AnsweredAssumed Answered

SandBlast Chrome plug-in setup

Question asked by David Munoz on Aug 25, 2017
Latest reply on Sep 11, 2018 by Olga Kuts

Like • Show 1 Like1
Comment • 6

Hi everyone, I don't find where to setup the options of sandblast chrome plugin, in smartendpoint console. The management server is a R77.30.03. The client has some issues with the pop-up windows of the plug-in when scanning PDF files, they have an internal site that has many previews of PDF's files, and when they get in, the sandblast plug-in pop-up windows, start to pop in one after another for each file preview. They want to turn off the pop-up windows, but I don't find where to setup this.

In advance, thanks for your help.

No one else has this question

Outcomes

6 Replies

Lior Arzi Aug 25, 2017 10:32 AM
Mark Correct
Correct Answer
The web extension plugin settings are under the “SandBlast Agent Threat Extraction and Emulation” policy section in SmartEndpoint.

The setting for it is under the first action of “Protect web downloads …”.
But in the scenario you describe, I think that what you want is to exclude this internal site from inspection, as the documents there are probably trusted.
To do this, go to the 4^th action. In your case it is probably “Inspect all domains and files” and add this internal domain to the exclusion list.
Like • Show 0 Likes0
Actions
- David Munoz @ Lior Arzi on Aug 25, 2017 12:24 PM
  Mark Correct
  Correct Answer
  Thank you for your answer.
  Exactly, the documents are trusted, but in case the files became infected, when the user downloads it, the SBA will prevent the computer to get infected, right?
  
  additionally, If the option of Protect web downloads is disable, the browser extension doesn't scan files being downloaded, but the browser extension zero phishing it's still active?
  Like • Show 0 Likes0
  Actions
  - Ziv Sahar @ David Munoz on Aug 29, 2017 1:04 AM
    Mark Correct
    Correct Answer
    Hi David,
    If the customer has SBA with TE blade running, then once the file will be downloaded and stored on the drive, the TE will emulate it and block if it is malicious.
    
    as for the second question:
    1. if web downloads is disable, Zero Phishing will still work
    2. if a domain is excluded for emulation\extractin, it will also be excluded from zero phishing
    Like • Show 0 Likes0
    Actions
    - David Munoz @ Ziv Sahar on Aug 29, 2017 8:18 AM
      Mark Correct
      Correct Answer
      Thank you very much, that's all I needed to understand.
      Like • Show 0 Likes0
      Actions
    - Ted Serreyn @ Ziv Sahar on Sep 11, 2018 6:59 AM
      Mark Correct
      Correct Answer
      I have a client with SBA with TE blade running and Anti-phising is still blocking even though we have added the site in question to the exclusions for inspect all domain and sites, but anti-phish is still happening and blocking.
      Like • Show 0 Likes0
      Actions
      - Olga Kuts @ Ted Serreyn on Sep 11, 2018 7:22 AM
        Mark Correct
        Correct Answer
        Hello!
        You must sign in / sign out on the computer after policy install.
        1 person found this helpful
        Like • Show 0 Likes0
        Actions

SandBlast Chrome plug-in setup

Outcomes

Related Content

Recommended Content