Prerequisites for Anti-Malware

Before configuring Anti-MalwareClosed A component on Endpoint Security Windows clients. This component protects clients from known and unknown viruses, worms, Trojan horses, adware, and keystroke loggers., you must:

    1. On the Endpoint Security Management ServerClosed A Security Management Server that manages your Endpoint Security environment. Includes the Endpoint Security policy management and databases. It communicates with endpoint clients to update their components, policies, and protection data., run:

      cpstop

    2. Open $UEPMDIR/engine/conf and edit the local.properties file.

      Note - Delete the # character from the beginning of each row that you edit.

    3. Add these properties:

      Property

      Example

      Proxy server's IP address

      http.proxy.host=<IP address>

      The proxy server's listening port

      http.proxy.port=<port number>

      The username if basic authentication is enabled on the proxy server. Leave it empty if no authentication is required.

      http.proxy.user=<username>

      The password if basic authentication is enabled on the proxy server.

      http.proxy.password=<password>

    4. Save the $UEPMDIR/engine/conf/local.properties file.

    5. On the Endpoint Security Management ServerClosed Dedicated Check Point server that runs Check Point software to manage the objects and policies in a Check Point environment within a single management Domain. Synonym: Single-Domain Security Management Server., run:

      cpstart

  2. After configuring the proxy server, configure the Firewall Gateway to accept the traffic to the Anti-Malware update servers.

    1. In your Firewall Gateway, allow outbound internet connectivity.

    2. In your Firewall Gateway, allow outbound connectivity to the Anti-Malware update server.

  3. The Endpoint Security server must have access to ports 80 and 443 on the Anti-Malware Signature Update Server to retrieve the latest malware definitions. Make sure that your Firewall Gateway allows this traffic.

  4. The Endpoint Security Management ServerClosed Check Point Single-Domain Security Management Server or a Multi-Domain Security Management Server. gets the Malware signatures from the central Malware definition server. Endpoint Security clients with the Anti-Malware component get Malware signature updates either from the Endpoint Security Management Server or from their Endpoint Policy ServerClosed Endpoint Policy Server improves performance in large environments by managing most communication with the Endpoint Security clients. Managing the Endpoint Security client communication decreases the load on the Endpoint Security Management Server, and reduces the bandwidth required between sites. The Endpoint Policy Server handles heartbeat and synchronization requests, Policy downloads, Anti-Malware updates, and Endpoint Security client logs..

    By default, the Endpoint Security Management Server and the Endpoint Policy Servers do not have the Malware update engine installed. You must install the Malware update engine on:

    To Install the Malware update engine on the Endpoint Security Management Server

    1. Open SmartEndpoint

    2. From the Menu, select Tools > Anti-Malware Updates.

    3. Click Download and install engine.