thanks mates,Nbto
Baasanjargal_Ts
Baasanjargal_Ts inside SandBlast Agent 2019-11-04
views 341 2

How to choose Sandblast Agent Cloud Management server location.

I can't choose which one is better, in portal.checkpoint.com Sandblast Agent Cloud Management has 2 server location. US and Europe, Which city located that servers. I don't know which is better with us.
Baasanjargal_Ts
Baasanjargal_Ts inside SandBlast Agent 2019-10-31
views 296 2

siblSandblast Endpoint stop for temporary

Hello,Is it possible to stop temporary Sandblast Agent Endpoint. /From endpoint or From SmartEndpoint server/
Lincoln_Webber
Lincoln_Webber inside SandBlast Agent 2019-10-30
views 385 2

Sandblast Agent and Symantec Co-existence

Guys,Are there any known compatibility issues with deploying Sandblast Agent to machines with Symantec Endpoint Security?
Ami_Barayev1
inside SandBlast Agent 2019-10-16
views 236
Employee+

SandBlast Agent Catalina macOS - early availability during Nov'

Hi all, Follow up Catalina macOS release, please note that we are working on a new endpoint client to support Catalina macOS. An early availability version is planned to be released during early November. Our motivation is to expedite the availability of the release to even prior to November, we will update once it will be ready.
Baasanjargal_Ts
Baasanjargal_Ts inside SandBlast Agent 2019-10-14
views 322 2

Sandblast agent Endpoint installation error

Is it possible to deploy Sandblast agent Endpoint by Standalone deployement (without Endpoint server;).I have download Standalone client downloaded. And trying to install Master_FULL_x64 exe file. But it gives that error.