Anti-Malware
The Anti-Malware security engine determines if an email attachment or a shared file contains malware.
It uses Check Point’s ThreatCloud to detect files containing known malware (Anti-Virus) and Check Point’s advanced sandbox (Threat Emulation) to detect the evasive zero-day malware.
Engines Enabled
Under Engines Enabled, you can see the security engines available based on the license.
It could include Anti-Virus (known malware detection) or Threat Emulation & Antivirus (advanced sandbox).
To see the Engines Enabled for your tenant, go to Security Settings> Security Engines and click Configure for Anti-Malware.
Malware Emulation Operating Systems
Sandboxing attachments and shared files is crucial for detecting advanced zero-day unknown malware hidden in them.
By default, Check Point runs the virtual machines with the recommended operating systems, which provide the highest detection rates, to emulate and inspect the files.
|
|
Note - A dedicated team in Check Point continuously monitors and optimizes the detection efficacy of the sandbox and selects the optimal operating systems to be used in the virtual machines of the sandbox. Based on their decisions, the recommended operating systems may change and the change will take effect in Harmony Email & Collaboration automatically. |
To override the Check Point recommended operating systems:
-
Go to Security Settings > Security Engines.
-
Click Configure for Anti-Malware.
-
Under Emulation Operating Systems, select the required options.
-
To override the recommended operating systems, select the Override Check Point defaults (select up to 3) checkbox.
-
Select the required operating systems.
Note - You can select only up to three operating systems.
-
-
Click Save.
Anti-Malware Inspection - File Size Limit
The Anti-Malware security engine inspects files attached to an email or shared via supported file sharing/messaging applications for malware only if it is less than 50 MB.