Serious Discussion Harmony Endpoint by Check Point

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,784
There is nothing complicated really, it’s all about having a love for books, or in this case, the Admin guide. I just LOVE reading guides not only for that but also for appliances and everything. Before I buy something, I’ve already read the guide. I’ve even read the Apple OS guides, which are about 2K pages average. If you read, you will understand everything.
I read the Harmony admin guide 5-6 times before I start the trial and now I can use it with my eyes closed.
I tended to get bogged down with the reading if I'm also not using the software at the same time to better understand what I'm reading, and then if the software is running ok and I have basic understanding of app, I stop reading... :oops::ROFLMAO: (but promise will follow thru with both Harmony and Di) :whistle:
 

Trident

Level 34
Thread author
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
I tended to get bogged down with the reading if I'm also not using the software at the same time to better understand what I'm reading, and then if the software is running ok and I have basic understanding of app, I stop reading... :oops::ROFLMAO:
You watched the pre-deployment video.
 
  • Like
Reactions: simmerskool

Andrew3000

Level 11
Verified
Top Poster
Malware Hunter
Well-known
Feb 8, 2016
537
Bro, it was widely discussed on this thread. Trial is available by having a look at the first post.

Also here: Harmony Endpoint (SandBlast Agent) Free Trial | Endpoint Security | Check Point Software

Use an iCloud address to start trial and you can choose whether you wanna be contacted or not.

If you decide you wanna purchase at one point, have a look at checkpoint.direct. The annual price of a client managed by you is 39+VAT (about £47).
It asks for a business email

1688146683154.png
 

Trident

Level 34
Thread author
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
It asks for a business email

View attachment 276753
Try here
 

Andrew3000

Level 11
Verified
Top Poster
Malware Hunter
Well-known
Feb 8, 2016
537
Try here
Nope :(
1688150060547.png
 

NormanF

Level 9
Verified
Jan 11, 2018
404

Trident

Level 34
Thread author
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
In Microsoft Defender For Business, the recommended security policies are pre-configured out of the box. All the end user has to do is onboard their device.
There are policies pre-defined in Harmony as well. You can choose “strict”. But on business environment it is always recommended to review and plan a policy. The policy should provide maximum security whilst allowing users to work freely and without distractions.
 

Trident

Level 34
Thread author
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
Wait I have a question - how are some things detected by behavioral detection but not by the emulatior?
Emulation involves running on a VM. Virtual machines have various artefacts. Although Check Point has taken every care to hide the artefacts using both hardware and software features, fraction of malware may not perform actions when emulated. When you execute them on a real system, the classification engines will observe the malicious behaviour. Bypassing emulation like the Check Point (and also CrowdStrike and Palo Alto one) is not an easy task and doesn’t happen frequently. When it happens, other layers still provide protection.
 

Xeno1234

Level 14
Jun 12, 2023
684
Emulation involves running on a VM. Virtual machines have various artefacts. Although Check Point has taken every care to hide the artefacts using both hardware and software features, fraction of malware may not perform actions when emulated. When you execute them on a real system, the classification engines will observe the malicious behaviour. Bypassing emulation like the Check Point (and also CrowdStrike and Palo Alto one) is not an easy task and doesn’t happen frequently. When it happens, other layers still provide protection.
Ahh. But I've seen things that arent anti-sandbox get past it, but are detected by Behavioral Detection. How does that work?
 

Xeno1234

Level 14
Jun 12, 2023
684
How do you disable the browser extension - for me it slows down donwloads, alot. Emulation should take 2-3 minutes but instead downloads take around 10.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top