Harmony Endpoint for Linux Overview
Check Point Harmony Endpoint for Linux protects Linux Endpoint devices from malware, and provides Threat Hunting / Endpoint Detection and Response capabilities.
For supported Linux versions and limitations, see sk170198.
Key Threat Prevention technologies:
|
Technology |
Description |
|---|---|
|
Harmony Linux Anti-Malware engine detects trojans, viruses, malware, and other malicious threats. The engine is implemented as a multi-threaded flexible scanner daemon. It is managed centrally through a web-console. In addition, it supports command line utilities for on-demand file scans, access functionality, and automatic signature updates. |
|
|
Threat Hunting / Endpoint Detection and Response (EDR) |
An Endpoint Linux device deployed with Harmony Linux, constantly updates Threat Cloud with Indicator of Compromise (IoC) and Indicator of Attack (IoA) events. The Threat Hunting technology lets the user proactively search for cyber threats that made it through the first line of defense to the Linux Endpoint device. Threat Hunting uses advanced detection capabilities, such as queries and automation, to find malicious activities and extract hunting leads of data. |
|
Behavioral guard |
Dynamic analysis of malwares executed on the Endpoint Client, based on the behavioral patterns of many types of attacks, such as ransomwares, cryptominers and trojans. |
|
Remote Access VPN solutions let you create a VPN tunnel between an Endpoint Client and the internal network. This allows system administrators to monitor security vulnerabilities and protect the endpoints. |
Prerequisites
-
Available Internet access for the protected device.
-
For RHEL/CentOS, it is necessary to have access to EPEL (Extra Packages for Enterprise Linux) repository.
-
If the device has no internet access, you must enable access to certain URLs. For more information, see sk116590.