The Check Point Cloud refers to a number of Check Point Security Gateways maintained at various locations around the world.
For Small Companies and Individual Users
The Capsule cloud offers security as a service without the overhead of maintaining a physical gateway. For example, a small company of ten employees may wish to protect its user's laptops. This can be done easily using Cloud.
The designated system administrator registers to the Cloud Portal, and adds the email addresses of all the other employees.
Each employee receives an email with a link to download the Cloud Connector depending on the Operating system (PC, Mac).
After installing the connector, the PC, or Mac is secured by a basic policy. No further configuration is required by the employee. All traffic to and from the Internet is inspected for a variety of threats.
For Corporate Enterprises
Cloud helps enterprises protect roaming users (laptops) when they are outside the secured office environment. By tunneling all roaming user traffic to a firewall-in-the-cloud for security inspection, security is extended beyond the immediate enterprise.
Capsule Cloud includes these services:
If you already deploy a Check Point Security Gateway, Cloud expands the number of blades available and offloads roaming user traffic to the cloud.
Check Point Cloud tunnels the traffic initiated by the client to the cloud service. In addition to Capsule Cloud, it is recommended to enable personal firewall on protected computers in order to block undesired incoming connections from excluded and local networks.
What's New in Check Point Capsule Cloud (March 2019)
Support DNS Method - Administrator can set (in the client profile) the DNS Method the client will use.
New report filter - Administrator can generate a report with hours filter.
What's New in Check Point Capsule Cloud (January 2019)
New Report type "User Disconnection" allows you to get report of the user that disconnects and their reasons.
Performance improvements to Portal access.
What's New in Check Point Capsule Cloud (September 2018)
Better messages when install policy failed from central management.
Improve client stability.
What's New in Check Point Capsule Cloud (June 2018)
Enable client to exclude domain from the VPN.
What's New in Check Point Capsule Cloud (02 Dec 2015)
Performance improvements to Portal access
Ability to delete administrative users or the entire Capsule Cloud account (go to "Settings" - "Delete Account")
What's New in Check Point Capsule Cloud (19 Oct 2015)
"Logs & Reports" tab - "Report Scheduling" (you can now schedule reports to be sent on a regular basis, on network activity and threats detected and prevented on your network)
"Downloads" tab - New versions of the AD Sync and SSO utilities
Improved connectivity through the Cloud data centers
What's New in Check Point Capsule Cloud 1.7.0
New audit logs for the LTA object instance
Report scheduling - ability to generate daily/weekly activity PDF reports and send then to e-mail
Windows client - stability improvements and bug fixes
SSO agent utility - stability improvements and bug fixes
What's New in Check Point Capsule Cloud 1.6.0
What's New in Check Point Capsule Cloud 1.5.0
What's New in Check Point Capsule Cloud 1.4.0
Improved HTTPS Inspection interface - Select Advanced Management or Central Management. When in Central Management, SmartDashboard rules show in the Cloud Portal.
Users and Offices can be included in policy rules, and do not need to be in User Groups.
Improved Cloud Portal login page on mobile devices.
Resolved: Logs are not displayed correctly in Internet Explorer 9.
Capsule Cloud Gateway status overview shows in the Cloud Portal login page.
New API commands: getofficeID, getOfficeInfo, addOfficeToGroup
What's New in Check Point Capsule Cloud 1.3.0
The "Capsule Cloud client" is now called "Capsule Connect".
Add a User Center account to Capsule Cloud to activate a license.
"User Groups" are now called "Groups" and can include Offices.
Updated script names and instructions for Capsule Cloud utilities.
The Android "NULL registration" bug is resolved.
What's New in Check Point Capsule Cloud 1.2.0
Capsule Cloud API - The default method is "POST". The "GET" method is not supported.
Log Transport, Single Sign On and AD Synchronization utilities can each run as services on Windows.
The connection status for mobile devices shows in 'Users & Offices' tab > 'Users' > 'Device Status' column.
A new checkbox for AD Synchronization to choose if new users get a registration e-mail.
What's New in Check Point Capsule Cloud 1.1.0
Multiple users are supported on each Windows computer - each user has a different e-mail address and registers to Capsule Cloud with a different registration code. Users cannot be logged in at the same time.
Improved workflow for adding an Office Gateway to Capsule Cloud.
HTTPS Inspection traffic is logged, even if logging is disabled.
If you move to another tab while editing a rule in the Advanced Policy tab, the application selector window stays open. When you click on the Advanced Policy tab again, an error shows.
Workaround: Select the Advanced Policy tab again.
After you make changes to Other Blocked Categories or Other Allowed Categories in Basic Policy Mode, the policy installs automatically before you click Apply.
Browsing to the Cloud Portal from mobile browsers is not supported.
After a new HTTPS Inspection Exceptions policy is applied, it can take up to five page refreshes for an end-user to see the change in a site certificate.
Close and re-open the browser
Refresh the page multiple times
Sometimes when sites are blocked based on the security policy, an incorrect message is shown.
In countries where the regulation prohibits the usage of torrent (DMCA) Cloud blocks torrent. We can allow the use of the Torrent with a dedicated IP address pending user signature on a waver form. Contact Check Point support if this is necessary.
When running Internet Explorer 10 or 11, press F12 and set the Document Mode to "Standards" or "Quirks", instead of "Internet Explorer 9 standards". This prevents GUI issues.
Do this before you log in to the Cloud portal. If you are already logged in and you change the Document Mode, you will be logged out of the portal.
Site to Site VPN (Device in the Cloud)
Not supported in this release (as of 19 Oct 2015).
On Windows 10, Device Guard feature is not supported and should be disabled (as of 29 May 2017).
If you configure a proxy on the Cloud Connector computer, the Cloud Connector cannot reach Cloud.
If the DNS server for the computer is configured manually, DNS resolving does not work.
If Endpoint Security VPN is installed on the same computer as the Cloud Connector, and TCP over port 443 or UDP over port 4500 is blocked by a firewall rule, then the Cloud Connector cannot connect to the Cloud.
In Chrome and Firefox browsers, if you right-click a link and select Save As to download a malicious file, a block page that contains the malware file's name is downloaded. The block page does not open automatically. If you rename the downloaded file with the extension .htm or .html and open it in your browser, a block page opens.
If you a browse to an HTTPS site that is blocked in the policy, the site is blocked, but the "Blocked" message does not open.
Multiple users on the same computer cannot be connected to Capsule Cloud at the same time. One user who is logged in to Windows can be connected to Capsule Cloud. All other users must be logged off of Windows.
In Windows 7 and 8, User Access Control (UAC) prevents the UI client service from collecting the log script to write log files to the designated folder (%temp% or c:\programs).
Mac OS X Clients
Upgrading the Cloud Connector App on Mac OS X clients can take longer than expected.
iOS and Android Clients
Not supported in this release (19 Oct 2015).
Active Directory Synchronizer and SSO Authenticator
If you are running two instances of the Synchronizer, they do not share data. Therefore, if there is a group in Node A that has users in Node B, the users are not added to the group.
29 May 2017
Added Windows 10.
Added Mac OS X 10.12.
10 Dec 2015
Updated the Check Point Capsule Cloud from release of 19 Oct 2015 to release of 02 Dec 2015.
17 Nov 2015
Updated the Check Point Capsule Cloud from v1.7.0 to release of 19 Oct 2015.
20 Aug 2015
Updated the Check Point Capsule Cloud from v1.6.0 to v1.7.0.
13 Aug 2015
Updated the Check Point Capsule Cloud from v1.4.0 to v1.6.0.
06 June 2015
Updated the Check Point Capsule Cloud from v1.3.0 to v1.4.0.
17 Feb 2015
Updated the Check Point Capsule Cloud from v1.2.0 to v1.3.0.
08 Jan 2015
Updated the Check Point Capsule Cloud from v1.1.0 to v1.2.0.
Updated the list of Supported Gateways for Offices.
Updated the Log Transport Requirements.
Added the Capsule Cloud Utility Requirements.
Added the Single Sign On Requirements .
Added the AD Synchronization Requirements.
23 Dec 2014
Removed version number from the SK title (for the latest version of this product, refer to "Version" field).
22 Dec 2014
Updated the Check Point Capsule Cloud from v1.0.0 to v1.1.0.
Updated the list of Known Limitations.
Added sub-section "Supported Gateways for Offices" in the section "Requirements" - "Supported Roaming Clients".
26 Nov 2014
Added requirements for Log Transport.
30 Oct 2014
First release of this document.
Give us Feedback
Thanks for your feedback!
Are you sure you want to rate this stars?