How to verify that SandBlast Agent can access Check Point servers?

Support Center > Search Results > SecureKnowledge Details

Technical Level

Solution ID	sk116590
Technical Level
Product	SandBlast Agent
Version	All
Date Created	28-Mar-2017
Last Modified	13-Jan-2020

Solution

Introduction

SandBlast Agent requires access to the Internet (either directly, or via configured proxy).

The table below lists the relevant connectivity requirements for each blade,
as well as how to test it in order to verify the connectivity.

* Note: Authenticated proxies which require user name and password are not supported.

Hostname	Protocol	From	Used For (Version)	Verifying Connectivity (Run command listed below. You will get a response if connectivity is OK.)
`te.checkpoint.com`	https	Threat Emulation blade engine (cloud)	Interaction with Threat Emulation cloud	curl_cli [--proxy <IP_or_HostName:Port>] -v -k te.checkpoint.com
`te.checkpoint.com`	https port 18194	Threat Emulation blade engine (appliance)	Interaction with Threat Emulation appliance	curl_cli [--proxy ] -v -k <IP_of_TE_appliance> 18194
`gwevents.checkpoint.com`	https	Threat Emulation blade telemetry	Statistics collection	curl_cli [--proxy <IP_or_HostName:Port>] -v -k gwevents.checkpoint.com
`cws.checkpoint.com`	http	Anti-Bot blade	Bot Detection	curl_cli [--proxy <IP_or_HostName:Port>] -v http://cws.checkpoint.com/Malware/SystemStatus/type/short
`malw-cws.checkpoint.com`	http	Anti-Bot blade	Bot Detection	curl_cli [--proxy <IP_or_HostName:Port>] -v http://malw-cws.checkpoint.com/Malware/SystemStatus/type/short
`secureupdates.checkpoint.com`	http	Anti-Bot blade	Signatures database updates	curl_cli [--proxy <IP_or_HostName:Port>] -v -k http://secureupdates.checkpoint.com/AMW/Version
`sc1.checkpoint.com`	http	Anti-Bot blade	Retrieve URL for bot detection server	curl_cli [--proxy <IP_or_HostName:Port>] -v -k http://sc1.checkpoint.com/EPcws/TCUrlsFormat.txt
`kav8.zonealarm.com`	http	Anti-Malware blade	Signatures database updates	curl_cli [--proxy <IP_or_HostName:Port>] -v http://kav8.zonealarm.com/v6/index/u1313g.xml
`dnl-01.geo.kaspersky.com dnl-02.geo.kaspersky.com ... dnl-19.geo.kaspersky.com`	http	Anti-Malware blade	Signatures database updates	curl_cli [--proxy <IP_or_HostName:Port>] -v http://dnl-01.geo.kaspersky.com/index/u1313g.xml
`ksn*.kaspersky-labs.com ksn-crypto-file-geo.kaspersky-labs.com ksn-crypto-url-geo.kaspersky-labs.com`	https	Anti-Malware blade	Cloud Reputation Services	telnet ksn-crypto-file-geo.kaspersky-labs.com 443
`rep.checkpoint.com/Phishing`	https	Phishing Service	File Reputation service	https://rep.checkpoint.com/Phishing/status
`rep.checkpoint.com/file-rep/service`	https	Threat Cloud Reputation Service	ThreatCloud File Reputation service	POST https://rep-cws.checkpoint.com/file-rep/SystemStatus/type/short
`sba-data-collection.iaas.checkpoint.com`	https	Data Collection service		POST https://sba-data-collection.iaas.checkpoint.com/upload

References

Revision History

Show / Hide this section

Date Description

28 Mar 2017 First release of this article

Give us Feedback

Please rate this document

[1=Worst,5=Best]

Comment
	Submitting rating