Support Center > Search Results > SecureKnowledge Details
How to verify that SandBlast Agent can access Check Point servers? Technical Level
Solution

Introduction

SandBlast Agent requires access to the Internet (either directly, or via configured proxy).

The table below lists the relevant connectivity requirements for each blade,
as well as how to test it in order to verify the connectivity.

* Note: Authenticated proxies which require user name and password are not supported.

Hostname Protocol From Used For (Version) Verifying Connectivity (Run command listed below. You will get a response if connectivity is OK.)
te.checkpoint.com https Threat Emulation blade engine (cloud) Interaction with Threat Emulation cloud curl_cli [--proxy <IP_or_HostName:Port>] -v -k te.checkpoint.com
https
port
18194
Threat Emulation blade engine (appliance) Interaction with Threat Emulation appliance curl_cli [--proxy ] -v -k <IP_of_TE_appliance> 18194
gwevents.checkpoint.com https Threat Emulation blade telemetry Statistics collection curl_cli [--proxy <IP_or_HostName:Port>] -v -k gwevents.checkpoint.com
cws.checkpoint.com http Anti-Bot blade Bot Detection curl_cli [--proxy <IP_or_HostName:Port>] -v http://cws.checkpoint.com/Malware/SystemStatus/type/short
malw-cws.checkpoint.com http Anti-Bot blade Bot Detection curl_cli [--proxy <IP_or_HostName:Port>] -v http://malw-cws.checkpoint.com/Malware/SystemStatus/type/short
secureupdates.checkpoint.com http Anti-Bot blade Signatures database updates curl_cli [--proxy <IP_or_HostName:Port>] -v -k http://secureupdates.checkpoint.com/AMW/Version
sc1.checkpoint.com http Anti-Bot blade Retrieve URL for bot detection server curl_cli [--proxy <IP_or_HostName:Port>] -v -k http://sc1.checkpoint.com/EPcws/TCUrlsFormat.txt
kav8.zonealarm.com http Anti-Malware blade Signatures database updates curl_cli [--proxy <IP_or_HostName:Port>] -v http://kav8.zonealarm.com/v6/index/u1313g.xml
dnl-01.geo.kaspersky.com
dnl-02.geo.kaspersky.com
...
dnl-19.geo.kaspersky.com
http Anti-Malware blade Signatures database updates curl_cli [--proxy <IP_or_HostName:Port>] -v http://dnl-01.geo.kaspersky.com/index/u1313g.xml
ksn*.kaspersky-labs.com
ksn-crypto-file-geo.kaspersky-labs.com
ksn-crypto-url-geo.kaspersky-labs.com
https Anti-Malware blade Cloud Reputation Services telnet ksn-crypto-file-geo.kaspersky-labs.com 443
rep.checkpoint.com/Phishing https Phishing Service File Reputation service https://rep.checkpoint.com/Phishing/status
rep.checkpoint.com/file-rep/service https Threat Cloud Reputation Service ThreatCloud File Reputation service POST https://rep-cws.checkpoint.com/file-rep/SystemStatus/type/short
sba-data-collection.iaas.checkpoint.com https   Data Collection service    POST https://sba-data-collection.iaas.checkpoint.com/upload

 

References

Related Solution: sk83520 - How to verify that Security Gateway and/or Security Management Server can access Check Point servers?

 

Revision History

Show / Hide this section
Date Description
28 Mar 2017 First release of this article

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment