Summary
Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Already have an account? Sign In »
Video Transcription
00:00
>> In this module,
00:00
we will do a quick summary of
00:00
everything that we've talked about.
00:00
During the series we've discussed
00:00
the four core elements of the training;
00:00
architecture, deployment,
00:00
>> communication, and exclusions.
00:00
>> In the architecture module,
00:00
we've discuss the idea that we have an endpoint clients
00:00
installed anywhere around the world
00:00
on laptops, desktops and etc.
00:00
It connects to the smart endpoints server.
00:00
We've discussed the fact that this server
00:00
>> can be on-premise or it can be on Cloud.
00:00
>> You can manage that smart endpoint server,
00:00
either group smart endpoint,
00:00
which you get when you install a SmartConsole
00:00
or with web interface.
00:00
You can use both options when you use
00:00
Cloud deployment or on-premise deployments.
00:00
Moving on to the deployment part,
00:00
we've used the portal to manage it all
00:00
>> from the web interface.
00:00
>> We've needed to select the version we want to use.
00:00
We've downloaded the nano agent
00:00
and we've discussed the fact
00:00
>> that you can install it silently,
00:00
>> meaning we won't allow the end user,
00:00
to have the option to postpone
00:00
the installation which just happen silently,
00:00
which is not the default.
00:00
Or you can just say, you'll run the agent.
00:00
The user will have to approve the installation
00:00
>> because you want installation to be on a proper time
00:00
>> unless you're setting up the clients
00:00
>> before you hand the computer to your user capabilities.
00:00
When we say capabilities,
00:00
we mean what do you want the endpoint
00:00
to do to run threat emulation,
00:00
firewall compliance,
00:00
which capabilities you want to be enabled.
00:00
By default, we have the threat prevention suit,
00:00
and you can add more capabilities.
00:00
We saw that there are
00:00
>> different capabilities for Windows,
00:00
>> different capabilities for Linux.
00:00
When we moved on to the installation,
00:00
we've also saw how to install it on Linux,
00:00
>> which was fun.
00:00
>> You have a script, you moved the script,
00:00
you make it executable and you just run it
00:00
>> and it downloads everything that it
00:00
>> needs from the Cloud. Very cool.
00:00
We also saw, by the way, regarding
00:00
the installation that yes,
00:00
you can use the nano agent which acts as a dropper.
00:00
Or you can also have the full package,
00:00
so you just export everything that you need.
00:00
It's also known in the industry as
00:00
a standalone installation or an offline installation.
00:00
We support that as well.
00:00
Visibility, we saw the logs,
00:00
how you can filter through the logs.
00:00
>> Very cool.
00:00
>> We saw the threads hunting option,
00:00
which allows you to really investigate
00:00
what happened within your organization.
00:00
We've talked about the policy.
00:00
The policy can be either by default on
00:00
computer mode or mixed mode,
00:00
which means you can set up your policy
00:00
based on users or computers,
00:00
which is very effective if your users are roaming
00:00
between different desktops or computers and so on.
00:00
Very easy and fun to use.
00:00
We saw that basically a policy says,
00:00
who is going to do what.
00:00
You can set up a policy that, for example,
00:00
finance will have to use this encryption.
00:00
But R&D, for example,
00:00
won't have to use this capability.
00:00
You can customize and play
00:00
with those rules. Very fun to do.
00:00
The most important thing is,
00:00
>> of course to save the policy.
00:00
>> Communication.
00:00
>> We've talked about the fact that
00:00
>> the client communicates
00:00
>> with the server every 60 seconds.
00:00
>> Of course, you can customize
00:00
that timer once there's any change,
00:00
it will start the installation or modification,
00:00
whatever it is, how you can easily
00:00
upgrade the client as well
00:00
because it communicates with the server,
00:00
so everything is synced.
00:00
If there's a status change,
00:00
you'll see it's from the portal
00:00
and from the client as well.
00:00
Unless something got wrong.
00:00
We saw the list of services and port numbers
00:00
>> that needs to be open.
00:00
>> Because the great thing about
00:00
harmony endpoint is that
00:00
you don't have to sit in the office to use it.
00:00
You can be a client sitting abroad,
00:00
at a coffee shop or an airport,
00:00
and you'll still be protected.
00:00
But the thing is, you need to
00:00
download a lot of stuff from
00:00
the Cloud and you need to communicate with
00:00
all of the engines and everything there.
00:00
If you're behind the wrong firewall.
00:00
Let's say, I'm visiting a friend
00:00
and his firewall may block some steps.
00:00
You need to make sure that the firewall,
00:00
the clientele behind, will allow that traffic.
00:00
There is a beautiful escape that we saw
00:00
>> with the list of all the services, all the ports,
00:00
>> everything you need to make sure are open.
00:00
>> How to run a test to see
00:00
>> if those addresses are functioning as well.
00:00
>> Starting from Version 85.10,
00:00
we have the connectivity test.
00:00
It's an executable, it's an EXE file, really cool.
00:00
You just run it as an admin
00:00
>> and it'll just check
00:00
>> if everything works just fine or not.
00:00
>> Then of course, if something is not,
00:00
you have to mend it
00:00
to make sure everything will work smoothly.
00:00
The last piece is exclusions.
00:00
Let's say you have a software
00:00
that gathers all of your files,
00:00
compress them, encrypts them,
00:00
and save it on a remote location.
00:00
That can either be a very efficient backup
00:00
>> or it can be a ransomware attack.
00:00
>> You can have exclusions
00:00
added to the policy in the exclusion center.
00:00
Most vendors will have the dedicated pages
00:00
>> with everything you need to add
00:00
>> if you want to add the exclusion.
00:00
>> In the exclusion video,
00:00
we saw the Microsoft page
00:00
>> where they have a list of their applications
00:00
>> and all the right exclusions you need to add.
00:00
>> Of course the exclusion type will change based on
00:00
the capability you want to add exclusion to.
00:00
For example, if it's URL filtering,
00:00
exclusions will be URLs.
00:00
But if it's file scanning,
00:00
then the exclusion can be a location
00:00
>> on your computer where you won't scan,
00:00
>> or a domain where you download files from
00:00
>> and they won't be scanned.
00:00
>> Depends on the capability you want to exclude.
00:00
Thank you for watching
00:00
>> and I hope you enjoyed this training.
00:00
>> Check out the rest of our Jump Start training,
00:00
and never stop learning.
00:00
Thank you for watching.
Instructed By
Similar Content
