Video Tutorials
1. How to Deploy the Harmony Endpoint Security Client on Windows Endpoint using the Tiny Agent and then Install a Software Deployment Policy
00:00: This video shows how to quickly deploy the Harmony Endpoint Security Client Application installed on end-user computers to monitor security status and enforce security policies. using the Tiny Agent on your Windows endpoint and then install a software deployment policy.
00:11: This procedure requires two prerequisites. First, internet access to the endpoint to download and install the software deployment policy. Second, you must create virtual groups of endpoints manually or use the Active Directory scanner to sync the endpoints and users from your Active Directory server.
00:30: Let's get started. Log in to the Infinity Portal. Access the Harmony Endpoint Administrator Portal and click Overview.
00:39: From the top banner, click "Download Endpoint" to download the Tiny Agent.
00:44: Select the Harmony Endpoint Security Client Windows version to install on the endpoints. Make a note of the selected version.
00:52: Click "DOWNLOAD" to download the Tiny Agent. The system downloads the Endpointsetup.exe file.
00:59: Click "OK" to close the window.
01:02: Now transfer or distribute the EndpointSetup.exe file to the endpoints where you want to install the Harmony Endpoint Security Client. You can transfer the file manually or use a third-party tool such as Microsoft Intune.
01:16: Now, let's specify the capabilities, for example, Antibot, Antivirus and other capabilities that you want to deploy on the Harmony Endpoint Security Client. For that, click Policy and then Deployment Policy.
01:30: Click Software Deployment.
01:33: Click Clone and select "Clone above" to duplicate the default software deployment rule Set of traffic parameters and other conditions in a Rule Base (Security Policy) that cause specified actions to be taken for a communication session..
01:39: Enter a rule name for the software deployment policy
01:43: Select the group of endpoints to install the software deployment policy.
01:48: Click "OK" to close the window.
01:51: In the Capabilities and Exclusions pane on the right, make sure to select the same Harmony Endpoint Security Windows client version that you selected while downloading the Tiny Agent.
02:02: Now select the capabilities that you want to install on the Harmony Endpoint Security client.
02:09: Click "Save and Install" to save the changes and initiate the installation.
02:14: Review the changes and click "INSTALL". The system installs the software deployment policy on the Endpoint Management Server Check Point Single-Domain Security Management Server or a Multi-Domain Security Management Server..
02:22: Now, go to the endpoint and double-click and run the Tiny Agent. It installs the Harmony Endpoint Security Client and downloads the software deployment policy from the Endpoint Management Server.
02:34: Your endpoints are now fully protected by the Harmony Endpoint Security Client. Thank you for watching the video.
2. How to Deploy Harmony Endpoint Security Client using Microsoft Intune
00:03: This tutorial demonstrates how to deploy Harmony endpoint security client 00:07: using Microsoft, in 00:10: Log in to Infinity Portal and access the harmony endpoint administrator 00:14: portal. 00:15: In the overview page, click download endpoint, from the top Banner 00:19: For Windows, select the required. Download version virtual group and then click download 00:23: the system. Downloads, the endpoint setup.exe file to 00:28: use the file in Microsoft InTune, you must convert the downloaded exe 00:32: file, to MSI file. 00:33: To do that. Open, a command prompt and run the endpoint, setup.exe /, 00:38: create MSI command, the system creates the eps.msi file. 00:43: To create an export package for the endpoint client. 00:46: Click policy in the left navigation panel. 00:49: Click export package and then click endpoint client. 00:53: Click the plus icon to create an export package for the endpoint client. 00:57: In the create export package, pop-up that appears, enter the package name 01:01: in the package name field select the operating system as Windows in 01:06: the package version section. Select the endpoint security client version that 01:10: you have selected while downloading the endpoint agent, then click next. 01:14: By default threat, prevention. Capability is selected select. 01:18: The other capabilities as required and then click next. 01:21: In the virtual group list, select the virtual group from the drop-down to 01:25: add a VPN site, select the desired VPN from the VPN site 01:29: drop-down list. If required you can click the star icon. 01:33: Next to the dropdown to create a new virtual group or a VPN site, then 01:37: click next. 01:38: Select the download package. When save checkbox and click finish. 01:43: Once the export package is created, click the download icon to download it. 01:47: Now that the package is downloaded, you need to create a Microsoft Azure 01:51: application 01:52: To do that log into the Microsoft Azure admin portal and in 01:56: the Azure Services section, click Azure active directory. 02:00: From the left navigation, panel, Click app, registrations. 02:03: Click new registration at the top left corner. 02:06: The system redirects to the register and application page in the name 02:10: field. Enter a name for the new application, leave. 02:13: The default settings as is, and click register. 02:15: The system redirects to the newly created applications page from the left 02:19: navigation panel, click API permissions. 02:23: In the configured permission section, click add a permission in the request API 02:27: permissions window. That appears click Microsoft graph. 02:31: In the Microsoft graph API, click application permissions, 02:34: Select the required permissions and click add permissions. 02:48: To give admin consent to the selected permissions for all accounts, in checkpoint. 02:52: Click Grant admin consent for checkpoint in the confirmation. 02:56: Pop-up that appears click. Yes. 02:58: To create a secret key for the application from the left navigation panel, 03:02: click certificates and secrets. 03:04: In the client Secrets, tab, click new client Secret. 03:07: In the, add a client secret window that appears enter the description in 03:11: the description field and select the expiration period in the expires section. 03:15: Then click add. 03:17: Copy the secret ID. 03:19: Click overview and copy the directory, ID and application ID 03:23: in the essential section. You need this information to integrate with 03:27: Harmony and point. 03:29: Log in, to the harmony endpoint administrator portal and from the left navigation, 03:33: panel, click endpoint settings, and then click uem integration. 03:38: Click the plus icon. 03:40: Select InTune and click next. 03:42: Enter the directory, ID application, ID and client secret. 03:47: You copied from the Azure application. 03:49: Click verify to verify the details and click next. 03:53: In the application name field. Enter a name for the application in 03:57: the add InTune distribution, group section, select the InTune groups for 04:01: which you want to apply this application in the endpoint version field. 04:04: Select the endpoint version, you have selected, while downloading the harmony endpoint 04:09: agent and then click create. 04:11: The system would take up to two minutes to integrate the Microsoft InTune application 04:15: with Harmony and Collaboration.
3. How to Add Exclusions using Smart Exclusions in Harmony Endpoint
00:00: Smart Exclusions allows you to add exclusions to multiple capabilities easily. An exclusion is an entity, such as an IP address or domain that you want to exclude from the inspection. While, this video specifically details the steps for Harmony Endpoint, it is also applicable to Harmony Browse. 00:19: Log in to the Infinity Portal, access Harmony Endpoint, and click Policy. 00:24: Expand Threat Prevention and click Policy Capabilities and select a rule. 00:29: In the Capability and Exclusion pane, click Exclusions Center. 00:34: Click "Go To Smart Exclusions". 00:37: You can add an exclusion for a single or multi exclusion type. This video covers the procedure to add an exclusion for a single exclusion type. To add a single exclusion type, click new and select single method exclusion. 00:51: Enter a name for the exclusion and make sure that the status is enabled. 00:56: Select an exclusion type. 00:59: You can either apply the exclusion to all the supported capabilities or to specific supported capabilities. 01:07: Enter the details and click save. 01:10: The new exclusion is added to the table. 01:13: Thank you for watching this video.
4. How to Create a Custom Dashboard
00:00: Custom Dashboard allows you to create personalized dashboards with widgets of your preference. While, this video specifically details the steps for Harmony Endpoint, it is also applicable to Harmony Browse. 00:13: Log in to the Infinity Portal. Access Harmony Endpoint and then click "Overview". 00:19: Navigate to the Custom Dashboard and click add. 00:22: You can create two types of custom dashboards. The Blank dashboard allows you to create a new dashboard with widgets of your choice. The Unified template allows you to duplicate and customize the Unified dashboard. 00:34: To create a blank dashboard, hover over the blank dashboard and click Add. 00:39: Click "Add your first widget". 00:42: Select the widget on the left. Review the widget details on the right and click add to add the widget. 00:48: The widget is added to your dashboard. Now, enter a name for your dashboard. 00:53: You can specify whether the dashboard should be private or public. Private dashboards are available only for you to view whereas, Public dashboards can be viewed by all the users. 01:04: Click "Save" to save the dashboard. 01:07: To add more widgets to the dashboard, click Add Widget and follow the wizard. 01:12: To create a custom dashboard using a Unified template, hover over the unified template and click duplicate. 01:19: Enter a name for the unified template. You can add or delete widgets as per your choice. Click save to save the dashboard. 01:26: Finally, to modify a custom dashboard, expand the custom dashboard and click the three dots for the dashboard you want to modify and select the required action. 01:36: Thanks for watching this video.
5. How to Perform the Run Diagnostics Push Operation in Harmony Endpoint
00:00: The Run Diagnostics push operation allows you to collect CPU and RAM usage information of an endpoint for your analysis. 00:09: Log in to the Infinity Portal, access Harmony Endpoint and click Asset Management. 00:15: Expand Organization and select computers. 00:19: Right click the endpoint for which you want to perform the Run Diagnostics push operation, select diagnostics, and then click Run Diagnostics. Note that the Run Diagnostics push operation can be executed only on one endpoint at a time. 00:34: To view the status of the operation, click push operation and view the status column. When the status is complete, click View Report. 00:42: The report shows a graphical representation of the CPU and RAM usage of the endpoint. 00:48: Thank you for watching the video.
6. How to Generate Security Reports in Harmony Endpoint
00:00: You can generate various reports about the security status. While, this video specifically details the steps for Harmony Endpoint, it is also applicable to Harmony Browse. 00:12: Log in to the Infinity Portal. Access the Harmony Endpoint Administrator Portal and click "Overview" 00:19: Click Reports and select Generate Report. 00:22: Select the report you want to generate. 00:25: Click settings and select export report. 00:28: Select the time frame for the report and click Export. The report is generated and downloaded as a pdf. 00:35: If you want to schedule report generation automatically, click Reports and select Schedule Report. 00:41: Click Add to schedule the report. 00:44: Specify the details for the report and click Schedule. Harmony Endpoint generates the report at the scheduled time and emails the report to the specified recipients. 00:54: Thank you for watching the video!
7. How to Create a Threat Prevention Policy Template in Harmony Endpoint for MSSPs
00:00: Harmony Endpoint allows Managed Security Service Providers to manage policies of their child accounts from a central location. This video shows how to create a custom Threat Prevention policy template in the MSSP account and attach it to a child account. 00:17: Log in to the Infinity Portal and access the Harmony Endpoint Administrator Portal with the MSSP account. 00:24: Go to Policy and click MSSP View and then select Threat Prevention under Template Repository. 00:31: Select the default template and click "Clone" to duplicate it. 00:35: Select the cloned template and in the Capabilities and Exclusions pane, make the necessary changes for the capabilities including Advanced Settings. 00:44: Click Save. Now that you have created the template in the MSSP account, you need to link it to the child account. 00:51: To do that, log in to the Harmony Endpoint Administrator Portal using the child account and click Policy. 00:58: Go to Threat Prevention. Click Policy Capabilities and select a device policy. make sure that the policy is connected 01:06: In the Capabilities and Exclusions pane, from the MSSP template list, select All templates. 01:12: Choose a template and click Select. 01:15: Note that selected template's name appears with a MSSP tag for the policy. Click Save and Install the policy. 01:23: After the policy is installed, notice that the policy capability settings are disabled and the changes to the template from the MSSP account are automatically applied to the child account. 01:35: The template widget in the MSSP account shows the child accounts and the capabilities associated with a template. 01:42: Thank you for watching the video.
8. How to Configure Automatic Patch Updates in Harmony Endpoint
00:00: Harmony Endpoint can scan and detect CVEs on your endpoints. This video shows how to automatically apply patch updates for detected CVEs.
00:09: Log in to the Infinity Portal. Access the Harmony Endpoint Administrator Portal and then go to "Policy" and "Access and Compliance Check Point Software Blade on a Management Server to view and apply the Security Best Practices to the managed Security Gateways. This Software Blade includes a library of Check Point-defined Security Best Practices to use as a baseline for good Security Gateway and Policy configuration." and then click "Compliance and Posture".
00:20: Make sure you have enabled Enable Vulnerability assessment and performed a scan either manually or automatically.
00:28: Select "Enable patch updates" and click "Advanced Settings".
00:32: Select "Enable automated patch management"
00:35: Fill in the required information such as "patch update time", "applications" and "severities" and so on and click "OK".
00:42: Click Save and Install.
00:45: As a final step, review the changes and click "Install".
00:49: Thank you for watching the video.
9. How to apply Data Loss Prevention (DLP) rule in Harmony Endpoint
00:05: Data Loss Prevention Check Point Software Blade on a Security Gateway that detects and prevents the unauthorized transmission of confidential information outside the organization. Acronym: DLP. or DLP is a technique to prevent unauthorized transmission of confidential information such as bank account numbers. This video shows how to apply DLP rules to data for example to files that you download or upload. While this video specifically details the steps for Harmony Endpoint, it is also applicable to Harmony Browse.
00:27: Log in to the Infinity Portal access the harmony endpoint administrator
00:31: portal and click policy and data loss prevention now click
00:35: DLP data type manager.
00:38: You can either use the existing data types in the default groups or create
00:42: custom data types.
00:44: To edit a data type expand the DLP group and select a data
00:48: type.
00:49: Click edit and edit the data type as per your requirement.
00:53: Click okay to save your changes.
00:56: To create a new custom data type click new and select data.
01:00: Follow the wizard to define the new data type and click finish.
01:04: The new custom data type is listed under custom data types group and
01:08: similarly new DLP groups. You create are listed under my groups.
01:13: Now, to create a DLP rule and associate with an event, click Data Loss Prevention.
01:19: Select a rule in the table and click "Clone" and then select "Clone Above" or "Clone Below".
01:24: Enter a rule name, select a device group and click "OK".
01:28: Select the rule you just created and click outbound events or inbound events
01:32: outbound event refers to transferring content to external resources
01:36: inbound event refers to downloading data.
01:40: To add an event, turn on the "Disable all" toggle button and click Add.
01:45: Make sure the Status toggle button is enabled. Select the Event type, Destination type, and Action. Select the Data types to associate with the DLP rule and click "Save".
01:56: Click "Save and Install" to install the new policy settings.
02:00: As the last step, click "INSTALL".