Appendix B – Enabling Behavioral Guard Aggressive Mode

  1. In the Harmony Endpoint Administrator Portal, go to Policy > Threat Prevention > Policy Capabilities tab.

  2. In the Settings sidebar, select the policy and then go to the Behavioral Protection tab.

    A screenshot of a computer Description automatically generated

  3. Append the string “?efr_custom_settings=show” to the URL in your browser’s URL bar and press the Enter key.
    https://portal.checkpoint.com/dashboard/endpoint/endpoint#/policy/threat-prevention/?efr_custom_settings=show

  4. Go to Advanced Settings.

  5. Go to the Behavioral Guard & Anti Ransomware tab.

  6. Scroll down to Settings and click Change custom settings.

  7. Add the following key:

    ngavPolicy = <ngavPolicy> <experimentalSignatures>true</experimentalSignatures> <enforcementActions> <low>Prevent</low><medium>Prevent</medium> <high>Prevent</high> </enforcementActions> </ngavPolicy>

  8. You can select Detect or Prevent mode for different Confidence levels.

    A screenshot of a computer Description automatically generated

  9. Click OK, save and install the policy.