CheckPoint Harmony Browse is a web security solution that protects users and their browsers against web-based attacks. Harmony Browse aims to enable users to safely browse the internet no matter where they are. It protects organizations and their employees from web-based threats by inspecting all SSL web traffic directly on the endpoint, using a nano agent deployed within any browser.
Harmony Browse prevents users from visiting zero-day phishing sites, downloading zero-day malware, accessing non-compliant websites, and reusing corporate passwords for non-business web content.
The article will guide you how to installing Harmony Browse and configuring Web and File Protection policies to protect users from web-based threats.
First you must have a Checkpoint Harmony trial account to be able to use Harmony Browse, if you do not know how to create this account, you can follow these instructions: https://techbast.com/2021/11/checkpoint-harmony-how-to-create-an-checkpoint-harmony-trial-account.html
Step 1: Download and install Harmony Browse on Endpoint.
Log in according to the instructions above. In the Harmony section select Browse.
In the Overview section select Download.
Select Download to install on Windows.
After downloading the installation file, proceed to install Harmony Browse like normal software.
Note: To install Harmony Browse requires login with Administrator user on Endpoint to install.
After the installation is complete, open the Chrome browser and go to the Extensions section to check if Harmony Browse has been installed successfully or not.
On Harmony Browse Portal > Computer Management. You will see endpoints with Harmony Browse installed.
Step 2: Configure Web & File Protection
On Harmony Browse Portal > Policy > New Above to create a new rule.
Enter name the new rule (Ex: Threat Prevention Policy) and select the endpoint to which the rule will apply. Then click OK.
In the Web & File Protection section on the right side of the screen, you’ll configure URL Filtering and Download Protection.
- Mode: choose Prevent
- Open Options: Uncheck Allow user to dismiss the URL Filtering alert and access the website.
+ Black list: click Edit. You will add website URLs that you want to block access. Example: facebook.com
- Download Emulation & Extraction: choose Prevent mode.
- Open Options: In the Support files section, click Convert to PDF to avoid downloading files containing executable commands in the file, open to view with PDF files. After making sure the file is safe, you can download the original format of the file.
Unsupport file: select Allow Download.
To apply the policy to endpoint, click Install Policy.
Step 3: Check the policy applied to the Endpoint.
Open the Harmony Browse icon on Chrome’s extensions bar. Click Show Policy Info. Rule with the name Threat Prevention Policy has been applied.
To check the configuration, access to facebook.com, the site will be blocked by Harmony.
Next you try to download a word file, harmony will convert the file to PDF format, you can open it, after checking the file is safe, you can download the word file as usual by clicking Get Original.