Harmony Environment Settings

Note - Harmony Endpoint is now branded as Endpoint Security. UI names and labels may change over time as the rebranding is reflected in different product versions.

By default, Endpoint Security uses the SandBlast Cloud for Threat Extraction and Threat Emulation.

If you have one or more Harmony Appliances, you can use them as an alternative to SandBlast Cloud.

To configure Endpoint Security to work with a Harmony Appliance:

  1. In a Endpoint Security Threat Extraction and Threat Emulation rule, right-click the Harmony Environment Settings Action and select Edit Shared Action.

  2. Select Use Harmony Appliance for Threat Extraction and Threat Emulation.

  3. In the Properties of the action, click Configure Appliances.

  4. In the Appliances Configuration window, select an appliance from the list, or click Add and enter:

    • IP address of the Harmony Appliance

    • Appliance Certificate Name - Click Manage to select a certificate or to import one.

  5. To configure a certificate for communication between Endpoint Security and the Harmony Appliance, see sk116381.

  6. By default the Cloud will be used if the Appliance is not available. If you do not want the SandBlast Cloud to be used as backup, clear the option If appliance is not available, fallback to Cloud.

  7. Click OK.

To define the maximum size of files that are sent for emulation:

  1. In a Endpoint Security Threat Extraction and Threat Emulation rule, right-click the Harmony Environment Settings Action and select Edit Shared Action.

  2. Change the value for Upload to emulation files less than X Megabytes. The default is that file less than 10 MB are sent for emulation.