Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Menuchak
Admin
Admin

See what's on the Horizon for Horizon - EMEA Horizon Deep Dive

Horizon Q&A

 

Question: What sources will be supported initially with Horizon XPR and Events? What about Playbooks? 

Answer: All of Check Point products are planned to be supported with XPR, as well with Events. Playblocks is already integrated with XPR which carry auto-responses flows as well as 3rd party integrations (Service-now, Teams, Slack etc).

 

Question: will Horizon SOC still be available or will it be replaced by Harmony XDR/XPR and Harmony Event?

Answer: All features currently exist on Horizon SOC (formerly known as Infinity SOC) will be available on XDR/XPR (besides Brand Protection), with the addition of many more capabilities. XDR/XPR supports not only AB/AV as Horizon SOC does, but all GW logs, plus all other data sources (Endpoint, Email, 3rd party and more to come) including correlations between these sources.
Since the XDR/XPR is the much-upgraded version of Horizon SOC, it’s planned to replace it. All Horizon SOC existing customers could enjoy the new XDR/XPR solution with no extra charge- until the end of their Horizon SOC license.

 

Question: When multiple management servers, for example, two distinct SmartCenter environments or one SmartCenter and one Multi Domain Manager, will be supported?

Answer: MDS environments are scheduled to be supported in XDR/XPR by the end of Q3

 

Question: How does XDR/XPR integrate with Check Point's Quantum management solution?

Answer: Horizon XDR/XPR is supported with the following Check Point Quantum Security Gateway-
On-premises R81.10 with the R81.10 Jumbo Hotfix Accumulator Take 93 and higher, or Smart-1 Cloud.

 

Question: Is there an API available or planned and if so when? I didn't find any information about Horizon XDR/XPR API.

Answer: XDR/XPR Integration with 3rd party systems is available using an incident export API- documentation will be available within the next 2 weeks.

 

Question: Does XDR/XPR supports integration with 3rd party?

Answer: By the end of Q1, XDR/XPR would also be integrated with Microsoft defender and after that Azure AD is planned to be available as well. The short-term roadmap is to the 3rd parties to integrate with XDR/XPR according to customers’ feedback and business justification.

 

Question: When will it be integrated with Quantum SMB gateways?

Answer: XDR/XPR integration with Quantum SMB gateways will be available during Q2

 

Question: How can Horizon block an attack which is, for example, detected by a log sent from a Quantum gateway?

Answer: XPR connects to the Gateway mgmt. and apply all preventive actions and enforcement directly through that mgmt. 

 

Question: Will it be possible to connect an on-prem Endpoint management to XPR?

Answer: XDR/XPR is currently not supporting on-prem Endpoint

 

Question: Is a Detection (or Abnormal activity) library available (or planned ?) to be consulted in order to better understand XPR/XDR coverage and also help to understand what is the detection scenario about and what it is looking for?

Answer: Behavioural Analytics (UEBA) & AI-based detection is available now on XDR/XPR. The most basic use cases of such detection are unusual remote logins or connections, connections to or from unusual geo locations, passwords brute force, recurrent bot detections and so on. Those detections are based on logs from the Gateways alone as an example. Of course that as one add more data sources to integrate with our XDR/XPR, a wider security value of cross-product correlated detection shall be given.

 

Question: How XDR/XPR will be fed by 3rd party solutions (i.e. 3rd party firewalls). Does XDR/XPR will be connecting to those devices or they will need to send logs/events to XDR/XPR ?

Answer: 3rd party solutions will need to send their logs to XDR/XPR, specific requirements and connection procedures will be defined for each 3rd party solution as we integrate with them.

 

Question: How are Horizon products licensed? On events per seconds, number of sources, number of logs, ...?

Answer: Horizon XDR/XPR price list is $6 per user per month, which includes 1-year of data retention and is limited to fair usage of up to 50MB data per user/day (logs extension package is available if needed).

 

 

 

0 Kudos
0 Replies

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events