cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
SandBlast Network

This space is where you can discuss SandBlast Advanced Network Threat Prevention for Security Gateways.

jh00nbr
jh00nbr inside SandBlast Network a week ago
views 167

Checkpoint SMB locally managed 1490 - VPN SITE-TO-SITE - Two ISPs Links HA

      Hey Guys I'm closing a S2S VPN with a Sonicwall, and I'm having some problems with the SMB 1490 Locally managed when closing the tunnel with two ISPs Links enabled, it just doesn't close. When I disable the second link (DMZ) the VPN closes the tunnel normally, when it is connected it does not work.I have already set up a static route forcing it to exit through the VPN peer remote gateway, even so it didn't work. What can be happening?  
Rui_Gomes2
Rui_Gomes2 inside SandBlast Network 2 weeks ago
views 211 1

R80.40 TE1000X Image Problem

Hi,Upgraded from R80.30 to R80.40.After the upgrade I get the following message in Device & License Information regarding Threat EmulationError: Threat Emulation update failed, cannot download Hps Ready Image. Got empty list of available files from download center, and we expected to get files in this type of update. Any one with the same issue? Regards   
HUNT_LEE
HUNT_LEE inside SandBlast Network 2 weeks ago
views 216 2

Sandblast

Hi all,I understand that Sandblast is a technology to protect internal corporate users from file attachments, and it seems that it needs a dedicated device for it e.g. TE 2000X.However, if I have an external facing web-server, and there will be public users from the Internet "uploading" files to this new web server.Should I use Sandblast to protect the web server? Or is there another technology i should use to scan / filter malicious attachment being uploaded by users from the Internet to my Web-server?Cheers,Hunt
GGiorgakis
GGiorgakis inside SandBlast Network 3 weeks ago
views 398 6 1

Can you manually block url through ANTI-BOT?

Can you manually block url through ANTI-BOT?
RoD
RoD inside SandBlast Network 2020-01-18
views 243 2

Privacy and TE100X

Hi,We have plan to buy TE100x for our firm.My primary concerns is about privacy,if I understand well all SandBlast Threat Emulation is done on site (TE100X) not in the cloud ?About TE100X and Threat Emulation, Treat Extraction and Threat Prevention,all this services is running on volatile memory 16GB, or on non-volatile memory (Hard Disk) ?Also about HTTPS inspection, we received about 80% email and files from GoDaddy server (secureserver.net- SSL or TSL) other 20% email and files we received from Gmail,Yahoo email and Outlook.com email server.My question is these any troubleshooting about receiving email from these server and HTTPS inspection on TE100x ?Thanks
RAGHU_K
RAGHU_K inside SandBlast Network 2020-01-08
views 459 5 4

MTA on Cluster HA Setup

Hi!,I have 2 queries regarding the MTA configured on a Cluster running in HA mode:1) What will happen to the Mails queued for processing in one member if there is a fail-over to the other member in the cluster? Is this queue will also be synced between the cluster members? If not then how to make sure the mails been delivered to the end-user? 2) How to address the scenario, when we face a hardware issue on the Active member in the cluster which is processing the mails? how to take out the mails which are in the queue? Raghu
jijotms0511
jijotms0511 inside SandBlast Network 2020-01-07
views 406 3 1

Asymmetric Routing issue-Checkpoint

Dear Experts,Need an advise on the below:Attached Network diagram for one requirement and “maroon color” line is the outgoing traffic and “green” color is the return traffic.  In the Net diagram, the right hand side firewall is the checkpoint firewall. As per the network flow, the outgoing traffic flows via checkpoint and when it comes back, it is not hitting the checkpoint firewall. Looks like the traffic will be asymmetric. Just checking if the checkpoint can handle such asymmetric traffic and if any provisions to cater the same.Thanks,
jijotms0511
jijotms0511 inside SandBlast Network 2020-01-06
views 249 1 1

OSPF configuration with a different area

Hi Experts,For checkpoint ospf config, if we need to use a different area other that default  are area0 ,can we create the same under area section and call it directly? Do we need to disable the backbone area if we need to call a new area like 20 in ospf config. This is for R80.10 config in checkpoint hardwareThanks,Jijo 
Rabindra_Khadka
Rabindra_Khadka inside SandBlast Network 2019-12-26
views 324 1 2

Threat Extraction: Error Disk Limit Reached

Please do anyone know about this, please help us !
Suresh_Kumar_K
Suresh_Kumar_K inside SandBlast Network 2019-12-25
views 8232 4 5

Sandblast appliance Downgrade from R80.10 to R77.30

Can we downgrade from R80.10 to R77.30If so can I directly downgrade..
keydee
keydee inside SandBlast Network 2019-12-21
views 330 2 1

HTTPS Inspection of Traffic Flow - HTTPS, FIREWALL AND IPS

We have enabled HTTPS inspection covering IPS, IDS, antibot and antivirus. What should be appearing first on the traffic rule in the firewall. Because I normally see https inspection then firewall then IDS. Could you kindly provide an idea on how to carefully analyze these. Which blade should be first appearing on the traffic thats my concern.
Yoav_Lasman
inside SandBlast Network 2019-12-11
views 477 1
Employee+

Periodic Security Report Early Availability - Join Now!!

What is Check Point’s Periodic Security Report? A periodic email notification summarizing the malicious email and web campaigns against your organization that were prevented by Check Point The report includes Number of prevented malicious files Significant email and web campaigns and their respective malware family Recently introduces Threat Prevention features   Why should I join this EA program?                                                                                                             Stay up to date with the latest attacks that targeted your organization Easily visualize and report the work of your security team to your management You will get a sneak peek into the feature You will be able to influence the development and direction of the feature You will help accelerate the feature’s general availability   If you’re interested in participating in the early availability stage drop me a mail at yoav@checkpoint.com
GGiorgakis
GGiorgakis inside SandBlast Network 2019-12-10
views 233 1

How to bypass .kmz file extension from Threat emulation

How to bypass .kmz file extension from Threat emulation ? 
Gregory_Link
Gregory_Link inside SandBlast Network 2019-12-06
views 269 1

Looking for clarification on Threat Emulation Custom Password Configs

We are looking to create a custom password list using the SK below based on intel and active threats we've seen.  What I'm having trouble understanding though is why we need to add phrases as well given that threat emulation already knows what inbound emails to look at based on the extensions you have defined.  What value do we get out of this?https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk112821
SANDEEP_DEGAONK
SANDEEP_DEGAONK inside SandBlast Network 2019-12-05
views 241 1

Regarding retrieving of encrypted documents traversing through MTA

We intend to block all encrypted attachment by Check Point Threat Extraction blade and send notifications to end-users about the same. Before enabling this, we need to confirm whether we will be able to retrieve & forward that encrypted attachment to the intended recipient upon receiving such requests from end-users.