Harmony Endpoint for Linux Overview

By default, this list contains Symantec, McAfee, and Kaspersky.

Check Point Harmony Endpoint for Linux protects Linux Endpoint devices from malware, and provides Threat Hunting / Endpoint Detection and Response capabilities.

For supported Linux versions and limitations, see sk170198.

Key Threat Prevention technologies:

Technology	Description
Anti-Malware A component on Endpoint Security Windows clients. This component protects clients from known and unknown viruses, worms, Trojan horses, adware, and keystroke loggers.	Harmony Linux Anti-Malware engine detects trojans, viruses, malware, and other malicious threats. The engine is implemented as a multi-threaded flexible scanner daemon. It is managed centrally through a web-console. In addition, it supports command line utilities for on-demand file scans, access functionality, and automatic signature updates.
Threat Hunting / Endpoint Detection and Response (EDR)	An Endpoint Linux device deployed with Harmony Linux, constantly updates Check Point Cloud with Indicator of Compromise (IoC) and Indicator of Attack (IoA) events. The Threat Hunting technology lets the user proactively search for cyber threats that made it through the first line of defense to the Linux Endpoint device. Threat Hunting uses advanced detection capabilities, such as queries and automation, to find malicious activities and extract hunting leads of data.
Behavioral guard	Dynamic analysis of malwares executed on the Endpoint Client, based on the behavioral patterns of many types of attacks, such as ransomwares, cryptominers and trojans.

Technology

Description

Anti-Malware A component on Endpoint Security Windows clients. This component protects clients from known and unknown viruses, worms, Trojan horses, adware, and keystroke loggers.

Harmony Linux Anti-Malware engine detects trojans, viruses, malware, and other malicious threats.

The engine is implemented as a multi-threaded flexible scanner daemon. It is managed centrally through a web-console.

In addition, it supports command line utilities for on-demand file scans, access functionality, and automatic signature updates.

Threat Hunting /

Endpoint Detection and Response (EDR)

An Endpoint Linux device deployed with Harmony Linux, constantly updates Check Point Cloud with Indicator of Compromise (IoC) and Indicator of Attack (IoA) events.

The Threat Hunting technology lets the user proactively search for cyber threats that made it through the first line of defense to the Linux Endpoint device.

Threat Hunting uses advanced detection capabilities, such as queries and automation, to find malicious activities and extract hunting leads of data.

Behavioral guard

Dynamic analysis of malwares executed on the Endpoint Client, based on the behavioral patterns of many types of attacks, such as ransomwares, cryptominers and trojans.

Prerequisites

Available Internet access for the protected device.
For RHEL/CentOS, it is necessary to have access to EPEL (Extra Packages for Enterprise Linux) repository.
If the device has no internet access, you must enable access to certain URLs. For more information, see sk116590.

Minimum Hardware Requirements

x86 processor, 64-bit (32-bit is not supported)
2 GHz Dual-core CPU
4 GB RAM
10 GB free disk space