Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Geomix7
Collaborator

Thread Emulation - Manual Test emulation

I am looking for a procedure to manual emulate a file on thread emulation r77.30 to test a file?

 

0 Kudos
6 Replies
G_W_Albrecht
Legend Legend
Legend

See sk110375 - How to emulate files manually on the SandBlast TE Appliance?

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
G_W_Albrecht
Legend Legend
Legend

This sk110375 is not available anymore 😞

Nowadays you have to use the

Threat Emulation API

The Threat Emulation RESTful API is available on any Check Point appliance with enabled Threat Emulation blade and in the ThreatCloud.

The Threat Emulation RESTful API allows you to:

  • Query for emulation results
  • Download reports
  • Upload files for emulation/extraction

Refer to Threat Prevention API Reference Guideand R80 Check Point API Reference Guide

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Chris_Atkinson
Employee Employee
Employee

 

Depending upon the use case there is also the following service available:

 

https://threatpoint.checkpoint.com/ThreatPortal/emulation

CCSM R77/R80/ELITE
0 Kudos
Baasanjargal_Ts
Advisor
Advisor

Hello,

I hope it can help to you.

#te_add_file -f=/tmp/test.pdf

When running this command you can see logs for emulation if Emulation works normally.

Geomix7
Collaborator

i already run this command but i did not found if this file is detected or prevented.Do you know if i can found this info?
0 Kudos
G_W_Albrecht
Legend Legend
Legend

Look into ted.elg !

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events