- Jun 4, 2016
- 93
I want to try it for one person for a month.is this possible?
Harmony Endpoint by Check Point
- Thread starter Trident
- Start date
hi, everyone please may i ask if checkpoint harmony endpoint is used on a pc is there any need to also have some other manual scanners to use at times or not ? would they conflict ? thank you
- Feb 7, 2023
- 1,763
Please look at the first post in this thread. It is possible.
- Apr 16, 2017
- 2,098
yes, that is what I'm going, I just deployed (aka installed) on win10_VM. checkpoint infinity portal is "sensitive" to some extension we sorta take for granted. at first, my installation was being blocked by a browser extension, was not immediately obvious, of course it was the last one I turned off
but overall so far so good.
- Apr 16, 2017
- 2,098
my best guess, depends who you ask. I've only had it deployed for less than 1 hour so no valid opinion, but if I had to guess, I think not. maybe some system hardening tools from AndyFul?
EDIT PS I "stole" that idea from @Kongo in another context.
Last edited:
- Feb 7, 2023
- 1,763
Neither manual scanning or second opinion scanners, nor system hardening is needed with Check Point Harmony.
- Jun 4, 2016
- 93
- Feb 7, 2023
- 1,763
It is under Policy -> Software Deployment.
DHS Compliant = Sophos
The option that don’t contain DHS Compliant = Kaspersky.
Last edited:
- Feb 7, 2023
- 1,763
Check Point Harmony Includes powerful application control that can restrict apps from connecting, terminate them upon connection or upon launch (users as well as malware authors will be unable to launch them).
This is suitable to restrict or completely block LOtLBins (for example PowerShell can be prevented from going online).
Application Control requires AppScan to be used first. Before using AppScan it is vital that the computer is free from malware. If not sure, initiate a full scan first.
To download AppScan, follow these instructions.
I recommend that the AppScan executable is saved in C:\ (admin permission required)
To use it, first execute PowerShell as admin.
Make sure that the default directory is C:\ by typing cd C:\
In the terminal window type .\AppScan /e /p /s "C:\"
This will scan the whole C drive for apps and dynamic link libraries, and will save them in scan.xml located in C:\
Next, upload scan.xml to Check Point Infinity (from the same dialogue that is used to initiate the download). It may take a few moments for all apps to be parsed and added to the list.
Review individual apps, select actions and install the policy.
This is suitable to restrict or completely block LOtLBins (for example PowerShell can be prevented from going online).
Application Control requires AppScan to be used first. Before using AppScan it is vital that the computer is free from malware. If not sure, initiate a full scan first.
To download AppScan, follow these instructions.
I recommend that the AppScan executable is saved in C:\ (admin permission required)
To use it, first execute PowerShell as admin.
Make sure that the default directory is C:\ by typing cd C:\
In the terminal window type .\AppScan /e /p /s "C:\"
This will scan the whole C drive for apps and dynamic link libraries, and will save them in scan.xml located in C:\
Next, upload scan.xml to Check Point Infinity (from the same dialogue that is used to initiate the download). It may take a few moments for all apps to be parsed and added to the list.
Review individual apps, select actions and install the policy.
this may seem like a unusual question can the application control also be controlled or adjusted from the endpoint software on the computer ? thank you
- Feb 7, 2023
- 1,763
No, application control can only be managed from the Infinity Portal. There are certain management capabilities that can be enabled for the Endpoint Client but AC is not one of them.
- Apr 16, 2017
- 2,098
fwiw, I've been running Harmony in win10_vm for about 24 hours, only unusual event is mullvad app is toast, so I uninstalled it as would not open correctly and I got a warning about javascript. I then installed another vpn I use, and it opens and connects aok. I will probably try reinstalling mullvad app and see if that fixes it. Overall, Harmony at the keyboard, using browsers, feels very light considering its many features.
- Feb 7, 2023
- 1,763
There are detailed CPU and RAM usage metrics on the Infinity Portal as well.
And the firewall isn't one that can be enabled to replace the Windows firewall like the Symantec Endpoint firewall does.
- Apr 16, 2017
- 2,098
? I deployed the Harmony Firewall & app control blade after the initial install, and then win10 WSC did show that the CheckPoint firewall was ON and the windows firewall was off. At this this point I had not tweaked any firewall settings in Harmony console so the Harmony filewall was default, but ON.
- Feb 7, 2023
- 1,763
Same here. When you go manage providers, it displays Check Point firewall is on and Windows Firewall is off.
I'm on Windows 11. Manage providers in Windows Security doesn't display the Checkpoint Firewall and the Windows Firewall isn't turned off.
- Feb 7, 2023
- 1,763
Maybe initiate a client repair. Under the firewall, the options to manage firewall (such as to allow program through it), are these available or disabled?
Last edited:
The options in the Infinity Portal are available but the firewall isn't installed in the Windows Security panel.
Similar threads
