- Feb 25, 2017
- 2,584
She's not my wife yet, and probably will never be If I decide to spend more money on security suites
Harmony Endpoint Release Notes and Roadmaps
- Thread starter Trident
- Start date
I obtained from the Australian Tech Geeks, Sophos MDR.
Running the XDR Sensors as a backend to Microsoft Defender for Business.
Running the XDR Sensors as a backend to Microsoft Defender for Business.
- Apr 16, 2017
- 2,547
What! I've been busy doing something else and not running my Harmony VM for the past week, was unaware of this, no email message from Lithify...
EDIT: I now see updated input from Trident re Lithify, at least for the time being.
Last edited:
- Feb 7, 2023
- 2,351
They are still in the game with their other website, checkpoint.direct.What! I've been busy doing something else and not running my Harmony VM for the past week, was unaware of this, no email message from Lithify...
- Apr 16, 2017
- 2,547
well I do have DeepInstinct on hardware and Harmony on VM, all good so farI guess running Deep Instinct with Harmony is overkill tho. Probably not an option. I'll see what the future brings
- Feb 7, 2023
- 2,351
Theoretically they could work together on one host, if DI processes are excluded under Infinity Portal and Check Point processes are excluded under DI console. Also, do not Integrate DI to security centre. Or Integrate DI there and do not install anti-malware engine under Harmony. But it is not necessary really.well I do have DeepInstinct on hardware and Harmony on VM, all good so far
- Feb 7, 2023
- 2,351
Harmony Endpoint Windows Client v 88.50 released 5th of Aug 2024.
List of New Features and Enhancements in E88.50 for Windows
| ID | Description |
| General | |
| AHTP-30360 | Enhancement: Added Data Loss Prevention (DLP) capability which detects and prevents unauthorized transmission of confidential information, such as social security numbers, credit card numbers, bank account numbers and so on. Refer to Harmony Endpoint EPMaaS Administration Guide > Configuring the Endpoint Policy > Data Loss Prevention. |
| AHTP-30649 | Enhancement: The system now automatically blocks vulnerable drivers upon their creation on the device. This includes drivers that are downloaded, extracted, copied, or otherwise introduced to the system. |
| EPS-56912 | Enhancement: Installing any of the Anti-Malware, Anti-Bot, Forensics, or Threat Emulation blades requires Microsoft .NET Framework version 4.7.2 or higher. For all other configurations, the minimum required Microsoft .NET Framework version is 4.6.1. Refer to sk182480. |
| EPS-57300 | Enhancement: Enhanced software security through advanced compilation techniques and updated the core libraries, strengthening enterprise protection. |
| EPS-57548 | Enhancement: The Harmony Endpoint connectivity tool no longer uses E1 URLs. |
| EPS-56975 | Enhancement: Added pagination to the Blade tabs tables in the Clients UI to improve the performance when loading large datasets. |
| Anti-Bot and URL Filtering | |
| AHTP-30718 | Enhancement: URL Filtering eliminates User Check popups for blocked connections in supported browsers with the Harmony Extension installed. This reduces interruptions, improving user experience. In Incognito mode, blocked connections are silently dropped. |
| AHTP-30872 | Enhancement: URL Filtering logs in the Management Server logs now include additional information:
|
| Anti-Malware E2 (US-DHS and EU compliant) | |
| AHTP-30787 | Enhancement:
|
| AHTP-30618 | Enhancement: The Critical Scan feature is improved to include boot sector scanning. |
| Anti-Ransomware, Behavioral Guard and Forensics | |
| AHTP-30058 | Enhancement: Refined the ability to detect network-related security threats. |
| AHTP-30673 | Enhancement: Improved the detection of some types of Ransomware and Wipers. |
| EPS-56879 | Enhancement: Improved the RDP usage information for advanced signatures. |
| AHTP-30810 | Enhancement: When illegitimate login attempts are detected, the account that is targeted will be removed from the list of accounts authorized to access the specific computer. |
| EPS-56740 | Enhancement: Data transferred through OS pipes is now reported to the Threat Hunting tool. |
| EPS-57500 | Enhancement: Additional folders in ProgramData are now protected against tampering. |
| EPS-56617 | Enhancement: Optimized detection algorithm to reduce false positives in generic anti-ransomware signature. |
| Full Disk Encryption | |
| EPS-56482 | Enhancement: After a password change, Microsoft Entra ID users are now prompted to lock and unlock the computer to synchronize the Windows password and the FDE Pre-boot password. |
| EPS-57260 | Enhancement: The Mobile Enrollment feature in the Endpoint Security Client UI now supports all the available languages. |
| EPS-55822 | Enhancement: FDE Pre-boot Remote Help now features a user-friendly wizard interface. This guided flow helps users easily select the type of assistance they need before system boot. |
| EPS-56840 | Enhancement: The PS2 keyboard default setting for Dell Latitude 5420 laptops is now changed to "FALSE" (disabled). |
| Media Encryption and Port Protection | |
| EPS-56627 | Enhancement: Printers installed as software devices are now controlled by the Media Encryption and Port Protection Blade, allowing administrators to apply access policies and rules to regulate communication with these virtual printer resources, enhancing security oversight. |
List of Resolved Issues in E88.50 for Windows
| ID | Description |
| General | |
| EPS-57575 | Launching SmartConsole from Smart-1 Cloud portal fails after Endpoint Security Clients upgrade to E88.41. Refer to sk182532. |
| Anti-Ransomware, Behavioral Guard and Forensics | |
| EPS-56823 | Abnormally high memory usage by the EFR service at first login after a PC reboot. |
| AHTP-30740 | There maybe multiple EFRSAL_*.ds files in the DBStore directory. |
| AHTP-30785 | Some internal system files, which are not created by users, are listed in the Restoration UI screen. |
| Threat Emulation | |
| AHTP-30786 | When the File Reputation feature sends a report to the Management Server and XDR, the Protection Name field sometimes displays as either "File.Rep." or "Unknown" instead of a more specific identifier. |
| Remote Access VPN | |
| ESVPN-4273 | When a non-administrator user creates a VPN site from a link, the browser does not prompt the VPN GUI to open. |
- Feb 7, 2023
- 2,351
Threat Emulation Engine Release Updates
| 15 July 2024 | 11.19 | 60.990000825 |
|
- Apr 16, 2017
- 2,547
- Feb 7, 2023
- 2,351
5th of Aug (just a few days ago). Updated is the core .Net Framework to make the way for a series of performance improvements, which will be made. Anti-Ransomware, Behavioural Guard and Forensics are once again improved. UI and static analysis are GPU optimised. All signatures are now placed in a smarter way to improve HEP loading time.
- Dec 12, 2016
- 1,290
Seems like checkpoint keeps increasing their suite with different technologies from companies they aquire
- Dec 12, 2016
- 1,290
Checkpoint have some of the best security suites available and seems like their prices are competitive as well
But specifically at Harmony they definitely need to keep improving the performance usage and seems like they are keeping improving on that front
- Dec 12, 2016
- 1,290
Checkpoint got good results in some tests it's been gone through
Faxx
Level 1
- Sep 7, 2017
- 16
List of New Features and Enhancements in E88.60 for Windows
| ID | Description |
| General | |
| EPS-57370 | Enhancement: Super Node feature now supports environments with restricted network access for local accounts. In setups where local users cannot log into Super Node machines from the network, a special registry key allows the Super Node to run with elevated privileges. This ability enables the NGINX process, which serves files via HTTP protocol, to operate as system instead of a dedicated local user account. Note, this is not a recommended setup. It should only be used in specific scenarios. |
| Anti-Malware E2 (US-DHS and EU compliant) | |
| AHTP-31304 | Enhancement: Anti-Malware signature update source is now added to the Management Server event logs. |
| Anti-Ransomware, Behavioral Guard and Forensics | |
| AHTP-31234 | Enhancement: Improved detection of ransomware in rare scenarios. |
| AHTP-30632 | Enhancement: Improved the defense against some behavioral patterns. |
| AHTP-31232, AHTP-31167 | Enhancement: Improved the usage of advanced signatures. |
| AHTP-31047, AHTP-31046 | Enhancement: Reduced the size of some internal files. |
| Browser Extension | |
| AHTP-30541 | Enhancement: Blocking the browser Incognito mode in Chrome, Edge, Firefox, Brave using Management policy is now supported. |
List of Resolved Issues in E88.60 for Windows
| ID | Description |
| General | |
| EPS-57593 | The progress of manual CPInfo upload to Check Point FTP gets stuck displaying incorrect percentage after completion, for example, "100%483647%" , leaving the CPInfo terminal window open in that state. |
| EPS-57517 | When internal Endpoint Security communication is lost, the Host Isolation feature does not function as expected. |
| Installation | |
| EPS-57354 | In rare scenarios, upgrade package installation fails with "Product: Check Point Endpoint Security – Error 27562.Changing configuration of Check Point Endpoint Security is not allowed. Please check that the password you have entered is correct or contact your system administrator". |
| EPS-57338 | The CPDA process exits with a dump file after an upgrade of Endpoint Security Clients. |
| Anti-Ransomware, Behavioral Guard and Forensics | |
| AHTP-31207 | The EFR service dump file is created on a multi-role Server. |
| AHTP-31218 | Real Time Attack Context can initially lead to increased memory and CPU consumption compared to regular signatures. However, by replacing multiple signatures, it's expected to ultimately reduce overall resource usage. |
| AHTP-31189 | False positive matches of advanced signatures are returned for trusted .dll files. |
| THPTSE-1090, THPTSE-1071, THPTSE-1041 | Some information may be missing in Threat Hunting logs. |
Similar threads
