This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
PhoneBoy
Admin
Admin
‎2022-02-16 09:39 AM

Protect Your Mobile with Harmony Mobile TechTalk: Video, Sides, and Q&A

Q&A is below, slides are attached below that.

(view in My Videos)

 

How do you handle cert pinned traffic?

Our ONP technology allows us to inspect the SSL traffic from the device network connection so we can block malicious traffic, access to phishing and zero-phishing pages, anti-bot, download prevention, ORL Filtering and conditional access. We do not scan any private content we just scan IP/DNS names and URLs. We do that using a Check Point SSL cert on the device. Note that some known destinations that are tagged as Excluded from ONP.

Do we have to deploy the solution on devices one-by-one?

No, you can deploy in bulk and also integrate with MDM/UEM solution that will push the app automatically to the employee devices, register the app and activate the protection all that using Zero-touch approach.

We use Harmony but have another VPN solution. Can can ONP work without VPN permissions?

Yes, ONP is policy based so you don't have to use it. Also, ONP has some capabilities to work with other corporate VPNs (side-by-side) when the corporate VPN is on the ONP will go automatically in suspend mode.

When will we be able to perform whitelisting for iOS applications? Also, if an application such as streaming app is getting blocked by Mobile, how do we view the block traffic and release it?

iOS doesn't provide the necessary capabilities currently. We are planning ONP within the browser in the near future.

What about Bluetooth protection?

Harmony Mobile has the ability to scan Bluetooth exploits and also alert when the app request permissions to the Bluetooth as part of the behavioral analysis looking for malicious behavior.

In suspend mode will it still "detect" port scans, downloads etc... Also we noticed it AV engine used is Kaspersky in addition to TC engines. Is this an accurate statement?

If ONP is suspended, it will completely stop scanning the device traffic so if you side-load an app we will not be able to prevent it. Allowing users to suspend ONP is controlled by policy, so you cannot allow it to prevent such cases. Regarding the AV (Static signature scan) we are using community known signature sources one of them can be Kaspersky but not the only one.

In CVE alert, we can find Pegasus?

Yes the iOS vulnerability utilized by Pegasus to deliver the malicious payload was documented in CVE and for old iOS devices in your organization it is alerted.

Can you forward the Harmony logs to the on-premise logging servers?

Yes, via syslog.

When I open "my apps" at the bottom of my Protect app, i get a message saying "app sync in progress... open my apps in a few minutes to get apps info or tap the refresh button." Neither of these work and we have been using for a month. How do I get this to work?

If the app is not from a known market there is a chance the system will try to upload the install package from the device itself. In that case to save on battery/network usage the system will wait for the device to be on Wi-Fi network or plugged to the power outlet before it upload it. In any case, best to open a ticket with TAC if you observe this for an extended period of time.

Does the VPN need to be enabled for Bluetooth Attacks?

No.

Consolidation means Harmony Mobile and Harmony Endpoint will be only one product?

Ultimately, yes.

If we do have a COPE Mobile (Company Owned, Personally Enabled), can we protect Professional and Personal containers, if so, do we need two license?

Only one license is needed.

Do you think in your roadmap you should do Remediation without MDM?

Yes

How can we check for rooted or jailbroken devices?

This is configured in the policy.

Preview file
38559 KB
1 Reply
the_rock
Legend
Legend
‎2022-02-22 05:54 AM

Nice presentation guys, as always! This helps a lot.

0 Kudos
Upcoming Events

    CheckMates Events