cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question
Filip_Wennerhul
Filip_Wennerhul inside SandBlast Network Thursday
views 119 3

sandblast emulation optimzation

Hi,Is there a way to optimize Sandblast emulation for a single file when not in queue on a remote appliance? Like only emulate files once even if its not in queue or run both emulations paralell.Right now we have a Checkpoint GW and TE appliance. ...
Filip_Wennerhul
Filip_Wennerhul inside SandBlast Network Thursday
views 76 2

Filling var/log space due /opt/CPsuite-R80/fw1/tmp/dlp

Hi, anyone had an issue with not /var/log/opt/CPsuite-R80/fw1/CTX/CTX00001/tmp/dlp not being cleaned. The customer are running MTA and Sandblast remote emulation and this is filling up on the gateway. No sandblast agent. There is this sk11763...
CHINMAYA_NAIK
CHINMAYA_NAIK inside SandBlast Network 2 weeks ago
views 239 7 1

Block Malicious Unknown File type attachment (MTA) (TE) (R80.20)

SetupMGMT Server : Open ServerSecurity Gateway : 15600TE ApplianceMTA : EnabledRequirement : Our requirement is that Threat Emulation or Antivirus should drop the mail if any other or unknown extension is attach in the mail. (Currently Checkp...
CHINMAYA_NAIK
CHINMAYA_NAIK inside SandBlast Network 2 weeks ago
views 77 4

MTA malicious sites inside the | Mail Body | Mail Subject | Attachment [TE100x]

OS : R80.20 both Gateway and Management Server and also TE.TE Engine Version : 58.990000298 HotFix : R80.20 Jumbo Hotfix Take_33MTA : R80_20_mta Take 27BLADE: Threat Emulation | Threat Extraction | Antivirus | AntiBot  | IPS We...
Carlos_Machado1
Carlos_Machado1 inside SandBlast Network 2 weeks ago
views 69 6

Sandblast and Intel Virtualization Technology (VT)

Hello, community. I'm currently trying to deploy a few pods for a Sandblast Network workshop at my company, but I'm getting the following error about Intel Virtualization Technology not being supported.I read in the associated SK that local e...
amith_rao
amith_rao inside SandBlast Network 2 weeks ago
views 59 3

Remove Hyperlink from the Body of the mail

Hi, As we know that one of the Threat Extraction features offer removal of Hyperlink from the attachment of the mail. Similarly is it possible to remove the hyperlink from the body of the mail. If threat Extraction cannot do this ca...
Alessandro_Marr
Alessandro_Marr inside SandBlast Network 2 weeks ago
views 103 6 1

ICAP client on R80.20 and 3rd DLP Server Symantec

Hello  all, anyone could share a configuration example about using R80.20 as a client ICAP for a Web Prevent Symantec DLP Server?when I Trying the gateway doesn´t understand a message to block came from DLP server.Thanks. Regards. 
Shahar_Grober
Shahar_Grober inside SandBlast Network 3 weeks ago
views 591 23 8

SandBlast and links inside email

I have an ongoing case with TAC about emulation of links inside emails R80.10 with MTA take 25 Issue: TE doesn't block Links with PDF inside emails Scenario: I took a malicious PDF from the  Threat Emulation...
Miguel_Barrios
Miguel_Barrios inside SandBlast Network 3 weeks ago
views 62 1

Sandblast Appliance Sizing Guide

Is there any guide, SK or tool for properly do a sizing for the Check Point SandBlast TE Appliances in new customers (without TE Sizing Mode - sk93598)??? The datasheet previously showed "recommended users" per appliance and now only shows "perfor...
Michael_Goessma
Michael_Goessma inside SandBlast Network 4 weeks ago
views 327 10

R80.20 on TE100X - Recommended?

Hi,I have been asked to upgrade a TE100X system from R77.30 to R80.20.Our customer heard "rumors" that it will run a lot better with R80.20.I am careful with such things.Does anybody have a TE100X running with R80.20? Is it recommended by Checkpoi...
Wing_Chow
Wing_Chow inside SandBlast Network 4 weeks ago
views 35 1

F5 BIG-IP and Sandblast R80.20 ICAP Integration

Hi all,I need a help to know all about integration settings between F5 and Check Point, it always show in cli mode this messages "REQMOD reqmod 404", how can i configure in ICAP Server (Check Point) and ICAP Client (F5). Regards,
Shahar_Grober
Shahar_Grober inside SandBlast Network 4 weeks ago
views 87 4

MTA AV Exceptions

Hi, AV in MTA is blocking one of our emails coming from a trusted source This is a False positive. The only option I see to exclude the sender Mail Adress is in IPS profile --> Threat Emulation --> Excluded Mail Adresses. Is there a way to e...
Longson_Ho1
Longson_Ho1 inside SandBlast Network 4 weeks ago
views 46 2

Change the size of MTA log (/var/log/maillog) and export it as syslog

Hi all,My end user is using TE250X (Gaia R77.30) with MTA enabled to receive email traffic and doing threat emulation for mail attachment.It is found that the default size (5 MB) of /var/log/maillog  is not sufficient for high email volumes a...
Ploni_Almoni
Ploni_Almoni inside SandBlast Network a month ago
views 5701 12 5

Uploading file works on cloud but not local gateway

I'm using sandBlast api, when I upload to the cloud all is fine, but when I try to upload to local gateway I receive code:1008,label:BAD_REQUEST, message: Invalid Multipart/form requestWhy?I'm not sending cookie to local gateway, I'm using CS...