Appendix

Integration Information

Information Name

Description

Endpoint Management ServerClosed Check Point Single-Domain Security Management Server or a Multi-Domain Security Management Server./API URL

 

Endpoint Management API Admin Username

 

Endpoint Management API Admin Password

 

Endpoint Management Local Group(s)

 

Endpoint Management AD Group(s)

 

Endpoint Management Mitigation attribute (Device Property) (deprecated)

 

Tag Device Risk (CHKP_Risk)

None, Low, Medium, or High

Tag Device Status (CHKP_Status)

Provisioned, Active, or Inactive

Tag Device Threat Factor (CHKP_TP)

Free-form information provided by BREClosed Behavioral Risk Engine

Harmony Mobile Gateway

Security gateway servers:

Enter the Security GatewayClosed Dedicated Check Point server that runs Check Point software to inspect traffic and enforce Security Policies for connected network resources. server for your region:

Region

Server

US

gw.locsec.net

Ireland (EU region)

eu-gw.locsec.net

Australia (Asia region)

au-gw.locsec.net

Canada (Canada)

ca-gw.locsec.net

UK region (UK)

uk-gw.locsec.net

India

in-gw.locsec.net

Harmony Mobile App Name (iOS)

Harmony Mobile Protect

Harmony Mobile App ID (iOS)

com.checkpoint.capsuleprotect

Harmony Mobile App Name (Android)

Harmony Mobile Protect

Harmony Mobile App ID (Android)

com.lacoon.security.fox

Deploying a CA certificate using Zero-Touch for HTTPS Traffic Inspection

Generate and download the certificate from you Infinity Portal dashboard:

  1. In your Infinity Portal dashboard, go to Policy > Global > On-device Network Protection > click on Configure:

  2. Under HTTPS Settings toggle HTTPS InspectionClosed Feature on a Security Gateway that inspects traffic encrypted by the Secure Sockets Layer (SSL) protocol for malware or suspicious patterns. Synonym: SSL Inspection. Acronyms: HTTPSI, HTTPSi. to be ON.

  3. Under Inspection CA, select Central CA for MDM deployment and click Generate Certificate.

  4. Validate the name, click Download and then click OK.

Note - When using different policies for device groups, the enforcement of the certificate pushed by UEMClosed Unified Endpoint Management. An architecture and approach that controls different types of devices such as computers, smartphones and IoT devices from a centralized command point. Name may take up to 24 hours on iOS devices.

In case the Global Policy is being used for the entire fleet of devices this limitation is not relevant.