Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Admin
Admin

Preventing Malicious Web Downloads at the Speed of Business TechTalk: Video, Slides, and Q&A

On 18th March 2020, @Jonathango , @einats , and @ranl gave a TechTalk about how you can prevent malicious web downloads using SandBlast.

Content available to CheckMates members:

Q&A from the session follows

How is Sandboxing Licensed? 

In our product, we refer to Sandboxing technology as Threat Emulation. It is part of the NGTX licensing bundle sold with or as an add-on to existing appliances.

Where does the emulation take place?

Emulation can either take place in the cloud or on specific on-premise appliances that must be purchased separately. You can explicitly configure where files are sent?

What Data is Sent to the Cloud during Emulation?

See our Cloud Services Security Statement.

Can you easily generate/run reports to indicate total file downloads, files scanned, sanitized & possibly identified as malicious, etc?

Yes, as part of SmartEvent.

Is this a replacement for standard Anti-Virus on the Client?

No, it is one of many technologies we provide as part of our Check Point Infinity approach, which provides multiple types of protection at multiple points in the environment.

In this session, we specifically covered what we can do on the gateway. We have a similar product that can be deployed on the client called SandBlast Agent which would be a replacement for a traditional AV client.

0 Kudos
1 Reply
Highlighted
Admin
Admin

Additional resources for the matter:

  1. Enabling the feature - R80.30 Admin Guide – Enabling Threat Extraction
  2. Customizing the Threat Extraction Banner added to files - SK142852 - Configuring the Threat Extraction Watermark feature
  3. End-user Education Video
  4. Administrator Access to Original Files - sk114629 - How to send original email after Threat Extraction scrubbed the email
  5. White Paper Explaining the Value as Presented – Available in this link
0 Kudos