Harmony Environment Settings

By default, Harmony Endpoint uses the SandBlast Cloud for Threat Extraction and Threat Emulation.

If you have one or more Harmony Appliances, you can use them as an alternative to SandBlast Cloud.

To configure Harmony Endpoint to work with a Harmony Appliance:

  1. In a Harmony Endpoint Threat Extraction and Threat Emulation rule, right-click the Harmony Environment Settings Action and select Edit Shared Action.

  2. Select Use Harmony Appliance for Threat Extraction and Threat Emulation.

  3. In the Properties of the action, click Configure Appliances.

  4. In the Appliances Configuration window, select an appliance from the list, or click Add and enter:

    • IP address of the Harmony Appliance

    • Appliance Certificate Name - Click Manage to select a certificate or to import one.

  5. To configure a certificate for communication between Harmony Endpoint and the Harmony Appliance, see sk116381.

  6. By default the Cloud will be used if the Appliance is not available. If you do not want the SandBlast Cloud to be used as backup, clear the option If appliance is not available, fallback to Cloud.

  7. Click OK.

To define the maximum size of files that are sent for emulation:

  1. In a Harmony Endpoint Threat Extraction and Threat Emulation rule, right-click the Harmony Environment Settings Action and select Edit Shared Action.

  2. Change the value for Upload to emulation files less than X Megabytes. The default is that file less than 10 MB are sent for emulation.