AnsweredAssumed Answered

What does the SNX limitation in E80.70 mean?

Question asked by Chris Butler on Nov 8, 2017
Latest reply on Nov 9, 2017 by Dameon Welch Abernathy

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk117156#Endpoint%20Security%20E80.70%20Clients%20for%20Windows%20-%20SandBlast%20Agent

 

There is a known limitation in the Sandblast client heading that DOES NOT HAVE A LIMITATION ID TO SEARCH ON

 

SandBlast Agent
02524725Zero-Phishing logs have the action Detect instead of Prevent.
02522863There is a long delay in emulation for files downloaded with Mozilla Firefox.
02526247When a file is extracted on a Threat Emulation appliance that uses the Internet Explorer SandBlast Browser Extension, the file does not download to the user's computer.
02522887There is no Emulation Report for files downloaded with Internet Explorer or Mozilla Firefox.
02515394When using a Threat Emulation appliance, there are no screenshots in Emulation Reports.
02529246.EXE Files with certificate excluded from remediation are still quarantined.
 

SNX is not compatible for SandBlast Agent Anti Bot or Forensics blades

 

 

 

What does this mean? We use SNX  with the Mobile Access SSL client, authenticated with SecurID and RSA.

It works fine now, but I am about to deploy CP Endpoint Security full with Sandblast, replacing our Symantec Endpoint Protection suite.

Where is the incompatibility? On the machine running SNX?

The computers on which SNX will be running are employee's personal home computers and they are running their own Antivirus packages, not CheckPoint.

 

However we do test authentication and connection here for users we add or recreate in Mobile Access and RSA using the sole company laptop, which WILL be running CheckPoint Endpoint Security including Anti Bot and Forensics.

 

Kobi EisenkraftSandBlast Agent (Endpoint)

Outcomes