Communication - Port, Services, and URLs

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
35 minutes
Difficulty
Beginner
CEU/CPE
1
Video Transcription
00:00
>> [MUSIC]
00:00
In this module,
00:00
we will cover the communication
00:00
involved with harmony endpoints.
00:00
This is the layout with local management.
00:00
For daily usage, we have
00:00
the endpoint client communicating with
00:00
the endpoint server or a policy server
00:00
in a large environment over HTTP and HTTPS.
00:00
Managing the endpoint server will happen over SIC from
00:00
smart endpoint console or by using the web option.
00:00
Then, of course, it uses
00:00
HTTPS from any browser on any client.
00:00
[MUSIC] In case of a cloud deployment,
00:00
the client will communicate with the server
00:00
over HTTP and HTTPS.
00:00
Notice that firewall rules will
00:00
need to be modified to allow this traffic.
00:00
The full list can be found in sk116590.
00:00
Here's the sk, all the information, all the addresses,
00:00
the ports, protocols, how to check it,
00:00
it's all here in this sk.
00:00
I highly recommend you have a look at it.
00:00
The new connectivity test tool will help you verify
00:00
connectivity to all harmony endpoint services,
00:00
mostly helpful when proxy firewalls are involved.
00:00
It's included in all harmony endpoint clients
00:00
version E8510 and above.
00:00
I'm in my Windows machine,
00:00
I've open CMD with admin privileges and now,
00:00
I'm going to change my location to d C,
00:00
Program files\Checkpoint\Endpoint
00:00
Security\ Endpoint Common\bin folder.
00:00
[MUSIC] Then I'm simply going to type,
00:00
checkconnectivity.exe and press enter.
00:00
This Windows PowerShell scripts going to open,
00:00
and it's going to start checking if
00:00
all the connections working,
00:00
and prompt you with a nice status.
00:00
[MUSIC]
00:00
That's it. Test is done.
00:00
In my case, I see that
00:00
the Threat Emulation cloud check have failed,
00:00
so only to address it.
00:00
The test is over, I can press any key to exit.
00:00
Now, I've to go ahead
00:00
to my firewall and make sure that I
00:00
have this connection proved.
00:00
By default, the client sends a heartbeat every 60
00:00
seconds to see if
00:00
there are any changes or push operations.
00:00
If it detects a change,
00:00
it will send a synchronization requests.
00:00
Both the web interface and smart endpoint will
00:00
use HTTPS to manage the server.
00:00
Another cool components on
00:00
the cloud is the use of threat hunting.
00:00
The client will communicate with threat hunting server
00:00
in intervals of between five and 10 minutes,
00:00
depending on the activity,
00:00
traffic will be encrypted and using HTTPS.
00:00
Thank you for watching and I'll
00:00
see you with the next module.
00:00
[MUSIC]
Up Next