Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Nir_Naaman
Employee
Employee

Infinity NDR Intel User Guide

The attached document provides detailed instructions on the use of the Check Point Infinity NDR Intel facility for threat indicator (IOC) management.

Among other fun activities, you'll learn how to:

  • Use Smart Intel to manage IOCs at scale
  • Deliver IOCs not only to Check Point Gateways but 3rd party firewalls as well!
  • Configure automated input feeds
  • Manage Snort rules using a user-friendly User Interface, including automated error checking!
  • Control indicator output of the NDR Behavioral Analytics AI engines
  • Integrate the NDR platform with CMDB systems

 

3 Replies
Nir_Naaman
Employee
Employee

Updated November 18th, 2021 with the following information:

  • Clarifications for delta feed vs. full feed behavior in relation to indicator expiration
  • Added example for feed integration with Fortigate
Nir_Naaman
Employee
Employee

Updated December 15th, 2021 with the following information:

  • Document aligned with new Check Point Infinity NDR branding
  • Added reference to IPv6 indicator support
  • New "GENERATE USER-FRIENDLY URLs" feature allows customers to share feeds with other customers
  • Policies consolidated into input feed definition
Nir_Naaman
Employee
Employee

Updated May 6th, 2022 with the following information:

  • Added Multi-type CSV/list input feed type - for PAN XSOAR support
  • Added IOC Harvester input feed type - IOC extraction from Check Point Anti-Virus/Anti-Bot/Threat Emulation logs
  • Added "Minimum confidence" selector for input feed policy PREVENT mode
0 Kudos