Showing results for 
Search instead for 
Did you mean: 

How to immediately distribute protection against emerging threats across your environment

How to immediately distribute protection against emerging threats across your environment


You may have already noticed this added visibility and control is fast.  Threat details collected from malware encountered at endpoints and network gateways can propagate through the data exchange layer in milliseconds, educating all security components to proactively immunize against newly detected threats.





  • Hackit.exe is on the desktop of your client.  Hackit can be found at:
  • TIE module for VSE policy is set to Enforce and block at Unknown



The objective of this use case is to demonstrate the speed and distribution in which the Data Exchange Layer is updated.  Successful completion of this use case should demonstrate the near real-time distribution that the Data Exchange Layer offers.

Use Case

Remote Desktop into the client system and run Hackit.exe.  This populates the TIE reputations page.


Right-click the Hackit icon in the system tray and click Shutdown Hack-it

Be ready to click on Hackit.exe as quickly as possible in a future step.

hackit shutdown.png


Click on Menu | Systems Section | TIE Reputations


In the File Search tab Enter Hackit.exe in the search field and click Find Files.

*Note clicking enter will not search.  You must use the mouse to click the Find Files Button.


Click the checkbox next to HackIt.exe 


Are you ready to be quick?  Click Actions and mark Hackit.exe file as ‘File Most Likely Malicious’

Move to the next step quickly

Remote Desktop into the client system and attempt to re-run Hackit.exe
The execution attempt will be blocked.

Note that the reputation update was immediately distributed from ePO to the TIE client over the DXL. This kind of communication typically takes less than 1 second. You can repeat the test by changing the file reputation in ePO from “File Most Likely Malicious” to “File Known Trusted”.

block Hackit.png


No more waiting for agent wake up calls, slow dat releases or for the global threatfeed to update!  The speed and distribution of the Data Exchange Layer provides a communication fabric that allows immediate protection across your entire enterprise.

Labels (1)
Tags (2)
Version history
Revision #:
3 of 3
Last update:
Updated by: