Thanks for the screenshot; in my case the first is like it should be and the second shows in the providers list Windows Firewall as turned on.
Harmony Endpoint by Check Point
- Thread starter Trident
- Start date
Thanks for the screenshot; in my case the first is like it should be and the second shows in the providers list Windows Firewall as turned on.
- Jun 4, 2016
- 94
second question 
how a about Full Disk Encryption settings?
@Trident your section is off or default settings?is this neccessary?
how a about Full Disk Encryption settings?
@Trident your section is off or default settings?is this neccessary?
- Feb 7, 2023
- 1,760
I’ve not deployed full disk encryption. Just recently deployed Media Encryption and Port Protection. Compliance and FDE are not necessary to a home user.second question
how a about Full Disk Encryption settings?
@Trident your section is off or default settings?is this neccessary?
second question
how a about Full Disk Encryption settings?
@Trident your section is off or default settings?is this neccessary?
I turned it off. I don't want my hard drive encrypted! I'm not on a corporate network where the risk of infection is high! Unnecessary for me as a home user.
- Apr 16, 2017
- 2,076
fwiw, ditto that was my initial thought, have not deployed full disk encryption, I'd like to have (develop) a deeper understanding of 4 defaults + firewall before going beyond.
fwiw2, yesterday or last night I noticed my cpu chugging along at 46% & 33%, and it was Harmony forensics. Not sure what it was doing, but it was doing it for awhile without any input from me.
PS when when I say Harmony feels light at keyboard, I mean the system is snappy responsive, no sense of slowdown or delay.
PS2 have not spent much time with reports yet at deployed +2.5 days, not aware of any events
but maybe report would explain the forensics cpu load
- Feb 7, 2023
- 1,760
You’ll need to review all logs. Maybe some forensic analysis was triggered by a process or maybe it was recording some activity.
Xciting
Level 2
- Jun 14, 2023
- 77
@Trident Which engine did you choose between Kaspersky and Sophos?
- Apr 16, 2017
- 2,076
I think he went with Sophos DHS version or switched to it, and I did the same, at first deployed non-DHS (Kaspersky) unknowningly then switched to Sophos.
- Feb 7, 2023
- 1,760
I’ve chosen Sophos due to the reduced disk activity. Sophos divides their database in 2 parts. One part is about 250 MB and that’s modified only once a month. For the remaining 30 days it operates with 2-3 MB (copying the old one and creating a new one). It’s a very smart update mechanism. It also has cleaner detection names than Kaspersky.
It’s important to mention that Sophos engine has a very broad coverage of threats so it’s a good idea to remove the tick from “Skip archives and non-executables”.
- Apr 16, 2017
- 2,076
A reason to tweak. Where's Waldo? I'm trying to imagine where to find that "tick" in the Infinity portal
Don't tell me, I need a challenge today If I don't find it in 10 hours or so, I'll howler for help. And maybe I'll surprise myself and find it in a minute or 2...
- Feb 7, 2023
- 1,760
Their Quantum product for the corporate environment is impressive! We can see the trickle down benefit of new security innovation to the endpoint user where small businesses and individuals will be protected from emerging zero day threats in a timely and cost-effective manner.
- Feb 7, 2023
- 1,760
This innovation affects harmony as well. For example the new AI engine that blocks machine-generated domains and DNS tunnelling attacks is on the ThreatCloud, so we benefit from that as well. The Zero-Phishing is getting implemented on Quantum now but it was available prior to that on Harmony and ZoneAlarm.
Like the new browser extension. It does two things: figure out a threat and block it and perform secure downloads. If the file allowed however, exceeds a certain size, that will be handled by your normal browser download window. I'd like to see the limitation resolved in a future update.
- Feb 7, 2023
- 1,760
The limitation of 50 MB was recently raised, it used to be 15. They may raise again in the future, but apart from the cloud emulation, there is a local one as well. Also, even files not downloaded through the browser or extension are sent for emulation as well.
The extension also cleans up documents from executable content, but even without the extension, they will be cleaned up as well.
Downloads of more than 50 MB can't be securely handled and these are usually software downloads. For example, Checkpoint's own customised software packages are in the region of 800-900 MB.
- Feb 7, 2023
- 1,760
These will be handled by other components later on if they are malware. For example PrivateLoader which is inflated seems not to be a problem for CheckPoint. It is a problem for Norton, Defender and many others.
I removed the malware component and went back to Microsoft Defender and kept the other threat protection modules on board.
Interesting. And for their sandbox?(You mentioned BitDefender, what else?)
Similar threads
