Support Center > Search Results > SecureKnowledge Details
Check Point Endpoint Security Client for Mac OS X - General Limitations
Solution

This article lists general limitations for Check Point Endpoint Security Client for Mac OS X.
These limitations are in addition to those listed in the corresponding Known Kimitations articles for each release.

Table of Contents

  • General Limitations
  • Compliance Blade
  • VPN Blade
  • Firewall Blade
  • Full Disk Encryption (FDE) Blade
  • Media Encryption Blade
  • Compliance Blade
  • Anti-Malware Blade
  • URL Filtering Blade
  • Capsule Docs Blade
  • SandBlast Agent

The following features are not supported on Check Point Endpoint Security Client for Mac OS X:

General Limitations
Push Operations are ignored for Mac OS X client
Centralized Client Deployment from Software Deployment Policy is not supported

Endpoint Client User Interface Localization is not supported

The following configurations in Common Client Settings Policy are not supported:
  • Client user interface settings: configurations such as custom preboot and One Check images and appearance of tray icon.
  • Allowing users to disable network protection on their computers.
  • Installation and upgrade settings
  • Uninstall Password
Compliance Blade
Remediation actions are not triggered on Mac OS X
Environment variables in path of checked files are not supported
Compliance blade on Mac OS X currently supports checks for the following Anti-Virus vendors:
  • Kapsersky
  • Sophos
  • McAfee
  • Symantec
  • TrendMicro
  • Norton
The following compliance checks are not supported:
  • Computer in a domain and running secure screen saver
  • Latest service packs installed
VPN Blade
SCV Compliance check ("Use Compliance Blade" state should be defined in order to enforce client compliance prior to VPN connection)
Hotspot registration is not supported
Firewall Blade
Disable Wireless On Lan feature is not supported
Application Control is not supported
Full Disk Encryption (FDE) Blade
Password change in FDE pre-boot is not synched to OS X 
Smart Card login in FDE pre-boot is not supported
OneCheck is not supported
Media Encryption Blade
Offline Mode Remote Help (MEPP / Mac OS X Offline Access Tool does not support Remote Help)
Custom Encryption is not supported (Media Encryption does not support configuration of which file(s) should be encrypted)
Port Protection is not supported on MAC OS X
CD/DVDs and storage devices connected to ports other than USB, are not supported
Anti-Malware Blade
Anti-Malware Blade is not supported on Mac OS X client
URL Filtering Blade
URL Filtering Blade is not supported on Mac OS X client
Capsule Docs Blade

For list of Capsule Docs limitations, refer to sk108376

SandBlast Agent

SandBlast Agent is now supported with the following blades:

  • Threat Emulation - Evasion resistant sandbox technology detects malicious behavior and prevents any imminent attack.
    As in Windows, the protection is available in 2 levels:
    • Protection from files written to the file system.
    • Inspection of files downloaded by Chrome using the Chrome browser extension to prevent malicious files from getting to the file system.
  • Anti-Ransomware - Detects and quarantines the most evasive Ransomware variants.
  • Google Chrome Extension with:
    • Threat Extraction - Reconstructs downloaded file, delivering sanitized risk-free files to users in real time.
    • Zero Phishing - Blocks deceptive phishing sites and alerts on password reuse in real-time.

Related solutions:

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment