Skip to main content

Enable MDR Remediation (Host Isolation) with Check Point Harmony Endpoint

  • Updated

Summary

In order for the Check Point MDR team to execute remediations with your Harmony Endpoint solution we will require an additional API key from your Check Point Infinity Portal

If you need any assistance with this procedure, please open a ticket in the MDR Portal under "MDR Support" or if you are currently onboarding reply to your welcome email, and we will assist.

 

Note: We will need these two items filled in on the MDR Portal in the MDR Profile section when configuring the remediation:

  • Client ID 
  • Client Secret (Key)

 

Procedure

  • Log in to your Check Point Infinity Portal
  • Select the Gear Icon
  • If you have more than one tenant ensure the correct tenant ID is selected
  • Select API Keys
  • Select "New account API key"                                                                 
  • For Service Select "Endpoint"
  • Set a long expiration to ensure remediation service is not impacted unexpectedly
  • Add a description such as "MDR" and create
  • For roles choose Admin
  • Click "Create" to finish this step

    

 

  • Please copy the Client ID and Client Secret (Key) to enter in the MDR Portal when configuring remediation for Harmony Endpoint:

        

  • Now return to the MDR Portal and head to the MDR Profile section. Under Remediation Excluded Hosts, you will need to enter an IP Address. If you do not have a host to exclude, please use a default address, such as 1.1.1.1 (There will need to be at least one entry before the system allows you to configure Remediation.)

 

  • In the Harmony Endpoint integration you will see an option at the bottom called "Remediation".  Click on the Blue Configure button to begin the setup process.

        

 

  • Next, select your desired Isolation/Remediation option: Do not perform remediations, Requires approval, Always approve

  • Then, click on the Green Key icon at the bottom of the page to enter your Client ID and Client Secret (Key):

       

 

  • Enter the required fields displayed when you created the Endpoint API Key, read the Terms and Condition and check the box if you agree, then press Save.    

 

Note: Please contact MDR Support by creating a ticket in your MDR Portal if you would like to schedule a test to verify your Harmony Endpoint Remediation (Host Isolation)

 

Was this article helpful?
0 out of 0 found this helpful
Return to top

Related articles