Support Center > Search Results > SecureKnowledge Details
Harmony Endpoint (SandBlast Agent) Client Connectivity Requirements Technical Level
Solution

Introduction

Harmony Endpoint requires access to the Internet (either directly, or via configured proxy).

The table below lists the relevant connectivity requirements for each blade,
as well as how to test it in order to verify the connectivity.

* Notes:

  • Authenticated proxies which require username and password are not supported.
  • The new tool CheckConnectivity.exe is supplied with client versions E85.10 and higher. It helps to determine that all the online services which are required by the Endpoint client are accessible. This tool is located under the Endpoint folder: C:\Program Files (x86)CheckPoint\Endpoint Security\Endpoint Common\bin.
  • Kaspersky is also referred as E1 Anti-Malware engine.
  • Sophos is also referred as E2 DHS Compliant Ant-Malware engine.  

     

Cloud Services/Infinity Portal URLs


# Hostname/URL Protocol From Used For (Version) Verifying Connectivity (Run command listed below. You will get a response if connectivity is OK)
Harmony Endpoint Management - Infinity Portal
1 storage.googleapis.com/datatube-data-eu https Threat Hunting Threat Hunting data upload curl -v -k -X GET https://datatube-prod.azurewebsites.net/health
2 storage.googleapis.com/datatube-data-us
3 storage.googleapis.com/datatube-data-uk
4 europe-west1-datatube-240519.cloudfunctions.net
5 proddatatubedataeu.blob.core.windows.net
6 proddatatubedataeastus2.blob.core.windows.net
7 proddatatubedataaustraliaea.blob.core.windows.net
8 datatube-prod.azurewebsites.net
9 datatubeprodwesteurope.blob.core.windows.net
10 us-east4-chkp-gcp-rnd-threat-hunt-box.cloudfunctions.net/prod-gcp-contractprovider https Threat Hunting Threat Hunting cloud function domain curl -v -k -X GET https://us-east4-chkp-gcp-rnd-threat-hunt-box.cloudfunctions.net/prod-gcp-contractprovider/health
11 <Connection Token>.epmgmt.checkpoint.com

For example: HEPDemo-d9e265f1-hap2.epmgmt.checkpoint.com
https Harmony Endpoint Management Platform Client-Server communication 
12 s3-fips-r-w.us-east-1.amazonaws.com https Harmony Endpoint Management Platform Client-Server communication
Threat Cloud
13 rep.checkpoint.com/file-rep/service https Threat Cloud Reputation Service ThreatCloud File Reputation service POST https://rep-cws.checkpoint.com/file-rep/SystemStatus/type/short
General Threat Prevention Services
14 a88-221-154-122.deploy.static.akamaitechnologies.com https General Threat Prevention Services Client-Server communication
15 a2-22-93-83.deploy.static.akamaitechnologies.com https General Threat Prevention Services Client-Server communication
16 a95-100-209-19.deploy.static.akamaitechnologies.com https General Threat Prevention Services Client-Server communication
For Services In Europe Region
17 EU-vSEC-ASG-ALB-2115742625.eu-west-1.elb.amazonaws.com https Harmony Endpoint Management Platform Client-Server communication
18 epm-gw-eu.epmgmt.checkpoint.com, mapped to IPs:
1. 34.249.245.65
2. 52.49.2.249
3. 52.18.12.155
4. 46.137.141.201
5. 54.220.66.248
Varies Harmony Endpoint Management Platform Client-Server communication 
19 cloudinfra-gw.portal.checkpoint.com https Harmony Endpoint Management Platform Client-Server communication  curl -v -k -X POST https://cloudinfra-gw.portal.checkpoint.com/auth/external (401 UNAUTHORIZED)
For Services In US Region
20 US-vSEC-ASG-ALB-448998794.us-east-1.elb.amazonaws.com https Harmony Endpoint Management Platform Client-Server communication 
21 epm-gw-us.epmgnt.checkpoint.com, mapped to IPs:
1.  34.206.248.183
2.  34.231.106.109
https Harmony Endpoint Management Platform Client-Server communication 
22 cloudinfra-gw-us.portal.checkpoint.com https Harmony Endpoint Management Platform Client-Server communication  curl -v -k -X POST https://cloudinfra-gw.portal.checkpoint.com/auth/external (401 UNAUTHORIZED)
For Services In APAC Region
23 cloudinfra-gw.ap.portal.checkpoint.com https Harmony Endpoint Management Platform Client-Server communication  curl -v -k -X POST https://cloudinfra-gw.portal.checkpoint.com/auth/external (401 UNAUTHORIZED)
24 endpoint-management-prd-alb-1052683977.ap-southeast-2.elb.amazonaws.com https Harmony Endpoint Management Platform Client-Server communication 


Blade Specific Services

# Hostname/URL Protocol From Used For (Version) Verifying Connectivity (Run command listed below. You will get a response if connectivity is OK)
Threat Emulation
1 te.checkpoint.com https Threat Emulation Interaction with Threat Emulation cloud curl_cli [--proxy <IP_or_HostName:Port>] -v -k te.checkpoint.com
2 threat-emulation.checkpoint.com https Threat Emulation
Interaction with Threat Emulation cloud
curl_cli [--proxy <IP_or_HostName:Port>] -v -k threat-emulation.checkpoint.com
3 gwevents.checkpoint.com https Threat Emulation Statistics collection curl_cli [--proxy <IP_or_HostName:Port>] -v -k gwevents.checkpoint.com
Anti-Malware
4 teadv.checkpoint.com/Sophos/ https Anti-Malware Sophos (E2 DHS Compliant Anti-Malware engine) additionally uses this site. curl_cli [--proxy <IP_or_HostName:Port>] -v https://teadv.checkpoint.com/Sophos/
5 kav8.zonealarm.com http Anti-Malware Signatures database updates curl_cli [--proxy <IP_or_HostName:Port>] -v http://kav8.zonealarm.com/v6/index/u1313g.xml
6 dnl-*.geo.kaspersky.com  http Anti-Malware Signatures database updates curl_cli [--proxy <IP_or_HostName:Port>] -v http://dnl-01.geo.kaspersky.com/index/u1313g.xml
7 Domain Templates
  • *.kaspersky.com
  • *.kaspersky-labs.com

More specific ...
ksn*.kaspersky-labs.com
ksn-crypto-file-geo.kaspersky-labs.com
ksn-crypto-url-geo.kaspersky-labs.com

ds.kaspersky.com
ds1.kaspersky.com
ksn-a-stat-geo.kaspersky-labs.com
dc1-st.ksn.kaspersky-labs.com
ksn-file-geo.kaspersky-labs.com
dc1-file.ksn.kaspersky-labs.com
ksn-url-geo.kaspersky-labs.com
ksn-verdict-geo.kaspersky-labs.com
dc1.ksn.kaspersky-labs.com
ksn-cinfo-geo.kaspersky-labs.com
ksn-a-p2p-geo.kaspersky-labs.com
ksn-info-geo.kaspersky-labs.com
file.ks*.kaspersky-labs.com
url.ks*.kaspersky-labs.com
verdict.ks*.kaspersky-labs.com
pp.ks*.kaspersky-labs.com
cinfo.ks*.kaspersky-labs.com
info.ks*.kaspersky-labs.com

https
Custom Protocol 

1443 is fallback port that is used if 443 is unavailable 
Anti-Malware Cloud Reputation Services telnet ksn-crypto-file-geo.kaspersky-labs.com 443
Anti-Bot
8 cws.checkpoint.com http Anti-Bot  Bot Detection curl_cli [--proxy <IP_or_HostName:Port>] -v http://cws.checkpoint.com/Malware/SystemStatus/type/short
9 malw-cws.checkpoint.com http Anti-Bot  Bot Detection curl_cli [--proxy <IP_or_HostName:Port>] -v http://malw-cws.checkpoint.com/Malware/SystemStatus/type/short
10 secureupdates.checkpoint.com http Anti-Bot  Signatures database updates curl_cli [--proxy <IP_or_HostName:Port>] -v -k http://secureupdates.checkpoint.com/AMW/Version
11 sc1.checkpoint.com http Anti-Bot  Retrieve URL for bot detection server curl_cli [--proxy <IP_or_HostName:Port>] -v -k http://sc1.checkpoint.com/EPcws/TCUrlsFormat.txt
Forensics
12 sba-data-collection.iaas.checkpoint.com https Data Collection service  Forensic reports upload POST https://sba-data-collection.iaas.checkpoint.com/upload
SBA Signature Updates
13 updates.checkpoint.com https Updater process  SBA Signature updates curl_cli [--proxy <IP_or_HostName:Port>] -v -k updates.checkpoint.com
14 dl3.checkpoint .com https Updater process  SBA Signature updates curl_cli [--proxy <IP_or_HostName:Port>] -v -k dl3.checkpoint .com
Browser Extension/Harmony Browse
15 www.google.com/chrome/
clients2.googleusercontent.com
clients2.google.com
https Browser Extension/Harmony Browse Google services
16 microsoftedge.microsoft.com
edge.microsoft.com
https Browser Extension/Harmony Browse Microsoft Store
Infrastructure
17

endpoint-cdn.epmgmt.checkpoint.com

https Infrastructure During HEP upgrades Source of files
18

teadv.checkpoint.com/epupdates

http Infrastructure Updates for endpoint curl -v -k -X GET http://teadv.checkpoint.com/epupdates/86.50/0190/v1.xml
19

ep-repo.epmgmt.checkpoint.com

https Infrastructure Server Profiles Feature


References

 

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment