Support Center > Search Results > SecureKnowledge Details
How to verify that Harmony Endpoint (SandBlast Agent) can access Check Point servers? Technical Level
Solution

Introduction

Harmony Endpoint requires access to the Internet (either directly, or via configured proxy).

The table below lists the relevant connectivity requirements for each blade,
as well as how to test it in order to verify the connectivity.

* Notes:

  • Authenticated proxies which require user name and password are not supported.
  • In Harmony Endpoint versions E85.10 and above, on your computer, go to C:\Program Files (x86)\CheckPoint\Endpoint Security\Endpoint Common\bin\ and run CheckConnectivity.exe to automatically verify which URLs are reachable.

     
Cloud Services/Infinity Portal URLs

Index Hostname/URL Protocol From Used For (Version) Verifying Connectivity (Run command listed below. You will get a response if connectivity is OK.)
Harmony Endpoint Management - Infinity Portal
1 storage.googleapis.com/datatube-data-eu https Threat Hunting Threat Hunting data upload curl -v -k -X GET https://datatube-prod.azurewebsites.net/health
2 storage.googleapis.com/datatube-data-us
3 storage.googleapis.com/datatube-data-uk
4 europe-west1-datatube-240519.cloudfunctions.net
5 proddatatubedataeu.blob.core.windows.net
6 proddatatubedataeastus2.blob.core.windows.net
7 proddatatubedataaustraliaea.blob.core.windows.net
8 datatube-prod.azurewebsites.net
9 datatubeprodwesteurope.blob.core.windows.net
10 us-east4-chkp-gcp-rnd-threat-hunt-box.cloudfunctions.net/prod-gcp-contractprovider https Threat Hunting Threat Hunting cloud function domain curl -v -k -X GET https://us-east4-chkp-gcp-rnd-threat-hunt-box.cloudfunctions.net/prod-gcp-contractprovider/health
11 <Connection Token>.epmgmt.checkpoint.com

For example: HEPDemo-d9e265f1-hap2.epmgmt.checkpoint.com
https Harmony Endpoint Management Platform Client-Server communication 
12 s3-fips-r-w.us-east-1.amazonaws.com https Harmony Endpoint Management Platform Client-Server communication
Threat Cloud
13 rep.checkpoint.com/file-rep/service https Threat Cloud Reputation Service ThreatCloud File Reputation service POST https://rep-cws.checkpoint.com/file-rep/SystemStatus/type/short
General Threat Prevention Services
14 a88-221-154-122.deploy.static.akamaitechnologies.com https General Threat Prevention Services Client-Server communication
15 a2-22-93-83.deploy.static.akamaitechnologies.com https General Threat Prevention Services Client-Server communication
16 a95-100-209-19.deploy.static.akamaitechnologies.com https General Threat Prevention Services Client-Server communication
For Services In Europe Region
17 EU-vSEC-ASG-ALB-2115742625.eu-west-1.elb.amazonaws.com https Harmony Endpoint Management Platform Client-Server communication 
18 epm-gw-eu.epmgmt.checkpoint.com, mapped to IPs:
1.  34.249.245.65
2.  52.49.2.249
3.  52.18.12.155
4.  46.137.141.201
Varies Harmony Endpoint Management Platform Client-Server communication 
19 cloudinfra-gw.portal.checkpoint.com https Harmony Endpoint Management Platform Client-Server communication  curl -v -k -X POST https://cloudinfra-gw.portal.checkpoint.com/auth/external (401 UNAUTHORIZED)
For Services In US Region
20 US-vSEC-ASG-ALB-448998794.us-east-1.elb.amazonaws.com https Harmony Endpoint Management Platform Client-Server communication 
21 epm-gw-us.epmgnt.checkpoint.com, mapped to IPs:
1.  34.206.248.183
2.  34.231.106.109
https Harmony Endpoint Management Platform Client-Server communication 
22 cloudinfra-gw-us.portal.checkpoint.com https Harmony Endpoint Management Platform Client-Server communication  curl -v -k -X POST https://cloudinfra-gw.portal.checkpoint.com/auth/external (401 UNAUTHORIZED)
For Services In APAC Region
23 cloudinfra-gw.ap.portal.checkpoint.com https Harmony Endpoint Management Platform Client-Server communication  curl -v -k -X POST https://cloudinfra-gw.portal.checkpoint.com/auth/external (401 UNAUTHORIZED)
24 endpoint-management-prd-alb-1052683977.ap-southeast-2.elb.amazonaws.com https Harmony Endpoint Management Platform Client-Server communication 

Blade Specific Services

Index Hostname/URL Protocol From Used For (Version) Verifying Connectivity (Run command listed below. You will get a response if connectivity is OK.)
Threat Emulation
1 te.checkpoint.com https Threat Emulation Interaction with Threat Emulation cloud curl_cli [--proxy <IP_or_HostName:Port>] -v -k te.checkpoint.com
2 gwevents.checkpoint.com https Threat Emulation Statistics collection curl_cli [--proxy <IP_or_HostName:Port>] -v -k gwevents.checkpoint.com
Anti-Malware
3 teadv.checkpoint.com/Sophos/ https Anti-Malware Sophos additionally uses this site. curl_cli [--proxy <IP_or_HostName:Port>] -v https://teadv.checkpoint.com/Sophos/
4 kav8.zonealarm.com http Anti-Malware Signatures database updates curl_cli [--proxy <IP_or_HostName:Port>] -v http://kav8.zonealarm.com/v6/index/u1313g.xml
5 dnl-*.geo.kaspersky.com  http Anti-Malware Signatures database updates curl_cli [--proxy <IP_or_HostName:Port>] -v http://dnl-01.geo.kaspersky.com/index/u1313g.xml
6 ksn*.kaspersky-labs.com
ksn-crypto-file-geo.kaspersky-labs.com
ksn-crypto-url-geo.kaspersky-labs.com
https Anti-Malware Cloud Reputation Services telnet ksn-crypto-file-geo.kaspersky-labs.com 443
Anti-Bot
7 cws.checkpoint.com http Anti-Bot  Bot Detection curl_cli [--proxy <IP_or_HostName:Port>] -v http://cws.checkpoint.com/Malware/SystemStatus/type/short
8 malw-cws.checkpoint.com http Anti-Bot  Bot Detection curl_cli [--proxy <IP_or_HostName:Port>] -v http://malw-cws.checkpoint.com/Malware/SystemStatus/type/short
9 secureupdates.checkpoint.com http Anti-Bot  Signatures database updates curl_cli [--proxy <IP_or_HostName:Port>] -v -k http://secureupdates.checkpoint.com/AMW/Version
10 sc1.checkpoint.com http Anti-Bot  Retrieve URL for bot detection server curl_cli [--proxy <IP_or_HostName:Port>] -v -k http://sc1.checkpoint.com/EPcws/TCUrlsFormat.txt
Forensics
11 sba-data-collection.iaas.checkpoint.com https Data Collection service  Forensic reports upload POST https://sba-data-collection.iaas.checkpoint.com/upload
Browser Extension/Harmony Browse
12 www.google.com/chrome/
clients2.googleusercontent.com
clients2.google.com
https Browser Extension/Harmony Browse Google services
13 microsoftedge.microsoft.com
edge.microsoft.com
https Browser Extension/Harmony Browse Microsoft Store

References

Related Solution: sk83520 - How to verify that Security Gateway and/or Security Management Server can access Check Point servers?

 

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment