Support Center > Search Results > SecureKnowledge Details
Endpoint Security Homepage
Solution

Endpoint News

  • Two new features are now available in the Endpoint Security Client EA program:
    • BitLocker Management
    • Virtual desktop infrastructure (VDI) Persistent Support
    For more information please contact E81_EA@checkpoint.com

  • Check Point Endpoint Security E81.00 Windows Clients is now available. This release includes many enhancements under various categories such as Anti-Malware, Capsule Docs, Anti-Ransomware, Behavioral Guard and Forensics, Threat Emulation and Anti-Exploit, Full Disk Encryption, Infrastructure and more.
  • Check Point Endpoint Security E80.97 Windows Clients is now available. Anti-Exploit now protects against the Windows Remote Desktop Protocol (RDP) vulnerability, as defined in CVE-2019-0708.
  • Check Point R80.30 is now available.
    • Get email alerts when an Endpoint Policy Server is out of sync.
    • CPUSE upgrade for Endpoint Policy Servers
    • Inplace Upgrade from R77.30 EP6.5
    • Endpoint and Network compatibility includes a new mechanism that inspects files just once, either by the Security Gateway or the Endpoint client.
  • Check Point Endpoint Security E80.96 Windows Clients is now available. This release includes many enhancements under various categories such as Anti-Malware, Capsule Docs, Anti-Ransomware, Behavioral Guard and Forensics, Threat Emulation and Anti-Exploit, Install / Uninstall, Infrastructure and more.
  • Enterprise Endpoint Security E80.89 Mac Clients is now available. It includes support for the Endpoint Security Clients on macOS Mojave (10.14), support for SandBlast Agent blades and more.

R80.20 - Released in Sep 2018 Recommended

 

R80.30 - Released in May 2019



Documentation

Documentation

R80.20 Release Notes R80.20 Endpoint Security Management Server Administration Guide R80.30 Release Notes Endpoint Security Management Server R80.30 Administration Guide

Endpoint Security Server Downloads

Use the Standard R80.30 Management Server



SmartConsole Server Installation SmartConsole Server Installation



 
sk137593 sk144293
  Refer to note below.  

For R80.20 Management Feature Release and Above: 

  1. R80.20.M2 has been released. It is recommended that users, currently deploying R80.20.M1, upgrade to R80.20.M2 (sk123473 - R80.20 Management Feature Release) to enjoy the latest Management features.
  2. Starting R80.20.M1 and above, the Endpoint Security Management Server is fully integrated into the Check Point main train - standard Jumbo hotfixes can be applied to the server.
  3. Important fixes for the Endpoint Security Management Server will be either included in the standard Jumbo hotfix, or in a dedicated hotfix.
  4. R80.20.M1 and above can manage E80.64 and above Endpoint Security Clients.
  5. Anti-Malware signature updates:
    • To allow Endpoint clients to get Anti-Malware signature updates from a cleanly installed R80.20 Primary Endpoint Security Management Server, or cleanly installed R80.20 Endpoint Policy Server, you must follow sk127074. No additional steps are required, if you upgraded the Primary Endpoint Security Management Server to R80.20.
    • Endpoint Security Clients can still acquire their Anti-Malware signature updates directly from an external Check Point signature server, or other external Anti-Malware signature resources, if your organization's Endpoint Anti-Malware policy allows it.

 

E80.96 - Released in April 2019 

Recommended

This release includes many quality improvements that add to the stability and resilience of the product. See the "What's New" section.

Client Downloads

E80.96 Endpoint Security
clients for Windows

E80.96 Capsule Docs
Standalone Client

E80.96 Remote Access
clients for Windows

E80.96 SandBlast Agent
clients for Windows

 

E80.97 - Released in May 2019 

This release includes many quality improvements that add to the stability and resilience of the product. See the "What's New" section.

Client Downloads

E80.97 Endpoint Security
clients for Windows

E80.96 Capsule Docs
Standalone Client

E80.96 Remote Access
clients for Windows

E80.96 SandBlast Agent
clients for Windows

 

E81.00 - Released in May 2019 

This release includes many quality improvements that add to the stability and resilience of the product. See the "What's New" section.

Client Downloads

E81.00 Endpoint Security
clients for Windows

E81.00 Capsule Docs
Standalone Client

E81.00 Remote Access
clients for Windows

E81.00 SandBlast Agent
clients for Windows

 

For supportability versions matrix, refer to the "Detailed information per release" section below or use sk107255.

For information about Enterprise Endpoint Security Managed E80.64 Mac Clients, refer to sk112793.

More information regarding the above mentioned releases and earlier ones can be found under the Detailed Releases Information section below.

   Architecture and Getting Started   More


  • Clients communicate with the Management Server over HTTP/HTTPs.
  • The Endpoint Management architecture works in a "star" scheme to support large-scale environments.
  • The central "brain" of the system is the "Management Server" and the delegate servers are named "Policy Servers".
  • Each Management Server can support a maximum of ~10,000 endpoints. Multiple Policy Servers can be chained to support a management of up to 400,000 devices from a single environment.
  • The environment supports unified log reporting through SmartLog.

   Best Practices   More


   Client OS Support   More

Check Point Endpoint Security clients protect all of your Windows and Mac workstations, including laptops, Desktops, and Windows Servers.

Check Point takes part in various OS manufactures' development processes and we start the support of new versions when vendors release development builds.

We are committed to offer early availability clients within 3 weeks of OS GA and to announce GA within 2 months of OS GA, however in practice we are delivering much faster. See sk115192 for OS support timeline.


   Detailed Information per Release   More

Detailed Server Releases Information


Server version
GA Date
Latest Revision Date
End of Support Supported OS
Supports EP & Gateway Management
Supported Upgrade Paths
Supported Client Versions Downloads
Additional Information
R80.20 26-Sep-2018 26-Sep-2018   Gaia Can manage both Gateway and Endpoints  CPUSE & Advanced:

R77.30.x

R80.10 

 E80.64 Win and above
E80.64 Mac
Show Downloads
R80.20

Full Disk Encryption Offline Management Tool

Platform Package Description Link
Windows
Full Disk Encryption Offline Management Tool The Endpoint Offline Management Tool lets administrators manage offline mode users and give them password recovery and disk recovery. (TGZ)
Windows Full Disk Encryption Offline Management Tool (Japanese) The Endpoint Offline Management Tool lets administrators manage offline mode users and give them password recovery and disk recovery.
(TGZ)

What's New

R80.20

 

Documentation

R80.20

R80.20 Management Feature Release (Maintrain) 27-Jun-2018 27-Jun-2018   Gaia Can manage both Gateway and Endpoints

CPUSE & Advanced:

R77.30.x

R80.10 

E80.64 Win and above

E80.64 Mac

Show Downloads
R80.20 Management Feature Release

Full Disk Encryption Offline Management Tool

Platform Package Description Link
Windows
Full Disk Encryption Offline Management Tool The Endpoint Offline Management Tool lets administrators manage offline mode users and give them password recovery and disk recovery. (TGZ)
Windows Full Disk Encryption Offline Management Tool (Japanese) The Endpoint Offline Management Tool lets administrators manage offline mode users and give them password recovery and disk recovery.
(TGZ)

R77.30.03

19-Feb-2017 19-Feb-2017 Sep 2019 Gaia Only


Yes
Aligned with Jumbo hotfix Take_143.

Public Jumbo hotfix that is compatible with R77.30.03 will be available in Q3 2017
Show Supported Upgrade Paths

In Place:

R77.30

R77.30.02

Advanced:

R77.30.01

Show Supported Client Versions

E80.61 Win and above

E80.64 Mac

E80.62 Mac

Server

Note: In order to download some of the packages you will need to have a Software Subscription or Active Support plan.

The packages provided below are Legacy CLI packages (not CPUSE packages).

Clean installation and In-Place Upgrade

  • Before installing the hotfixes, you need R77.30 to be installed and to update CPUSE Agent (sk92449) to the latest build.
  • You must install the R77.30 Jumbo Hotfix for Endpoint Security Server before you install the Endpoint Security Server Package for Gaia OS.
Order of Installation Package Link
1 R77.30 Jumbo Hotfix for Endpoint Security Server (TGZ)
2 R77.30.03 Endpoint Security Server Package for Gaia OS (TGZ)


SmartConsole
SmartConsole for Endpoint Security Server R77.30.03 / E80.70
R80.10 (Maintrain)  17-May-2017 17-May-2017
May 2021  Gaia  Can manage both Gateway and Endpoints 

In Place:

R77.30 

E80.64 Win and above

E80.64 Mac

E80.62 Mac


R77.30 EP6.5

[Large Scale]
25-May-2017 25-May-2017 Sep 2019 Gaia & Windows Endpoint only
Show Supported Client Versions

E80.70 and above

E80.64 Mac

Show Downloads

The packages provided below are Legacy CLI packages (not CPUSE packages).

Before installing the hotfix, you need R77.30 to be installed and to update the Deployment Agent (sk92449) to the latest build.

Description Download Link
Check Point Endpoint Security Server Hotfix for Gaia OS
Check Point SmartConsole for Endpoint Security Server
EP6.5 - Offline Tool for Endpoint Security Clients
EP6.5 - Offline Tool for Endpoint Security Clients (Japanese)
R77.30 EP6.5 Server Migration Tools for Gaia OS
What?s New

New in this release:

  • Support for managing E80.70 clients. See sk117155.
  • Improved scaling and response times to Full Disk Encryption client messages.
  • Directory Scanner initial scan and full re-scan take significantly less time
  • Stability and performance enhancements for Online Automatic Synchronization (High Availability).
  • Support for new Full Disk Encryption algorithms, XTS-AES 128-bit and XTS-AES 256-bit for UEFI systems.
  • New Web Remote Help SDK - See the Endpoint Security Web Remote Help SDK Reference Guide for details.
  • General performance improvements.


R77.30.02 22-Aug-2016 29-Sep-2016 Sep 2019 Gaia Only
Yes

Aligned with Jumbo hotfix Take_143.

 

Public Jumbo hotfix that is compatible with R77.30.03 will be available in Q3 2017

Show Supported Upgrade Paths

In Place:

R77.30

Advanced:

R77.30.01

R77.20.01

Show Supported Client Versions

E80.71

E80.70

E80.65

E80.64 Mac/Win

E80.62 HFA1

E80.62 Mac/Win

E80.61

E80.51

Show Downloads

Endpoint Security Server Downloads

Note: In order to download some of the packages you will need to have a Software Subscription or Active Support plan.

The packages provided below are Legacy CLI packages (not CPUSE packages).

Clean installation and In-Place Upgrade

  • Before installing the hotfixes, you need R77.30 to be installed and to update CPUSE Agent (sk92449) to the latest build. (Endpoint Security Servers are only supported on Gaia.)
  • You must install the R77.30 Jumbo Hotfix for Endpoint Security Server before you install the Endpoint Security Server Package for Gaia OS.
Order of Installation Package Link
1 R77.30 Jumbo Hotfix for Endpoint Security (TGZ)
2 R77.30.02 Endpoint Security Server Package for Gaia OS (TGZ)

Management Console Downloads

The SmartConsole for Endpoint Security Server allows the Administrator to connect to the Endpoint Security Server and to manage the new Endpoint Security Software Blades.

Latest Version (R77.30.02)

Endpoint Security Server Package Link
R77.30.02 SmartConsole for Endpoint Security Server R77.30.02 / E80.64 (EXE)

Previous Versions

Endpoint Security Server Package Link
R77.30.01 SmartConsole for Endpoint Security Server R77.30.01 / E80.64 (EXE)
R77.30 SmartConsole for Endpoint Security Server R77.30 / E80.64 (EXE)

R77.30.01

R77.30.01 HFA1

7-Dec-2015 7-Apr-2016 Sep 2019 Gaia & Windows Endpoint only
Show Supported Upgrade Paths

In Place:

R77.30

Advanced:

R77.20.01

Show Supported Client Versions

E80.64 (HFA1 only)

E80.62 HFA1

E80.62 Mac/Win

E80.61

E80.60

E80.51

E80.50

Show Downloads

Note: In order to download some of the packages you will need to have a Software Subscription or Active Support plan.

Endpoint Security R77.30.01 HFA1 Server

Note: The packages provided below are Legacy CLI packages (not CPUSE packages).

Platform Package Link
Gaia R77.30.01 HFA1 Check Point Endpoint Security Server Hotfix for Gaia OS (TGZ)
Windows R77.30.01 HFA1 Check Point Endpoint Security Server Hotfix for Windows OS (TGZ)

Important: It is strongly recommended to apply the Gaia server hotfix provided in sk112099.

Installation

  • The R77.30.01 HFA1 Endpoint Security Server is based on the R77.30 Management Server and must be installed on the R77.30 Management Server. It has all the supported capabilities of a standard Check Point R77.30 Management Server.

  • The following upgrades are supported:
    • In place upgrade from R77.30
    • In place upgrade from R77.30.01
    • Advanced upgrade from R77.20.01

    Note: Other upgrades paths or methods are not supported

  • Installing R77.30.01 HFA1 together with the R77.30 Jumbo Hotfix Accumulator is not supported. All existing security fixes are integrated into R77.30.01 HFA1.

  • For installation and upgrade instructions, use the procedures in the relevant guide:

  • The R77.30.01 HFA1 Endpoint Security Management Server can be activated only on a management-only machine (Standalone machine is not supported, i.e., Gateway + Management)

  • The R77.30.01 HFA1 Endpoint Security Server can manage Endpoint Security Clients E80.40 and higher.

Management Console Downloads

The SmartConsole for Endpoint Security Server allows the Administrator to connect to the Endpoint Security Server and to manage the new Endpoint Security Software Blades.

Platform Package Link
Windows SmartConsole for Endpoint Security Server R77.30.01 HFA1 (EXE)
SmartConsole for Endpoint Security Server E80.62 / R77.20 (EXE)
SmartConsole for Endpoint Security Server E80.62 / R77.30 (EXE)
R77.30 (Maintrain) 19-May-2015 2-Mar-2017 Sep 2019 Gaia & Windows Can manage both Gateway and Endpoints
Show Supported Upgrade Paths

In Place:

R77.20

R77.10

R77

R76

R75.45/E80.41

R75.40/E80.40

Show Supported Client Versions

E80.64 Win and above

E80.64 Mac

E80.62 Mac


R77.20.01 14-May-2015 14-May-2015 Aug 2017 Gaia & Windows Endpoint only
Show Supported Upgrade Paths

In Place:

R77.20

Advanced:

R77/R80.60

Show Supported Client Versions

E80.62 HFA1

E80.62 Mac/Win

E80.61

E80.60

E80.51

E80.50

E80.42

E80.41

E80.40

Show Downloads

Endpoint Security Server R77.20.01

Note: The packages provided below are Legacy CLI packages (not CPUSE packages).

Platform Package Link
Gaia R77.20.01 Check Point Endpoint Security Server HF for Gaia OS (TGZ) (TGZ)
Windows R77.20.01 Check Point Endpoint Security Server HF for Windows OS (TGZ) (TGZ)

Installation

Management Console Downloads

The SmartConsole for Endpoint Security Server allows the Administrator to connect to the Endpoint Security Server and to manage the new Endpoint Security Software Blades.

Package Link
R77.20.01 SmartConsole for Endpoint Security Server (EXE)
R77.20 (Maintrain) 3-Jul-2014 20-Jul-2014 Aug 2017 Gaia & Windows Can manage both Gateway and Endpoints
Show Supported Upgrade Paths

In Place:

R77.10

R77

R76

R75.45/E80.41

R75.40/E80.40

Show Supported Client Versions
E80.51

E80.50

E80.42

E80.41

E80.40


R77.10 (Maintrain) 15-Jan-2014 13-Apr-2014 Aug 2017 Gaia & Windows Can manage both Gateway and Endpoints
Show Supported Upgrade Paths

In Place:

R77

R76

Show Supported Client Versions
E80.51

E80.51

E80.50

E80.42

E80.41

E80.40



Detailed Client Releases Information

Client version
GA Date Latest Revision Date End of Support Supported OS Supported Upgrade Paths OS In-place upgrade Supported Blades Supported Management Servers Downloads Additional Information
E80.97 27-May-2019 27-May-2019
August 2020
Show Supported OS
Win7

Win8.1.1
Win10 1703 Enterprise

Win10 1709

Win10 1803

Win10 1809
Show Upgrade Paths
E80.64

and higher
From Win7/Win 8.1.1/Win10 1703/Win10 1709/Win10 1803 to Win10 1809
Show supported blades
Desktop Firewall and Application Control

Anti-Malware

Forensics and Anti-Ransomware

URL Filtering

Anti-Bot

Threat Emulation & Anti-Exploit

Media Encryption and Port Protection

Full Disk Encryption

Compliance

Remote Access VPN (SA/Managed)

Capsule Docs (SA/Managed)
Show Supported Management Servers

R80.30

R80.20

R80.20.M2

R77.30 EP 6.5

R77.30.03

R77.30

R80.10

R77.20 EP6.2

Show Downloads

Endpoint Security E80.97 Clients

Platform Package Description Link
Windows E80.97 Endpoint Security Clients for Windows OS (Recommended) A zip file that contains all package permutations listed below. (ZIP)
E80.97 Complete Endpoint Security Client for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E80.97 Complete Endpoint Security Client for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E80.97 Complete Endpoint Security Client without Anti-Malware for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E80.97 Complete Endpoint Security Client without Anti-Malware for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E80.97 SandBlast Agent Client for 32 bit systems
SandBlast Agent package for 32bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
(ZIP)
E80.97 SandBlast Agent Client for 64 bit systems
SandBlast Agent package for 64bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
 (ZIP)
E80.97 Full Disk Encryption and Media Encryption and Port Protection client for 32 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 32 bit systems
 (ZIP)
E80.97 Full Disk Encryption and Media Encryption and Port Protection client for 64 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 64 bit systems 
 (ZIP)
E80.97 Initial client Initial client is a very thin client without any blade used for software deployment purposes. (ZIP)

Standalone Clients Downloads

Show / Hide this section
Note: These Standalone clients do not require Endpoint Security Server installation as part of their deployment.

E80.96 Standalone Clients

Platform Package Description Link
Windows E80.96 Remote Access Clients for Windows Remote Access VPN Client for SmartDashboard-managed clients (MSI)
E80.96 Remote Access VPN Clients - Automatic Upgrade file Remote Access VPN Client for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E80.96 Remote Access VPN Clients for ATM Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface. (MSI)
E80.96 Remote Access VPN Clients for ATM - Automatic Upgrade file Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E80.96 Capsule Docs Standalone Client Capsule Docs package for environments that are managed by Capsule Docs Cloud Service.
(EXE)
Capsule Docs PC Viewer Check Point Capsule Docs Viewer is a stand-alone client that lets you view documents that were protected through Capsule Docs. Get from: Capsule Docs Portal

What's New in E80.97

New Feature

Anti-Exploit now protects against the Windows Remote Desktop Protocol (RDP) vulnerability, as defined in CVE-2019-0708.

Enhancements

  • Anti-Exploit
    • CVE-2019-0708: This represents a critical flaw found in the Remote Desktop Protocol of Windows allowing for either Remote Code Execution or Denial of Service attacks. Vulnerable systems protected by Anti-Exploit include Windows 7 SP1 and Windows 2008R2. To learn more, see sk154232

      Note: Users who run SandBlast Agent with a third party Anti-Virus (AV) should be aware that Anti-Exploit is turned off in the presence of third party AVs. For this protection to be enabled, you must allow Anti-Exploit to work with third party AVs as detailed in sk154454.

  • Anti-Ransomware, Behavioral Guard and Forensics
    • Fixes an issue introduced in E80.96 that can lead to Forensic exclusions being ignored on reboot.
    • Fixes an issue so that the Backup and Restoration database does not grow beyond a certain limit.
E81.00 22-May-2019 22-May-2019
August 2020
Show Supported OS
Win7

Win8.1.1
Win10 1703 Enterprise

Win10 1709

Win10 1803

Win10 1809
Show Upgrade Paths
E80.64

and higher
From Win7/Win 8.1.1/Win10 1703/Win10 1709/Win10 1803 to Win10 1809
Show supported blades
Desktop Firewall and Application Control

Anti-Malware

Forensics and Anti-Ransomware

URL Filtering

Anti-Bot

Threat Emulation & Anti-Exploit

Media Encryption and Port Protection

Full Disk Encryption

Compliance

Remote Access VPN (SA/Managed)

Capsule Docs (SA/Managed)
Show Supported Management Servers

R80.30

R80.20

R80.20.M2

R77.30 EP 6.5

R77.30.03

R77.30

R80.10

R77.20 EP6.2

Show Downloads

Endpoint Security E81.00 Clients

Platform Package Description Link
Windows E81.00 Endpoint Security Clients for Windows OS (Recommended) A zip file that contains all package permutations listed below. (ZIP)
E81.00 Complete Endpoint Security Client for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E81.00 Complete Endpoint Security Client for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E81.00 Complete Endpoint Security Client without Anti-Malware for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E81.00 Complete Endpoint Security Client without Anti-Malware for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E81.00 SandBlast Agent Client for 32 bit systems
SandBlast Agent package for 32bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
(ZIP)
E81.00 SandBlast Agent Client for 64 bit systems
SandBlast Agent package for 64bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
 (ZIP)
E81.00 Full Disk Encryption and Media Encryption and Port Protection client for 32 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 32 bit systems
 (ZIP)
E81.00 Full Disk Encryption and Media Encryption and Port Protection client for 64 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 64 bit systems 
 (ZIP)
E81.00 Initial client Initial client is a very thin client without any blade used for software deployment purposes. (ZIP)

Standalone Clients Downloads

Show / Hide this section
Note: These Standalone clients do not require Endpoint Security Server installation as part of their deployment.

E81.00 Standalone Clients

Platform Package Description Link
Windows E81.00 Remote Access Clients for Windows Remote Access VPN Client for SmartDashboard-managed clients (MSI)
E81.00 Remote Access VPN Clients - Automatic Upgrade file Remote Access VPN Client for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E81.00 Remote Access VPN Clients for ATM Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface. (MSI)
E81.00 Remote Access VPN Clients for ATM - Automatic Upgrade file Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E81.00 Capsule Docs Standalone Client Capsule Docs package for environments that are managed by Capsule Docs Cloud Service.
(EXE)
Capsule Docs PC Viewer Check Point Capsule Docs Viewer is a stand-alone client that lets you view documents that were protected through Capsule Docs. Get from: Capsule Docs Portal

What's New in E81.00

New Features

  • Two new features are now available in the Endpoint Security Client Early Availability (EA) program:
    • BitLocker Management
    • Virtual desktop infrastructure (VDI) Persistent Support for VMWare Horizon
    For more information, contact E81.00 Early Availability: E81_EA@checkpoint.com
  • The IP reputation and geo-location are now in the Forensics report.
    Changes in the Overview, Reputation and Network Screens highlight IP reputations and geo-locations.

Enhancements 

  • Anti-Ransomware, Behavioral Guard and Forensics
    • Improves performance by moving Anti-Ransomware honeypot creation and deletion from logon/logoff to the product install/uninstall.
    • The manual restoration of files is now possible for any detected attack with Forensics, as well as Anti-Ransomware. Previously, this was limited to Anti-Ransomware attacks only.
    • Fixes an issue introduced in E80.96 which can lead to Forensic exclusions being ignored on reboot.
    • Fixes a rare issue where Forensics fails to accept a new policy from Management.
    • Fixes a rare crash in Forensics, when the service is shut down before the initialization is complete.
    • Improves Forensics Analysis to follow attacks that involve scheduled tasks, or WMI calls, when the associated processes are invoked.
    • Improves the Entry Point in Forensics to determine if an incident originates from a zip file.
    • Improves the Entry Point in Forensics to identify where certain incidents start from an lnk/shortcut file.
    • Fixes a rare issue with Forensic's Entry Point, where if Anti-Exploit triggers on a browser, more than one browser may appear in the report.
    • Fixes an issue with McAfee's Endpoint not triggering Forensics on a detection if the language is Portuguese. 
    • Fixes an issue in the Forensics report where Business Impact icons use the same tooltip in the Overview section.
    • Fixes a missing icon, when Microsoft Edge is part of a Forensics incident.
    • Fixes a client UI issue where the Forensics analysis animation occurs without an analysis.
    • Fixes an issue to make the Additional Intelligence arrow in the Reputation screen in the Forensics Report function correctly for Edge and Internet Explorer. 
    • Fixes incorrect capitalization in the Reputation screen of the Forensics report.
    • Fixes an issue where Edge and Internet Explorer incorrectly identify certain IPs as phone number links in the Forensics Report. 
    • Increases the size of the reputation drop down in the Network Activity screen of the Forensics Report to accommodate the length of the largest value in the list.
    • Adds the ability for the Forensics CLI to accept the rule name, the third-party product name, and the hash value as parameters.     
  • Threat Emulation and Anti-Exploit
    • Improves the performance of the SandBlast Agent Threat Emulation to minimize the effect on the Endpoint resources.
    • Import-Export Table Parsing in Anti-Exploit is now disabled by default. Disabling this greatly reduces the number of products incompatible with Anti-Exploit.

      To enable this protection, follow the instructions in sk121793.
  • Anti-Malware
    • Hardens the security of the client against DLL injection.
      CVE-2019-8458: Check Point Endpoint Security Client for Windows, with Anti-Malware blade installed, before version E81.00, tries to load a non-existent DLL during an update initiated by the UI. An attacker with administrator privileges can leverage this to gain code execution within a Check Point Software Technologies signed binary, where under certain circumstances may cause the client to terminate.
    • Fixes an issue with Anti-Malware, when it sometimes rejects updates from the OfflineUpdater tool.
    • Fixes an issue where sometimes adding the Anti-Malware blade to a current SandBlast Agent (only) Endpoint results in an Anti-Malware error state. 
  • Full Disk Encryption
    • Full Disk Encryption now tries to wrap known third party credential providers.

      The list of known credential providers that we support is in sk152915
  • Firewall and Application Control
    • Fixes an issue where the Application Control blade may randomly terminate a process due to an uninitialized local variable.
    • Fixes a rare case where the firewall blade may crash.
    • Fixes a crash in the Firewall blade when a LAN cable is connected, while "Disable Wireless on LAN" is enabled. 
  • Media Encryption and Port Protection
    • Fixes issues with CD encryption to show the correct file sizes and correct occupied percentage in the CD. 
    • Fixes the disknet.exe high CPU usage because of continuous file signature checks, when MEPP is configured to block all access to removable media. 
    • Fixes a crash when a device is unexpectedly removed and has an empty friendly name. 
    • Fixes an issue with the MEPP blade, where Windows freezes when the USB key is not removed safely. 
    • Fixes a cosmetic issue in Enhanced Protected Mode (EPM) Explorer to show the status as read-only, if a read-only password is used and the file system is NTFS.
  • Infrastructure
    • Fixes an issue where the installer cannot run from a shared folder and fails with error 1720.
    • Fixes an issue where an operating system reboot is sometimes not enforced after a client removal.
    • Fixes a minor issue where an initial client always shows a connected status, even if it is disconnected.
    • Adds the ability to upload cpinfo to password-protected FTP servers after collecting it. 
    • Fixes an issue where sometimes, after restart, the client will be in a disconnected state for 10 minutes. 
    • Fixes a rare race condition where one of the blades crashes while trying to update the UI.
  • SandBlast Browser Extension
    • Improves Internet Explorer browser extension performance for web pages with many frames.
  • Updater
    • Enhances the mechanism that allows sending security updates to SandBlast agent.
  • Remote Access VPN
    • Performance improvements to the VPN throughput.
  • General
    • Adds an option to acknowledge and close multiple UserCheck messages when they appear.      
E80.96 16-Apr-2019 16-Apr-2019
August 2020 
Show Supported OS
Win7

Win8.1.1
Win10 1703 Enterprise

Win10 1709

Win10 1803

Win10 1809
Show Upgrade Paths
E80.64

and higher
From Win7/Win 8.1.1/Win10 1703/Win10 1709/Win10 1803 to Win10 1809
Show supported blades
Desktop Firewall and Application Control

Anti-Malware

Forensics and Anti-Ransomware

URL Filtering

Anti-Bot

Threat Emulation & Anti-Exploit

Media Encryption and Port Protection

Full Disk Encryption

Compliance

Remote Access VPN (SA/Managed)

Capsule Docs (SA/Managed)
Show Supported Management Servers

R80.20

R80.20.M2

R77.30 EP 6.5

R77.30.03

R77.30

R80.10

R77.20 EP6.2

Show Downloads

Endpoint Security E80.96 Clients

Platform Package Description Link
Windows E80.96 Endpoint Security Clients for Windows OS (Recommended) A zip file that contains all package permutations listed below. (ZIP)
E80.96 Complete Endpoint Security Client for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E80.96 Complete Endpoint Security Client for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E80.96 Complete Endpoint Security Client without Anti-Malware for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E80.96 Complete Endpoint Security Client without Anti-Malware for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E80.96 SandBlast Agent Client for 32 bit systems
SandBlast Agent package for 32bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
(ZIP)
E80.96 SandBlast Agent Client for 64 bit systems
SandBlast Agent package for 64bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
 (ZIP)
E80.96 Full Disk Encryption and Media Encryption and Port Protection client for 32 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 32 bit systems
 (ZIP)
E80.96 Full Disk Encryption and Media Encryption and Port Protection client for 64 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 64 bit systems 
 (ZIP)
E80.96 Initial client Initial client is a very thin client without any blade used for software deployment purposes. (ZIP)

Standalone Clients Downloads

Show / Hide this section
Note: These Standalone clients do not require Endpoint Security Server installation as part of their deployment.

E80.96 Standalone Clients

Platform Package Description Link
Windows E80.96 Remote Access Clients for Windows Remote Access VPN Client for SmartDashboard-managed clients (MSI)
E80.96 Remote Access VPN Clients - Automatic Upgrade file Remote Access VPN Client for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E80.96 Remote Access VPN Clients for ATM Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface. (MSI)
E80.96 Remote Access VPN Clients for ATM - Automatic Upgrade file Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E80.96 Capsule Docs Standalone Client Capsule Docs package for environments that are managed by Capsule Docs Cloud Service.
(EXE)
Capsule Docs PC Viewer Check Point Capsule Docs Viewer is a stand-alone client that lets you view documents that were protected through Capsule Docs. Get from: Capsule Docs Portal

What's New in E80.96

Enhancements

  • Anti-Malware
    • Resolves a rare issue where Anti-Malware protection does not run after an upgrade.
    • Fixes an issue where Anti-Malware shows an incorrect status in UI, in some cases. (This is only relevant to the E2 package.)
    • Fixes an issue where sometimes the OfflineUpdater tool fails to update the signatures database on the client side. 
  • Capsule Docs 
    • Fixes an issue that may cause a failure in an upgrade, or in an uninstall process. 
  • Anti-Ransomware, Behavioral Guard and Forensics
    • The latest version of the Anti-Ransomware Honey Pots are now correctly installed when upgrading from previous versions.
    • Anti-Ransomware Honey Pots no longer stop working if they receive a second Anti-Ransomware policy update.
    • Disabling Forensics now correctly disables Anti-Ransomware completely, including removing all Anti-Ransomware Honey Pot files.
    • Fixes an issue where Process information is corrupted before being inserted into the Forensics Database. With the fix, the number of instances of unknown processes in a Forensics report is dramatically reduced.
    • Fixes a rare case where the last received Forensics, Anti-Ransomware and Behavioral Guard policies are not saved and used, when the client cannot connect to the Management Server.
    • Fixes a rare crash in Forensics, when receiving policy before the full Forensics initialization is complete.
    • Fixes an issue where certain exclusions for Anti-Ransomware are not enforced, if the user logs in before the full service initialization is complete. 
  • Threat Emulation and Anti-Exploit
    • Resolves an issue where, in some cases, Threat Emulation may not deploy the SBA4B Chrome extension if a user has other (non-Check Point) extensions.
    • Makes sure that Threat Emulation avoids a crash when the database is very large.
    • Anti-Exploit now turns off completely when used with a third party Anti-Virus. Check Point's Anti-Malware will not cause Anti-Exploit to disable.
    • Fixes a very rare issue where Anti-Exploit does not completely parse the policy from the Management.
  • Install / Uninstall
    • Fixes a rare case where an unrequired reboot occurs after upgrade.
    • Resolves a rare issue where a crash happens on an uninstall and upgrade.
    • Changes the upgrade retry frequency and removes unnecessary user interface popups.
    • Removes a "Validation failed" message that is displayed in error, during an upgrade from an old version.
    • Updates the list of supported Windows 10 versions in Compliance blade to include versions 1809 and 1803.  
  •    Infrastructure
    • Fixes an issue where the Full Disk Encryption policy is sometimes not updated. 
    • Improves the security of the client when using hard linked files. 
  • General
    • Reduces end-user popups and notifications to the items that require user knowledge or intervention.      
E80.95 31-Mar-2019 31-Mar-2019
August 2020 
Show Supported OS
Win7

Win8.1.1
Win10 1703 Enterprise

Win10 1709

Win10 1803

Win10 1809
Show Upgrade Paths
E80.64

and higher
From Win7/Win 8.1.1/Win10 1703/Win10 1709/Win10 1803 to Win10 1809
Show supported blades
Desktop Firewall and Application Control

Anti-Malware

Forensics and Anti-Ransomware

URL Filtering

Anti-Bot

Threat Emulation & Anti-Exploit

Media Encryption and Port Protection

Full Disk Encryption

Compliance

Remote Access VPN (SA/Managed)

Capsule Docs (SA/Managed)
Show Supported Management Servers

R80.20

R80.20.M2

R77.30 EP 6.5

R77.30.03

R77.30

R80.10

R77.20 EP6.2

Show Downloads

Endpoint Security E80.95 Clients

Platform Package Description Link
Windows E80.95 Endpoint Security Clients for Windows OS (Recommended) A zip file that contains all package permutations listed below. (ZIP)
E80.95 Complete Endpoint Security Client for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E80.95 Complete Endpoint Security Client for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E80.95 Complete Endpoint Security Client without Anti-Malware for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E80.95 Complete Endpoint Security Client without Anti-Malware for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E80.95 SandBlast Agent Client for 32 bit systems
SandBlast Agent package for 32bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
(ZIP)
E80.95 SandBlast Agent Client for 64 bit systems
SandBlast Agent package for 64bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
 (ZIP)
E80.95 Full Disk Encryption and Media Encryption and Port Protection client for 32 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 32 bit systems
 (ZIP)
E80.95 Full Disk Encryption and Media Encryption and Port Protection client for 64 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 64 bit systems 
 (ZIP)
E80.95 Initial client Initial client is a very thin client without any blade used for software deployment purposes. (ZIP)

Standalone Clients Downloads

Show / Hide this section
Note: These Standalone clients do not require Endpoint Security Server installation as part of their deployment.

E80.92 Standalone Clients

Platform Package Description Link
Windows E80.92 Remote Access Clients for Windows Remote Access VPN Client for SmartDashboard-managed clients (MSI)
E80.92 Remote Access VPN Clients - Automatic Upgrade file Remote Access VPN Client for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E80.92 Remote Access VPN Clients for ATM Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface. (MSI)
E80.92 Remote Access VPN Clients for ATM - Automatic Upgrade file Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E80.94 Capsule Docs Standalone Client Capsule Docs package for environments that are managed by Capsule Docs Cloud Service.
(EXE)
Capsule Docs PC Viewer Check Point Capsule Docs Viewer is a stand-alone client that lets you view documents that were protected through Capsule Docs. Get from: Capsule Docs Portal

What's New in E80.95
Anti-Malware - Fixes an issue where the signatures database sometimes fails to update.
E80.94 12-Mar-2019 12-Mar-2019
August 2020 
Show Supported OS
Win7

Win8.1.1
Win10 1703 Enterprise

Win10 1709

Win10 1803

Win10 1809
Show Upgrade Paths
E80.64

and higher
From Win7/Win 8.1.1/Win10 1703/Win10 1709/Win10 1803 to Win10 1809
Show supported blades
Desktop Firewall and Application Control

Anti-Malware

Forensics and Anti-Ransomware

URL Filtering

Anti-Bot

Threat Emulation & Anti-Exploit

Media Encryption and Port Protection

Full Disk Encryption

Compliance

Remote Access VPN (SA/Managed)

Capsule Docs (SA/Managed)
Show Supported Management Servers

R80.20

R80.20.M2

R77.30 EP 6.5

R77.30.03

R77.30

R80.10

R77.20 EP6.2

Show Downloads

Endpoint Security E80.94 Clients

Platform Package Description Link
Windows E80.94 Endpoint Security Clients for Windows OS (Recommended) A zip file that contains all package permutations listed below. (ZIP)
E80.94 Complete Endpoint Security Client for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E80.94 Complete Endpoint Security Client for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E80.94 Complete Endpoint Security Client without Anti-Malware for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E80.94 Complete Endpoint Security Client without Anti-Malware for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E80.94 SandBlast Agent Client for 32 bit systems
SandBlast Agent package for 32bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
(ZIP)
E80.94 SandBlast Agent Client for 64 bit systems
SandBlast Agent package for 64bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
 (ZIP)
E80.94 Full Disk Encryption and Media Encryption and Port Protection client for 32 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 32 bit systems
 (ZIP)
E80.94 Full Disk Encryption and Media Encryption and Port Protection client for 64 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 64 bit systems 
 (ZIP)
E80.94 Initial client Initial client is a very thin client without any blade used for software deployment purposes. (ZIP)

Standalone Clients Downloads

Show / Hide this section
Note: These Standalone clients do not require Endpoint Security Server installation as part of their deployment.

E80.92 Standalone Clients

Platform Package Description Link
Windows E80.92 Remote Access Clients for Windows Remote Access VPN Client for SmartDashboard-managed clients (MSI)
E80.92 Remote Access VPN Clients - Automatic Upgrade file Remote Access VPN Client for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E80.92 Remote Access VPN Clients for ATM Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface. (MSI)
E80.92 Remote Access VPN Clients for ATM - Automatic Upgrade file Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E80.94 Capsule Docs Standalone Client Capsule Docs package for environments that are managed by Capsule Docs Cloud Service.
(EXE)
Capsule Docs PC Viewer Check Point Capsule Docs Viewer is a stand-alone client that lets you view documents that were protected through Capsule Docs. Get from: Capsule Docs Portal

What's New in E80.94
This release includes stability and quality fixes. It supports all features of previous releases.

Enhancements

  • Anti-Malware
    • Resolves a rare case where Anti-Malware has errors when updating signatures.
  • Capsule Docs
    • Resolves an issue so that processes do not stay suspended after an unexpected termination. 
  • Anti-Ransomware, Behavioral Guard and Forensics
    • Fixes an issue where OneDrive synchronization fails on Anti-Ransomware Honeypot files.
    • Adds the ability to exclude individual Anti-Ransomware rules. Behavioral Guard has a similar ability.
    • Changes the Forensics analysis to issue a more accurate Forensic Attack Tree on Dell machines. 
    • Recognizes Google's new signature correctly, and no longer treats Chrome as an unknown process when Reputation is unavailable.
    • The updated trusted certificate file includes the latest trusted signers for use in Forensic Analyses.
    • Forensic Report files always upgrade correctly now, regardless of the previous Endpoint Security Client version present on the system. This prevents the issue of broken reports on machines that went through a specific upgrade path.          
  • Threat Emulation and Anti-Exploit
    • Anti-Exploit now disables itself if Trend Micro or Mcafee security products are present.
    • Adds the ability to exclude Anti-Exploit detection technologies individually. 
  • Install / Uninstall 
    • Resolves an issue where blue screens can occur after Endpoint Security Clients upgrade without reboot. 
    • Fixes an issue so that a required reboot is now enforced when uninstalling the client.
    • Fixes an issue to execute a required reboot during an upgrade.
  • Localization
    • Fixes missing translations. 
E80.92 14-Feb-2019 14-Feb-2019
August 2020 
Show Supported OS
Win7

Win8.1.1
Win10 1703 Enterprise

Win10 1709

Win10 1803

Win10 1809
Show Upgrade Paths
E80.64

and higher
From Win7/Win 8.1.1/Win10 1703/Win10 1709/Win10 1803 to Win10 1809
Show supported blades
Desktop Firewall and Application Control

Anti-Malware

Forensics and Anti-Ransomware

URL Filtering

Anti-Bot

Threat Emulation & Anti-Exploit

Media Encryption and Port Protection

Full Disk Encryption

Compliance

Remote Access VPN (SA/Managed)

Capsule Docs (SA/Managed)
Show Supported Management Servers

R80.20

R80.20.M2

R77.30 EP 6.5

R77.30.03

R77.30

R80.10

R77.20 EP6.2

Show Downloads

Endpoint Security E80.92 Clients

Platform Package Description Link
Windows E80.92 Endpoint Security Clients for Windows OS (Recommended) A zip file that contains all package permutations listed below. (ZIP)
E80.92 Complete Endpoint Security Client for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E80.92 Complete Endpoint Security Client for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E80.92 Complete Endpoint Security Client without Anti-Malware for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E80.92 Complete Endpoint Security Client without Anti-Malware for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E80.92 SandBlast Agent Client for 32 bit systems
SandBlast Agent package for 32bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
(ZIP)
E80.92 SandBlast Agent Client for 64 bit systems
SandBlast Agent package for 64bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
 (ZIP)
E80.92 Full Disk Encryption and Media Encryption and Port Protection client for 32 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 32 bit systems
 (ZIP)
E80.92 Full Disk Encryption and Media Encryption and Port Protection client for 64 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 64 bit systems 
 (ZIP)
E80.92 Initial client Initial client is a very thin client without any blade used for software deployment purposes. (ZIP)

Standalone Clients Downloads

Show / Hide this section
Note: These Standalone clients do not require Endpoint Security Server installation as part of their deployment.

E80.92 Standalone Clients

Platform Package Description Link
Windows E80.92 Remote Access Clients for Windows Remote Access VPN Client for SmartDashboard-managed clients (MSI)
E80.92 Remote Access VPN Clients - Automatic Upgrade file Remote Access VPN Client for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E80.92 Remote Access VPN Clients for ATM Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface. (MSI)
E80.92 Remote Access VPN Clients for ATM - Automatic Upgrade file Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E80.92 Capsule Docs Standalone Client Capsule Docs package for environments that are managed by Capsule Docs Cloud Service.
(EXE)
Capsule Docs PC Viewer Check Point Capsule Docs Viewer is a stand-alone client that lets you view documents that were protected through Capsule Docs. Get from: Capsule Docs Portal

What's New in E80.92
This release includes stability and quality fixes. It supports all features of previous releases.

New Features

  • New consolidated Reputation View in Forensics.
    This view now contains reputation, where available from Threat Cloud for all non-trusted URLs, Domains and Hashes found in the Forensics Analysis.
  • Improved and faster remediation flow in Forensics.
    We have improvements in the performance of remediation when done through a Forensics Report. This includes fixes that report the remediation status at the time of report generation more accurately.
  • Support for multiple logged-in users in Anti-Ransomware.
    We are now able to generate and monitor our honeypot detections if multiple users are logged in simultaneously.
  • Further enhancements to PowerShell obfuscation detection in Behavioral Guard.
    This results in improved detection capabilities.
  • Boot time improvements in Forensics.
    Forensic data storage now occurs well after boot. This improves the time for boot, especially on older drives and on drives with a great deal of file activity during boot.

Enhancements

  • Anti-Ransomware, Behavioral Guard and Forensics
    • Fixes an issue in Anti-Ransomware honeypot creations during a login for a new user.
    • Fixes an issue where honeypot files were not created for all users in a multi-user system.
    • Fixes an issue on Windows Server editions, where some honeypots were not created when multiple users logged in simultaneously.
    • Improves PowerShell obfuscation detection support in Behavioral Guard.
    • A new consolidated Reputation view is available in the Forensics Report that combines intelligence for all non-trusted URLs, Domains and Files in the report.
    • Improves boot performance by introducing a delay in Forensics data storage during the boot cycle.
    • Hashes for files calculated by Threat Emulation are available for visualization and reputation in the Forensics Report.
    • Extends the Forensics API with hash information so that Threat Emulation and other products always get Reputation, if available in the Forensics Report.
    • Forensics Report Tree views have a new section in Network Operations for processes that are listening on a port for a connection.
    • Processes with invalid signatures now show as suspicious events with invalid signer names available in the Forensics Report. Behavioral Guard also supports rules for invalid signatures.
    • Fixes an issue where the reputation for files that are not processes are updated correctly in the Forensics Report.
    • Fixes a very rare infinite loop that may occur, when the data in the Forensics database is corrupted.
    • Fixes the Virus Total (VT) First Seen date to be the same format as other dates in the Forensics Report.
    • Suspicious Events of a process in the Tree and Tree Time-line views of the Forensics Report now show in the order of severity.
    • Fixes a missing icon for unsigned processes in the Overview and General views of the Forensics Report.
    • Fixes an issue to make triggers on files, with IPs in their path, appear correctly in the Overview view of the Forensics Report.
    • Fixes a visualization issue, where the reputation file size appeared as zero for files with no reputation in the Forensics Report.       
  • Threat Emulation and Anti-Exploit
    • Fixes an issue in Anti-Exploit, where the protection name was not consistently displayed in the client UI and Forensics Reports.
    • Fixes an issue in Anti-Exploit with a specific build version of Internet Explorer not having VBScript God Mode protection enabled correctly.
    • Fixes a slow performance problem in Threat Emulation, when accessing files on a non-local disk.
    • Resolves an issue, where Internet Explorer can freeze when navigating to trusted sites.  
  • Full Disk Encryption 
    • Resolves an issue, where connections through Remote Desktop Protocol (RDP) to a machine with Full Disk Encryption can fail intermittently.
    • Resolves an issue, where Full Disk Encryption, enabled for UEFI BCDBOOT, sometimes experiences a boot loop. 
  • Media Encryption & Port Protection
    • Fixes an issue where Explorer flickers every second, when inserting an encrypted media.
    • Resolves an issue where the "copy" file operation is not logged in some conditions.
E80.90 31-Dec-2018 31-Dec-2018  August 2020
Show Supported OS
Win7

Win8.1.1

Win10 1703

Win10 1709

Win10 1803

Win10 1809
Show Upgrade Paths
E80.64

and higher
From Win7/Win 8.1.1/Win10 1703/Win10 1709/Win10 1803 to Win10 1809
Show supported blades
Desktop Firewall and Application Control

Anti-Malware

Forensics and Anti-Ransomware

URL Filtering

Anti-Bot

Threat Emulation & Anti-Exploit

Media Encryption and Port Protection

Full Disk Encryption

Compliance

Remote Access VPN (SA/Managed)

Capsule Docs (SA/Managed)
Show Supported Management Servers

R80.20

R80.20.M2

R77.30 EP 6.5

R77.30.03

R77.30

R80.10

R77.20 EP6.2

Show Downloads

Endpoint Security E80.90 Clients

Platform Package Description Link
Windows E80.90 Endpoint Security Clients for Windows OS (Recommended) A zip file that contains all package permutations listed below. (ZIP)
E80.90 Complete Endpoint Security Client for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E80.90 Complete Endpoint Security Client for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E80.90 Complete Endpoint Security Client without Anti-Malware for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E80.90 Complete Endpoint Security Client without Anti-Malware for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E80.90 SandBlast Agent Client for 32 bit systems
SandBlast Agent package for 32bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
(ZIP)
E80.90 SandBlast Agent Client for 64 bit systems
SandBlast Agent package for 64bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
 (ZIP)
E80.90 Full Disk Encryption and Media Encryption and Port Protection client for 32 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 32 bit systems
 (ZIP)
E80.90 Full Disk Encryption and Media Encryption and Port Protection client for 64 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 64 bit systems 
 (ZIP)
E80.90 Initial client Initial client is a very thin client without any blade used for software deployment purposes. (ZIP)

Standalone Clients Downloads

Show / Hide this section
Note: These Standalone clients do not require Endpoint Security Server installation as part of their deployment.

E80.90 Standalone Clients

Platform Package Description Link
Windows E80.90 Remote Access Clients for Windows Remote Access VPN Client for SmartDashboard-managed clients (MSI)
E80.90 Remote Access VPN Clients - Automatic Upgrade file Remote Access VPN Client for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E80.90 Remote Access VPN Clients for ATM Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface. (MSI)
E80.90 Remote Access VPN Clients for ATM - Automatic Upgrade file Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E80.90 Capsule Docs Standalone Client Capsule Docs package for environments that are managed by Capsule Docs Cloud Service.
(EXE)
Capsule Docs PC Viewer Check Point Capsule Docs Viewer is a stand-alone client that lets you view documents that were protected through Capsule Docs. Get from: Capsule Docs Portal

What's New in E80.90
This release includes stability and quality fixes. It supports all features of previous releases.

New Features

  • Windows 10 October 2018 Update Support.
  • Windows Server 2019 Support.
  • Enhanced Fileless and Malicious Powershell Detections engine extending Behavioral Guard capabilities.
    • This new engine provides a multi-phase ability to detect malicious PowerShell usage that is unique.
    • Includes full AMSI (Advanced Malware Scan Interface) integration to get, analyze and report decoded scripts.
  • Forensic report overhaul with a new style and enhanced reputation integration.
    • Completely redesigned Overview and General screens.
    • Many small usability and visual enhancements throughout the report.
    • View decoded script content as part of the report itself.
    • See the Enhancements section below for additional information.
  • Forensics now has major performance improvements.
    • There is a major reduction (roughly 50% fewer events) in the amount of data stored. This results in lower IO usage and better performance. 
    • See the enhancements below for the full list of performance enhancements.
  • Forensics Analysis takes on average 20% less time to complete.
    For larger reports the time taken will be further reduced.
  • Stack Pivoting detection was turned on as a new exploit detection technique for Anti-Exploit.
    Stack Pivoting involves trying to create a fake stack from attacker controlled memory.
  • Anti-Exploit now default protects the Equation Editor process.
    This helps to cover the following CVEs:
    • CVE-2017-11882
    • CVE-2018-0802
    • CVE-2018-0812

Enhancements

  • Anti-Ransomware, Behavioral Guard and Forensics
    • Enhances Behavioral Guard with the ability to perform deep inspections of both behavior and script content of PowerShell and Fileless attacks.
    • Improves Forensic reports with decoded PowerShell scripts from AMSI integration.
      This feature is only available in Windows 10.
    • Adds many new suspicious events for the Forensic report, including new PowerShell related suspicious events.
    • Fixes a crash occurring when Forensics, Anti-Ransomware and Behavior Guard are processing an existing policy while receiving a new policy.
    • Fixes a rare issue with large continuous CPU utilization when the Forensics service is unable to communicate with the driver.
    • Improves Forensic performance by adding static exclusions for well known file operations.
      This addition alone can reduce the number of file operations stored by up to 80% on some machines.
    • Improves Forensics performance by adding dynamic exclusions for file operations based on a new heuristic.
      This can reduce the number of file operations stored by up to 30%.
    • Improves Forensic performance by dynamically excluding registry operations based on a new heuristic.
      On average, 10% of registry operations are now excluded.
    • Fixes an issue which caused duplication of log events in Forensics.
    • Improves Entry Point calculations across multiple scenarios to be more accurate in the Forensic Report.
    • Fixes a majority of issues where the Entry Point of an attack could be empty.
      Now there should almost always be an Entry Point.
    • Improves the Forensics report so that Command Prompts (cmd.exe) opened for typing no longer appear in the Forensic report, but may appear in the Entry Point instead.
    • Improves the Forensic Analysis to consider following files in the argument of processes already included as part of the incident.
    • The Forensics report now shows the termination status for every process present in the report.
    • Fixes an issue that could lead to incomplete termination of processes involved in a Ransomware incident.
    • Processes, showing in a report, that are closed at the time of the generation of the report will now correctly show as terminated, even if the remediation policy for termination is disabled.
    • Fixes an issue where some Forensic report icons may be missing when upgrading to E80.89.
      The icons are now present when upgrading to E80.90.
    • Fixes an issue with the scroll bar not appearing correctly if there are multiple nodes in the Entry Point view of the Forensics Report. 
    • Fixes a Forensics Analysis issue where script processes like PowerShell do not appear in the report when Cmd is involved and the script process is not the trigger.
    • Process arguments and script contents are now encoded in the Forensic reports.
      This prevents the deletion of the reports by Anti-Viruses looking for specific signatures found in the argument or script content. 
    • Adds support to include the Malware Family from URL reputation if present in the Forensic report.
    • Fixes an issue which could result in the User Name appearing empty in the Forensic Report. 
    • Fixes a visual issue in the Forensic report where the distance between processes could be very large if a process has a lot of lines of text.
    • Updates the default exclusions for Anti-Ransomware.
  • Threat Emulation and Anti-Exploit
    • Anti-Exploit now has an additional exploit prevention technology called stack pivoting.
    • Anti-Exploit now protects Equation Editor from known and unknown exploit attempts.
  • Anti-Bot
    • Fixes a crash when the Anti-Bot database is held by another process in the system.
  • SandBlast Agent Updater
    • Adds support for Static Analysis updates running in parallel to other updates using the Updater.
      Fixes an issue where the wrong service is restarted when updating two products together.
E80.89 for Mac 30-Dec-2018 30-Dec-2018  
Show Supported OS
macOS Mojave (10.14)
macOS High Sierra (10.13)
Show Upgrade Paths
E80.64

E80.71

E80.85
From macOS High Sierra (10.13)/macOS Sierra (10.12)
Show supported blades
VPN

Firewall for desktop security

Compliance

Media Encryption

Native Encryption Management

Threat Emulation

Anti-Ransomware

Capsule Docs
Show Supported Management Servers

R80.20

R77.30.03

R77.20 EP6.2

Show Downloads

Endpoint Security E80.89 Clients


Platform Package Link
macOS E80.89 Check Point Endpoint Security Client for macOS
(ZIP)
macOS E80.89 Check Point Endpoint Security Client for macOS (without Capsule Docs and SandBlast Agent)
(ZIP)

Standalone Clients Downloads

Show / Hide this section
Note: These Standalone clients do not require Endpoint Security Server installation as part of their deployment.

E80.89 Standalone Clients

Platform Package Link
macOS E80.89 Endpoint Security VPN for macOS - Disc Image (DMG) (DMG)
E80.89 Endpoint Security VPN for macOS - Automatic Upgrade package (PKG) (PKG)
E80.89 Endpoint Security VPN for macOS - Signature for automatic upgrade (signature)

Capsule Docs E80.89 Clients

Platform Package Link
macOS E80.89 Capsule Docs Mac Editor (DMG)

What's New in E80.89 for Mac
This release adds these new features:

New Features

  • Support for the Endpoint Security Clients on macOS Mojave (10.14)
  • Support for SandBlast Agent previously only available on the Windows platform:
    • Threat Emulation - Evasion resistant sandbox technology detects malicious behavior and prevents any imminent attack.
      As in Windows, the protection is available in 2 levels:
      • Protection from files written to the file system.
      • Inspection of files downloaded by Chrome using the Chrome browser extension to prevent malicious files from getting to the file system.
    • Anti-Ransomware - Detects and quarantines the most evasive Ransomware variants.
    • Google Chrome Extension with:
      • Threat Extraction - Reconstructs downloaded file, delivering sanitized risk-free files to users in real time.
      • Zero Phishing - Blocks deceptive phishing sites and alerts on password reuse in real-time.
  • Full support for macOS 64-bit.
  • Adds the ability for Remote Access to verify the integrity of the Endpoint Security Management where the Endpoint Security VPN clients connect.
    This ability exists in the Endpoint Security VPN client for Windows, and is now available for the Endpoint Security client for macOS. See sk108892.

Enhancements

  • Native Encryption Management now supports mobile network users.
  • Remote Access - Opens the default browser of the machine to register to hotspot.
E80.89 09-Dec-2018 09-Dec-2018 August 2020 
Show Supported OS
Win7

Win8.1.1

Win10 1703

Win10 1709

Win10 1803
Show Upgrade Paths
E80.64

E80.65

E80.70

E80.71

E80.72

E80.80

E80.81

E80.82

E80.83

E80.84

E80.85

E80.86

E80.87

E80.88
From Win7/Win 8.1.1/Win10 1607/Win10 1703/Win10 1709 to Win10 1803
Show supported blades
Desktop Firewall and Application Control

Anti-Malware

Forensics and Anti-Ransomware

URL Filtering

Anti-Bot

Threat Emulation & Anti-Exploit

Media Encryption and Port Protection

Full Disk Encryption

Compliance

Remote Access VPN (SA/Managed)

Capsule Docs (SA/Managed)
Show Supported Management Servers

R80.20

R80.20.M1

R77.30 EP 6.5

R77.30.03

R77.30

R80.10

R77.20 EP6.2

Show Downloads

Endpoint Security E80.89 Clients

Platform Package Description Link
Windows E80.89 Endpoint Security Clients for Windows OS (Recommended) A zip file that contains all package permutations listed below. (ZIP)
E80.89 Complete Endpoint Security Client for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E80.89 Complete Endpoint Security Client for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E80.89 Complete Endpoint Security Client without Anti-Malware for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E80.89 Complete Endpoint Security Client without Anti-Malware for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E80.89 SandBlast Agent Client for 32 bit systems
SandBlast Agent package for 32bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
(ZIP)
E80.89 SandBlast Agent Client for 64 bit systems
SandBlast Agent package for 64bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
 (ZIP)
E80.89 Full Disk Encryption and Media Encryption and Port Protection client for 32 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 32 bit systems
 (ZIP)
E80.89 Full Disk Encryption and Media Encryption and Port Protection client for 64 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 64 bit systems 
 (ZIP)
E80.89 Initial client Initial client is a very thin client without any blade used for software deployment purposes. (ZIP)

Standalone Clients Downloads

Show / Hide this section
Note: These Standalone clients do not require Endpoint Security Server installation as part of their deployment.

E80.89 Standalone Clients

Platform Package Description Link
Windows E80.89 Remote Access Clients for Windows Remote Access VPN Client for SmartDashboard-managed clients (MSI)
E80.89 Remote Access VPN Clients - Automatic Upgrade file Remote Access VPN Client for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E80.89 Remote Access VPN Clients for ATM Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface. (MSI)
E80.89 Remote Access VPN Clients for ATM - Automatic Upgrade file Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E80.89 Capsule Docs Standalone Client Capsule Docs package for environments that are managed by Capsule Docs Cloud Service.
(EXE)
Capsule Docs PC Viewer Check Point Capsule Docs Viewer is a stand-alone client that lets you view documents that were protected through Capsule Docs. Get from: Capsule Docs Portal

What's New in E80.89
This release includes stability and quality fixes. It supports all features of previous releases.

New Features

  • No Reboot Deployment
    • Endpoint Security client deployment is now available, without reboots, for the following:
      • Compliance
      • Anti-Malware
      • Firewall and Application Control
      • Remote Access VPN
      • URL Filtering
      • SandBlast Agent Blades
    • Upgrades from E80.89 to later releases are supported, without reboots, for the following:
      • Compliance
      • Firewall and Application Control
      • Remote Access VPN
      • URL Filtering
      • SandBlast Agent Blades
        Note: Upgrades of some Full Disk Encryption, Media Encryption and Port Protection, Capsule Docs and Anti-Malware versions might require reboot.
  • Forensics Report
    • The report has updates and improvements in the overview and general screens. The overview screen now includes additional information such as malware family, attack types and other details. The general screen contains more information about incidents. 
    • The Tree and Tree Time Line screens also have updated navigational toolbars.
  • Remote Access Client
    • Support for Windows 10 October 2018 Update (1809).

Enhancements

  • Anti-Ransomware, Behavioral Guard and Forensics
    • Forensics reports no longer show Anti-Bot in "Detect" mode as having a "Blocked" status.
    • Resolves a Forensics Analysis issue when incidents that include the Task Scheduler may add unrelated processes to the Forensics report.
    • Resolves a Forensics Analysis issue where some "riskware" processes are not properly followed and terminated.
    • Forensics reports now include the Malware Family Name when available to the reputation section of a process.
    • Resolves a rare Forensics Analysis issue when an entry point jumps between different browsers incorrectly.
    • The Forensic report's network view now shows entry point URLs and associated Domains.
    • Enforces exclusions of Check Point signed process related file activity in the driver to improve Forensics performance.
  • Threat Emulation and Anti-Exploit
    • Resolves several cases where Threat Emulation file monitoring locks the file, interfering with other application uses.
    • Resolves an issue where benign zero phishing logs appear as malicious. 
  • SandBlast Agent Infrastructure
    • Resolves an issue of Remediation request ID collisions and the interference in remediation, if multiple requests appear together.
  • Client Infrastructure
    • Improves Software Development Status reporting.
E80.88 08-Nov-2018 08-Nov-2018 August 2020 
Show Supported OS
Win7

Win8.1.1

Win10 1703

Win10 1709

Win10 1803
Show Upgrade Paths
E80.64

E80.65

E80.70

E80.71

E80.72

E80.80

E80.81

E80.82

E80.83

E80.84
E80.85
E80.86
E80.87
From Win7/Win 8.1.1/Win10 1607/Win10 1703/Win10 1709 to Win10 1803
Show supported blades
Desktop Firewall and Application Control

Anti-Malware

Forensics and Anti-Ransomware

URL Filtering

Anti-Bot

Threat Emulation & Anti-Exploit

Media Encryption and Port Protection

Full Disk Encryption

Compliance

Remote Access VPN (SA/Managed)

Capsule Docs (SA/Managed)
Show Supported Management Servers

R80.20

R80.20.M1

R77.30 EP 6.5

R77.30.03

R77.30

R80.10

R77.20 EP6.2

Show Downloads

Endpoint Security E80.88 Clients

Platform Package Description Link
Windows E80.88 Endpoint Security Clients for Windows OS (Recommended) A zip file that contains all package permutations listed below. (ZIP)
E80.88 Complete Endpoint Security Client for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E80.88 Complete Endpoint Security Client for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E80.88 Complete Endpoint Security Client without Anti-Malware for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E80.88 Complete Endpoint Security Client without Anti-Malware for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E80.88 SandBlast Agent Client for 32 bit systems
SandBlast Agent package for 32bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
(ZIP)
E80.88 SandBlast Agent Client for 64 bit systems
SandBlast Agent package for 64bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
 (ZIP)
E80.88 Full Disk Encryption and Media Encryption and Port Protection client for 32 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 32 bit systems
 (ZIP)
E80.88 Full Disk Encryption and Media Encryption and Port Protection client for 64 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 64 bit systems 
 (ZIP)
E80.88 Initial client Initial client is a very thin client without any blade used for software deployment purposes. (ZIP)

Standalone Clients Downloads

Show / Hide this section
Note: These Standalone clients do not require Endpoint Security Server installation as part of their deployment.

E80.88 Standalone Clients

Platform Package Description Link
Windows E80.88 Remote Access Clients for Windows Remote Access VPN Client for SmartDashboard-managed clients (MSI)
E80.88 Remote Access VPN Clients - Automatic Upgrade file Remote Access VPN Client for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E80.88 Remote Access VPN Clients for ATM Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface. (MSI)
E80.88 Remote Access VPN Clients for ATM - Automatic Upgrade file Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E80.88 Capsule Docs Standalone Client Capsule Docs package for environments that are managed by Capsule Docs Cloud Service.
(EXE)
Capsule Docs PC Viewer Check Point Capsule Docs Viewer is a stand-alone client that lets you view documents that were protected through Capsule Docs. Get from: Capsule Docs Portal

What's New in E80.88
This release includes stability and quality fixes. It supports all features of previous releases.

New Feature

  • Forensic Reports now include URL and domain reputation analyses from Network Operations. A new view for Network Operations is available with this information. Click on Network Events under the Suspicious Activity menu option to access this view.

Enhancements

  • Anti-Ransomware, Behavioral Guard and Forensics
    • Resolves an issue related to missing buttons on the Remediation Manager User Interface.
    • Anti-Ransomware, Behavioral Guard and Forensics now default to the most recently used policy, if they have not received a new policy from Management.
    • Resolves apparent hang in the Forensics report when there is no execution tree to display.
    • Full Path exclusions now work in Anti-Ransomware. When Anti-Ransomware excludes a process by its full path, it does not exclude other processes with the same name in different paths.
    • Improves the exclusion of Check Point, Trend Micro and McAfee process activities from Forensics monitoring for better blade performance. 
    • Resolves the issue of continuous high CPU utilization when a very large Forensics report transmission fails.
    • Fixes a rare crash in Forensics when resources are scarce during maintenance tasks. 
  • Threat Emulation and Anti-Exploit
    • Resolves a file system performance issue in the Threat Emulation blade to prevent delays in file creation or copy on local disks.
    • Resolves a non-local file access monitoring issue. Threat Emulation now monitors file creation and access on non-local disks, and emulates them, if necessary. 
    • Fixes a crash in Anti-Exploit protected applications when Control Guard is on in Windows 10.
  • Full Disk Encryption
    • Resolves an issue in which Full Disk Encryption failed to synchronize a hostname change.
    • Resolves an issue for Pre-Boot keyboard functionality on Epson NA512E.
    • Resolves an issue in which Pre-Boot went into a reboot loop, on some UEFI machines, during disk cache issues. 
    • Resolves an instability issue of Full Disk Encryption Single-Sign-On functionality on Microsoft Windows 10 1803.
  • Installation
    • Resolves upgrade issues when two product lines were shown for Check Point Endpoint Security in Add\Remove Programs, after previously failed upgrades. 
E80.87 27-Sep-2018 27-Sep-2018 August 2020 
Show Supported OS
Win7

Win8.1.1

Win10 1703

Win10 1709

Win10 1803
Show Upgrade Paths
E80.64

E80.65

E80.70

E80.71

E80.72

E80.80

E80.81

E80.82

E80.83

E80.84
E80.85
E80.86
From Win7/Win 8.1.1/Win10 1607/Win10 1703/Win10 1709 to Win10 1803
Show supported blades
Desktop Firewall and Application Control

Anti-Malware

Forensics and Anti-Ransomware

URL Filtering

Anti-Bot

Threat Emulation & Anti-Exploit

Media Encryption and Port Protection

Full Disk Encryption

Compliance

Remote Access VPN (SA/Managed)

Capsule Docs (SA/Managed)
Show Supported Management Servers

R80.20

R80.20.M1

R77.30 EP 6.5

R77.30.03

R77.30

R80.10

R77.20 EP6.2

Show Downloads

Endpoint Security E80.87 Clients

Platform Package Description Link
Windows E80.87 Endpoint Security Clients for Windows OS (Recommended) A zip file that contains all package permutations listed below. (ZIP)
E80.87 Complete Endpoint Security Client for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E80.87 Complete Endpoint Security Client for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E80.87 Complete Endpoint Security Client without Anti-Malware for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E80.87 Complete Endpoint Security Client without Anti-Malware for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E80.87 SandBlast Agent Client for 32 bit systems
SandBlast Agent package for 32bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
(ZIP)
E80.87 SandBlast Agent Client for 64 bit systems
SandBlast Agent package for 64bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
 (ZIP)
E80.87 Full Disk Encryption and Media Encryption and Port Protection client for 32 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 32 bit systems
 (ZIP)
E80.87 Full Disk Encryption and Media Encryption and Port Protection client for 64 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 64 bit systems 
 (ZIP)
E80.87 Initial client Initial client is a very thin client without any blade used for software deployment purposes. (ZIP)

Standalone Clients Downloads

Note: These Standalone clients do not require Endpoint Security Server installation as part of their deployment.

E80.87 Standalone Clients

Platform Package Description Link
Windows E80.87 Remote Access Clients for Windows Remote Access VPN Client for SmartDashboard-managed clients (MSI)
E80.87 Remote Access VPN Clients - Automatic Upgrade file Remote Access VPN Client for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E80.87 Remote Access VPN Clients for ATM Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface. (MSI)
E80.86 Remote Access VPN Clients for ATM - Automatic Upgrade file Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E80.87 Capsule Docs Standalone Client Capsule Docs package for environments that are managed by Capsule Docs Cloud Service.
(EXE)
Capsule Docs PC Viewer Check Point Capsule Docs Viewer is a stand-alone client that lets you view documents that were protected through Capsule Docs. Get from: Capsule Docs Portal

What's New in E80.87
E80.86 22-Aug-2018 22-Aug-2018  August 2020
Show Supported OS
Win7

Win8.1.1

Win10 1703

Win10 1709

Win10 1803
Show Upgrade Paths
E80.64

E80.65

E80.70

E80.71

E80.72

E80.80

E80.81

E80.82

E80.83

E80.84
E80.85
From Win7/Win 8.1.1/Win10 1607/Win10 1703/Win10 1709 to Win10 1803
Show supported blades
Desktop Firewall and Application Control

Anti-Malware

Forensics and Anti-Ransomware

URL Filtering

Anti-Bot

Threat Emulation & Anti-Exploit

Media Encryption and Port Protection

Full Disk Encryption

Compliance

Remote Access VPN (SA/Managed)

Capsule Docs (SA/Managed)
Show Supported Management Servers

R80.20.M1

R77.30 EP 6.5

R77.30.03

R77.30

R80.10

R77.20 EP6.2

Show Downloads

Endpoint Security E80.86 Clients

Platform Package Description Link
Windows E80.86 Endpoint Security Clients for Windows OS (Recommended) A zip file that contains all package permutations listed below. (ZIP)
E80.86 Complete Endpoint Security Client for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E80.86 Complete Endpoint Security Client for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E80.86 Complete Endpoint Security Client without Anti-Malware for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E80.86 Complete Endpoint Security Client without Anti-Malware for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E80.86 SandBlast Agent Client for 32 bit systems
SandBlast Agent package for 32bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
(ZIP)
E80.86 SandBlast Agent Client for 64 bit systems
SandBlast Agent package for 64bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
 (ZIP)
E80.86 Full Disk Encryption and Media Encryption and Port Protection client for 32 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 32 bit systems
 (ZIP)
E80.86 Full Disk Encryption and Media Encryption and Port Protection client for 64 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 64 bit systems 
 (ZIP)
E80.86 Initial client Initial client is a very thin client without any blade used for software deployment purposes. (ZIP)

Standalone Clients Downloads

Note: These Standalone clients do not require Endpoint Security Server installation as part of their deployment.

E80.86 Standalone Clients

Platform Package Description Link
Windows E80.86 Remote Access Clients for Windows Remote Access VPN Client for SmartDashboard-managed clients (MSI)
E80.86 Remote Access VPN Clients - Automatic Upgrade file Remote Access VPN Client for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E80.86 Remote Access VPN Clients for ATM Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface. (MSI)
E80.86 Remote Access VPN Clients for ATM - Automatic Upgrade file Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E80.85 Capsule Docs Standalone Client Capsule Docs package for environments that are managed by Capsule Docs Cloud Service.
(EXE)
Capsule Docs PC Viewer Check Point Capsule Docs Viewer is a stand-alone client that lets you view documents that were protected through Capsule Docs. Get from: Capsule Docs Portal

What's New in E80.86
E80.85 11-July-2018 11-July-2018  August 2020
Show Supported OS
Win7

Win8.1.1

Win10 1703

Win10 1709

Win10 1803
Show Upgrade Paths
E80.65

E80.64

E80.70

E80.71

E80.72

E80.80

E80.81

E80.82

E80.83

E80.84
From Win7/Win 8.1.1/Win10 1607/Win10 1703/Win10 1709 to Win10 1803
Show supported blades
Desktop Firewall and Application Control

Anti-Malware

Forensics and Anti-Ransomware

URL Filtering

Anti-Bot

Threat Emulation & Anti-Exploit

Media Encryption and Port Protection

Full Disk Encryption

Compliance

Remote Access VPN (SA/Managed)

Capsule Docs (SA/Managed)
Show Supported Management Servers

R80.20.M1

R77.30 EP 6.5

R77.30.03

R77.30

R80.10

R77.20 EP6.2

Show Downloads

Endpoint Security E80.85 Clients

Platform Package Description Link
Windows E80.85 Endpoint Security Clients for Windows OS (Recommended) A zip file that contains all package permutations listed below. (ZIP)
E80.85 Complete Endpoint Security Client for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E80.85 Complete Endpoint Security Client for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E80.85 Complete Endpoint Security Client without Anti-Malware for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E80.85 Complete Endpoint Security Client without Anti-Malware for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E80.85 SandBlast Agent Client for 32 bit systems
SandBlast Agent package for 32bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
(ZIP)
E80.85 SandBlast Agent Client for 64 bit systems
SandBlast Agent package for 64bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
 (ZIP)
E80.85 Full Disk Encryption and Media Encryption and Port Protection client for 32 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 32 bit systems
 (ZIP)
E80.85 Full Disk Encryption and Media Encryption and Port Protection client for 64 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 64 bit systems 
 (ZIP)
E80.85 Initial client Initial client is a very thin client without any blade used for software deployment purposes. (ZIP)

Standalone Clients Downloads

Note: These Standalone clients do not require Endpoint Security Server installation as part of their deployment.

E80.85 Standalone Clients

Platform Package Description Link
Windows E80.85 Remote Access Clients for Windows Remote Access VPN Client for SmartDashboard-managed clients (MSI)
E80.85 Remote Access VPN Clients - Automatic Upgrade file Remote Access VPN Client for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E80.85 Remote Access VPN Clients for ATM Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface. (MSI)
E80.85 Remote Access VPN Clients for ATM - Automatic Upgrade file Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E80.85 Capsule Docs Standalone Client Capsule Docs package for environments that are managed by Capsule Docs Cloud Service.
(EXE)
Capsule Docs PC Viewer Check Point Capsule Docs Viewer is a stand-alone client that lets you view documents that were protected through Capsule Docs. Get from: Capsule Docs Portal

What's New in E80.85

This release includes stability and quality fixes. It supports all features of previous releases.

New Features

  • Anti-Malware - A DHS-compliant Anti-Malware engine is available for download, as specified in DHS Binding Operational Directive 17-01. To learn more, and to download the packages, contact Check Point Support.
  • Behavioral Guard - SandBlast Agent Behavioral Guard is a behavioral detection engine that detects and remediates all forms of malicious behavior. If malicious behavior is detected, a forensics report is generated of the entire attack. The attack can be automatically or manually remediated based on the forensics report. To learn how to configure Behavioral Guard, see sk129892.
  • Data Collection - SandBlast Agent improves the detection of malicious threats by sending anonymized incident-related data to the Check Point ThreatCloud. It is enabled by default. To learn more about data collection and to find out how to disable it, see sk129753.
  • Remote Access VPN - Support for Key Storage Providers (KSP) for machine certificates. Support for KSP is enabled by default for machine authentication. If machine authentication is configured on the client and on the Security Gateway, clients can authenticate with machine certificates that use a Key Storage Provider.

Enhancements

  • Full Disk Encryption - Improved logging when enabling or disabling Pre-boot using the fdecontrol.exe utility.
E80.84 20-June-2018 20-June-2018 August 2020 
Show Supported OS
Win7

Win8.1.1

Win10 1703

Win10 1709

Win10 1803
Show Upgrade Paths
E80.65

E80.64

E80.70

E80.71

E80.72

E80.80

E80.81

E80.82

E80.83
From Win7/Win 8.1.1/Win10 1607/Win10 1703/Win10 1709 to Win10 1803
Show supported blades
Desktop Firewall and Application Control

Anti-Malware

Forensics and Anti-Ransomware

URL Filtering

Anti-Bot

Threat Emulation & Anti-Exploit

Media Encryption and Port Protection

Full Disk Encryption

Compliance

Remote Access VPN (SA/Managed)

Capsule Docs (SA/Managed)
Show Supported Management Servers

R77.30 EP 6.5

R77.30.03

R77.30

R80.10

R77.20 EP6.2

Show Downloads

Endpoint Security E80.84 Clients

Platform Package Description Link
Windows E80.84 Endpoint Security Clients for Windows OS (Recommended) A zip file that contains all package permutations listed below. (ZIP)
E80.84 Complete Endpoint Security Client for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E80.84 Complete Endpoint Security Client for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E80.84 Complete Endpoint Security Client without Anti-Malware for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E80.84 Complete Endpoint Security Client without Anti-Malware for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E80.84 SandBlast Agent Client for 32 bit systems
SandBlast Agent package for 32bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
(ZIP)
E80.84 SandBlast Agent Client for 64 bit systems
SandBlast Agent package for 64bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
 (ZIP)
E80.84 Full Disk Encryption and Media Encryption and Port Protection client for 32 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 32 bit systems
 (ZIP)
E80.84 Full Disk Encryption and Media Encryption and Port Protection client for 64 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 64 bit systems 
 (ZIP)
E80.84 Initial client Initial client is a very thin client without any blade used for software deployment purposes. (ZIP)

Standalone Clients Downloads

Note: These Standalone clients do not require Endpoint Security Server installation as part of their deployment.

E80.84 Standalone Clients

Platform Package Description Link
Windows E80.84 Remote Access Clients for Windows Remote Access VPN Client for SmartDashboard-managed clients (MSI)
E80.84 Remote Access VPN Clients - Automatic Upgrade file Remote Access VPN Client for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E80.84 Remote Access VPN Clients for ATM Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface. (MSI)
E80.84 Remote Access VPN Clients for ATM - Automatic Upgrade file Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E80.84 Capsule Docs Standalone Client Capsule Docs package for environments that are managed by Capsule Docs Cloud Service.
(EXE)
Capsule Docs PC Viewer Check Point Capsule Docs Viewer is a stand-alone client that lets you view documents that were protected through Capsule Docs. Get from: Capsule Docs Portal

What's New in E80.84

This release supports all Software Blades and features of previous releases.  

Enhancements

  • Full Disk Encryption - It is now possible to uninstall the Endpoint Security Client when it is in one of the following states:
    • User Acquisition
    • Waiting for Policy
    • Deliver Recovery File
    • Waiting for Restart
  • Media Encryption - The Add Files window for CDs/DVDs has been redesigned to support high-resolution monitors.


E80.83 15-May-2018 15-May-2018 August 2020 
Show Supported OS
Win7

Win8.1.1

Win10 1703

Win10 1709

Win10 1803
Show Upgrade Paths
E80.65

E80.64

E80.70

E80.71

E80.72

E80.80

E80.81

E80.82
From Win7/Win 8.1.1/Win10 1607/Win10 1703/Win10 1709 to Win10 1803
Show supported blades
Desktop Firewall and Application Control

Anti-Malware

Forensics and Anti-Ransomware

URL Filtering

Anti-Bot

Threat Emulation & Anti-Exploit

Media Encryption and Port Protection

Full Disk Encryption

Compliance

Remote Access VPN (SA/Managed)

Capsule Docs (SA/Managed)
Show Supported Management Servers

R77.30 EP 6.5

R77.30.03

R77.30

R80.10

R77.20 EP6.2

Show Downloads

Endpoint Security E80.83 Clients

Platform Package Description Link
Windows E80.83 Endpoint Security Clients for Windows OS (Recommended) A zip file that contains all package permutations listed below. (ZIP)
E80.83 Complete Endpoint Security Client for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E80.83 Complete Endpoint Security Client for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E80.83 Complete Endpoint Security Client without Anti-Malware for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E80.83 Complete Endpoint Security Client without Anti-Malware for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E80.83 SandBlast Agent Client for 32 bit systems
SandBlast Agent package for 32bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
(ZIP)
E80.83 SandBlast Agent Client for 64 bit systems
SandBlast Agent package for 64bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
 (ZIP)
E80.83 Full Disk Encryption and Media Encryption and Port Protection client for 32 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 32 bit systems
 (ZIP)
E80.83 Full Disk Encryption and Media Encryption and Port Protection client for 64 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 64 bit systems 
 (ZIP)
E80.83 Initial client Initial client is a very thin client without any blade used for software deployment purposes. (ZIP)

Standalone Clients Downloads

Note: These Standalone clients do not require Endpoint Security Server installation as part of their deployment.

E80.83 Standalone Clients

Platform Package Description Link
Windows E80.83 Remote Access Clients for Windows Remote Access VPN Client for SmartDashboard-managed clients (MSI)
E80.83 Remote Access VPN Clients - Automatic Upgrade file Remote Access VPN Client for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E80.83 Remote Access VPN Clients for ATM Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface. (MSI)
E80.83 Remote Access VPN Clients for ATM - Automatic Upgrade file Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E80.82 Capsule Docs Standalone Client Capsule Docs package for environments that are managed by Capsule Docs Cloud Service.
(EXE)
Capsule Docs PC Viewer Check Point Capsule Docs Viewer is a stand-alone client that lets you view documents that were protected through Capsule Docs. Get from: Capsule Docs Portal

What's New in E80.83

This release supports all Software Blades and features of previous releases.  

New Features

  • Support for Windows 10 April 2018 Update (version 1803). 

Enhancements

  • Remote Access VPN - When Secure Domain Logon (SDL) is configured, the Connect window in implicit mode SDL is displayed only when the client has network connectivity.  


E80.82 12-Apr-2018 12-Apr-2018 August 2020 
Show Supported OS
Win7

Win8.1.1

Win10 1703

Win10 1709
Show Upgrade Paths
E80.65

E80.64

E80.70

E80.71

E80.72

E80.80

E80.81
From Win7/Win 8.1.1/Win10 1607/Win10 1703 to Win10 1709
Show supported blades
Desktop Firewall and Application Control

Anti-Malware

Forensics and Anti-Ransomware

URL Filtering

Anti-Bot

Threat Emulation & Anti-Exploit

Media Encryption and Port Protection

Full Disk Encryption

Compliance

Remote Access VPN (SA/Managed)

Capsule Docs (SA/Managed)
Show Supported Management Servers

R77.30 EP 6.5

R77.30.03

R77.30

R80.10

R77.20 EP6.2

Show Downloads

Endpoint Security E80.82 Clients

Platform Package Description Link
Windows E80.82 Endpoint Security Clients for Windows OS (Recommended) A zip file that contains all package permutations listed below. (ZIP)
E80.82 Complete Endpoint Security Client for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E80.82 Complete Endpoint Security Client for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E80.82 Complete Endpoint Security Client without Anti-Malware for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E80.82 Complete Endpoint Security Client without Anti-Malware for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E80.82 SandBlast Agent Client for 32 bit systems
SandBlast Agent package for 32bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
(ZIP)
E80.82 SandBlast Agent Client for 64 bit systems
SandBlast Agent package for 64bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
 (ZIP)
E80.82 Full Disk Encryption and Media Encryption and Port Protection client for 32 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 32 bit systems
 (ZIP)
E80.82 Full Disk Encryption and Media Encryption and Port Protection client for 64 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 64 bit systems 
 (ZIP)
E80.82 Initial client Initial client is a very thin client without any blade used for software deployment purposes. (ZIP)

Standalone Clients Downloads

Note: These Standalone clients do not require Endpoint Security Server installation as part of their deployment.

E80.82 Standalone Clients

Platform Package Description Link
Windows E80.82 Remote Access Clients for Windows Remote Access VPN Client for SmartDashboard-managed clients (MSI)
E80.82 Remote Access VPN Clients - Automatic Upgrade file Remote Access VPN Client for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E80.82 Remote Access VPN Clients for ATM Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface. (MSI)
E80.82 Remote Access VPN Clients for ATM - Automatic Upgrade file Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E80.82 Capsule Docs Standalone Client Capsule Docs package for environments that are managed by Capsule Docs Cloud Service.
(EXE)
Capsule Docs PC Viewer Check Point Capsule Docs Viewer is a stand-alone client that lets you view documents that were protected through Capsule Docs. Get from: Capsule Docs Portal

What's New in E80.82

This release supports all Software Blades and features of previous releases.  

New Features

  • Remote Access VPN - Ability to create a VPN site automatically without user interaction using a hyperlink. 
  • Capsule Docs StandAlone Client - Reboot is not required after the client is upgraded.

Enhancements

  • SandBlast Agent for Browsers - Improved inspection during a simultaneous download of multiple ZIP files.  
  • Threat Emulation - Improved synchronization of the policy state (Disconnected / Connected).
  • Anti-Exploit - Improved stability of the Anti-Exploit Blade. It does not attempt to protect browsers that are already protected by third-party Kaspersky Anti-Virus products.


E80.81 07-Mar-2018 18-Mar-2018 August 2020 
Show Supported OS
Win7

Win8.1.1

Win10 1607

Win10 1703
Win10 1709
Show Upgrade Paths
E80.65

E80.64

E80.70

E80.71

E80.72

E80.80
From Win7/Win 8.1.1/Win10 1607/Win10 1703 to Win10 1709
Show supported blades
Desktop Firewall and Application Control

Anti-Malware

Forensics and Anti-Ransomware

URL Filtering

Anti-Bot

Threat Emulation & Anti-Exploit

Media Encryption and Port Protection

Full Disk Encryption

Compliance

Remote Access VPN (SA/Managed)

Capsule Docs (SA/Managed)
Show Supported Management Servers

R77.30 EP 6.5

R77.30.03

R77.30

R80.10

R77.20 EP6.2

Show Downloads

Endpoint Security E80.81 Clients

Platform Package Description Link
Windows E80.81 Endpoint Security Clients for Windows OS (Recommended) A zip file that contains all package permutations listed below. (ZIP)
E80.81 Complete Endpoint Security Client for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E80.81 Complete Endpoint Security Client for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E80.81 Complete Endpoint Security Client without Anti-Malware for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E80.81 Complete Endpoint Security Client without Anti-Malware for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E80.81 SandBlast Agent Client for 32 bit systems
SandBlast Agent package for 32bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
(ZIP)
E80.81 SandBlast Agent Client for 64 bit systems
SandBlast Agent package for 64bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
 (ZIP)
E80.81 Full Disk Encryption and Media Encryption and Port Protection client for 32 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 32 bit systems
 (ZIP)
E80.81 Full Disk Encryption and Media Encryption and Port Protection client for 64 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 64 bit systems 
 (ZIP)
E80.81 Initial client Initial client is a very thin client without any blade used for software deployment purposes. (ZIP)

E80.81 Standalone Clients

Platform Package Description Link
Windows E80.81 Remote Access Clients for Windows Remote Access VPN Client for SmartDashboard-managed clients (MSI)
E80.81 Remote Access VPN Clients - Automatic Upgrade file Remote Access VPN Client for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E80.81 Remote Access VPN Clients for ATM Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface. (MSI)
E80.81 Remote Access VPN Clients for ATM - Automatic Upgrade file Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E80.81 Capsule Docs Standalone Client Capsule Docs package for environments that are managed by Capsule Docs Cloud Service.
(EXE)
Capsule Docs PC Viewer Check Point Capsule Docs Viewer is a stand-alone client that lets you view documents that were protected through Capsule Docs. Get from: Capsule Docs Portal
What's New in E80.81

This release supports all Software Blades and features of previous releases.  

New Features

  • Full Disk Encryption - Support for NVMe-based Opal Self Encrypting Drives.
  • Anti-Exploit - ROP exploit protection for the Firefox browser.

Enhancements

  • Anti-Bot
    • Improved triggering of the forensics report when the URL contains specific characters.
  • Anti-Ransomware
    • Optimization of the size of the backup database.
    • Reduced the number of false positives by improving the handling of the exclusions policy.
    • Invalid paths are removed from the exclusions policy.
    • Honeypot files are deleted after the client is upgraded.
  • Anti-Exploit
    • Improved interoperability with Capsule Docs.
    • Improved compatibility with third-party Microsoft Office add-ins.
  • SandBlast Agent for Browsers - Web Extension
    • Improved handling of policy settings that are updated through the Windows registry.


E80.80 01-Feb-2018 01-Feb-2018 August 2020 
Show Supported OS
Win7

Win8.1.1

Win10 1607

Win10 1703
Win10 1709
Show Upgrade Paths
E80.65

E80.64

E80.70

E80.71

E80.72
From Win7/Win 8.1.1/Win10 1607/Win10 1703 to Win10 1709
Show supported blades
Desktop Firewall and Application Control

Anti-Malware

Forensics and Anti-Ransomware

URL Filtering

Anti-Bot

Threat Emulation & Anti-Exploit

Media Encryption and Port Protection

Full Disk Encryption

Compliance

Remote Access VPN (SA/Managed)

Capsule Docs (SA/Managed)
Show Supported Management Servers

R77.30 EP 6.5

R77.30.03

R77.30

R80.10

R77.20 EP6.2

Show Downloads

Endpoint Security E80.80 Clients

Platform Package Description Link
Windows E80.80 Endpoint Security Clients for Windows OS (Recommended) A zip file that contains all package permutations listed below. (ZIP)
E80.80 Complete Endpoint Security Client for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E80.80 Complete Endpoint Security Client for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E80.80 Complete Endpoint Security Client without Anti-Malware for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E80.80 Complete Endpoint Security Client without Anti-Malware for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E80.80 SandBlast Agent Client for 32 bit systems
SandBlast Agent package for 32bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
(ZIP)
E80.80 SandBlast Agent Client for 64 bit systems
SandBlast Agent package for 64bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
 (ZIP)
E80.80 Full Disk Encryption and Media Encryption and Port Protection client for 32 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 32 bit systems
 (ZIP)
E80.80 Full Disk Encryption and Media Encryption and Port Protection client for 64 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 64 bit systems 
 (ZIP)
E80.80 Initial client Initial client is a very thin client without any blade used for software deployment purposes. (ZIP)

E80.80 Standalone Clients

Platform Package Description Link
Windows E80.80 Remote Access Clients for Windows Remote Access VPN Client for SmartDashboard-managed clients (MSI)
E80.80 Remote Access VPN Clients - Automatic Upgrade file Remote Access VPN Client for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E80.80 Remote Access VPN Clients for ATM Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface. (MSI)
E80.80 Remote Access VPN Clients for ATM - Automatic Upgrade file Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E80.80 Capsule Docs Standalone Client Capsule Docs package for environments that are managed by Capsule Docs Cloud Service.
(EXE)
Capsule Docs PC Viewer Check Point Capsule Docs Viewer is a stand-alone client that lets you view documents that were protected through Capsule Docs. Get from: Capsule Docs Portal
What's New in E80.80

This release supports all Software Blades and features of previous releases.  

General Client Improvements

  • Resolved an issue when some third-party products are unable to create or delete network adapters.

Firewall and Application Control

  • Performance improvements when IPv6 traffic is logged.

SandBlast Agent

  • Anti-Ransomware
    • Exclusions - Improved handling of folder exclusions when an excluded folder does not exist when the policy is applied.
    • Remediation - Improved handling of quarantine and termination in CloudShare environments.
  • SandBlast Agent for Browsers - Web Extension
    • Disabling the Web Extension in Internet Explorer configures the browser to use the Microsoft Download Manager.
    • Disabling the Web Extension in Chrome does not disable it for all browsers.
  • Anti-Exploit
    • Improved handling of Entry Points in the forensics report when there is an Anti-Exploit detection.
    • Edge and Internet Explorer are prevented from reopening malicious URLs.
  • Threat Emulation
    • Improved handling of fallback to ThreatCloud when using a Threat Emulation local appliance.

Media Encryption & Port Protection

  • New design of the windows for encryption and decryption of removable devices that support a high resolution display.
  • Fixed an issue with encrypting media from a UserCheck pop-up window when a network share is mounted.

Capsule Docs

  • Classification without encryption for PDF files.


E80.72 02-Jan-2018 02-Jan-2018 August 2020
Show Supported OS
Win7

Win8.1.1

Win10 1607

Win10 1703
Win10 1709
macOS High Sierra (10.13)*
*See sk121595
Show Upgrade Paths
E80.65

E80.64

E80.70

E80.71
From Win7/Win 8.1.1/Win10 1607/Win10 1703 to Win10 1709
Show supported blades
Desktop Firewall and Application Control

Anti-Malware

Forensics and Anti-Ransomware

URL Filtering

Anti-Bot

Threat Emulation & Anti-Exploit

Media Encryption and Port Protection

Full Disk Encryption

Compliance

Remote Access VPN (SA/Managed)

Capsule Docs (SA/Managed)
Show Supported Management Servers

R77.30 EP 6.5

R77.30.03

R77.30

R80.10

R77.20 EP6.2

Show Downloads

Endpoint Security E80.72 Clients

Platform Package Description Link
Windows E80.72 Endpoint Security Clients for Windows OS (Recommended) A zip file that contains all package permutations listed below. (ZIP)
E80.72 Complete Endpoint Security Client for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E80.72 Complete Endpoint Security Client for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E80.72 Complete Endpoint Security Client without Anti-Malware for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E80.72 Complete Endpoint Security Client without Anti-Malware for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E80.72 SandBlast Agent Client for 32 bit systems
SandBlast Agent package for 32bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
(ZIP)
E80.72 SandBlast Agent Client for 64 bit systems
SandBlast Agent package for 64bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
 (ZIP)
E80.72 Full Disk Encryption and Media Encryption and Port Protection client for 32 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 32 bit systems
 (ZIP)
E80.72 Full Disk Encryption and Media Encryption and Port Protection client for 64 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 64 bit systems 
 (ZIP)
E80.72 Initial client Initial client is a very thin client without any blade used for software deployment purposes. (ZIP)

E80.72 Standalone Clients

Platform Package Description Link
Windows E80.72 Remote Access Clients for Windows Remote Access VPN Client for SmartDashboard-managed clients (MSI)
E80.72 Remote Access VPN Clients - Automatic Upgrade file Remote Access VPN Client for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E80.72 Remote Access VPN Clients for ATM Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface. (MSI)
E80.72 Remote Access VPN Clients for ATM - Automatic Upgrade file Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E80.72 Capsule Docs Standalone Client Capsule Docs package for environments that are managed by Capsule Docs Cloud Service.
(EXE)
Capsule Docs PC Viewer Check Point Capsule Docs Viewer is a stand-alone client that lets you view documents that were protected through Capsule Docs. Get from: Capsule Docs Portal
What's New in E80.72

This release supports all Software Blades and features of previous releases. There are many quality improvements that add to the stability and resilience of the product.

General Endpoint Security Client Enhancements

  • Client is compatible with the Microsoft January 2018 Patch Tuesday update.
  • Localization improvements in the client.

SandBlast Agent

  • Anti-Ransomware
    • Backup - Optimizations of the backup database size for performance improvements.
    • Restoration - Improved file deletion in the presence of symbolic links.
    • Restoration - Security strengthening to address the AVGater vulnerability.
    • Remediation - Improved handling of reputation when the service is offline.
  • SandBlast Agent for Browsers
    • Web Extension - Improved handling of file downloads from Dropbox in Internet Explorer.
    • Zero Phishing - Improved resilience for networking issues that may cause the site to not respond in the first scan.
  • Anti-Exploit
    • Improved handling of Edge browser protection when upgrading from Windows 7 to 10.
    • Forensics reports are now correctly displayed when there is an Anti-Exploit detection.
  • Threat Emulation - Improved handling of large backup files.
  • Anti-Bot - Improved handling of disabled policy configuration – Anti-Bot can be enabled even ifit is disabled in the policy.

Media Encryption & Port Protection

  • File delete audit logging works on Windows 10 Build 1703 and higher

Remote Access VPN

  • Ability to add a notification when a user certificate expires.


E80.71 30-Nov-2017 30-Nov-2017 August 2020
Show Supported OS
Win7

Win8.1.1

Win10 1607

Win10 1703
Win10 1709
macOS High Sierra (10.13)*
*See sk121595
Show Upgrade Paths
E80.65

E80.64

E80.70

E80.51
EP 6.0
From Win7/Win 8.1.1/Win10 1607/Win10 1703 to Win10 1709
Show supported blades
Desktop Firewall and Application Control

Anti-Malware

Forensics and Anti-Ransomware

URL Filtering

Anti-Bot

Threat Emulation & Anti-Exploit

Media Encryption and Port Protection

Full Disk Encryption

Compliance

Remote Access VPN (SA/Managed)

Capsule Docs (SA/Managed)
Show Supported Management Servers

R77.30 EP 6.5

R77.30.03

R77.30.02

R77.30

R80.10

R77.20 EP6.2

Show Downloads

Endpoint Security E80.71 Clients

Platform Package Description Link
Windows E80.71 Endpoint Security Clients for Windows OS (Recommended) A zip file that contains all package permutations listed below. (ZIP)
E80.71 Complete Endpoint Security Client for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E80.71 Complete Endpoint Security Client for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E80.71 Complete Endpoint Security Client without Anti-Malware for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E80.71 Complete Endpoint Security Client without Anti-Malware for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E80.71 SandBlast Agent client for 32 bit systems
SandBlast Agent package for 32bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
(ZIP)
E80.71 SandBlast Agent client for 64 bit systems
SandBlast Agent package for 64bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
 (ZIP)
E80.71 Full Disk Encryption and Media Encryption and Port Protection client for 32 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 32 bit systems
 (ZIP)
E80.71 Full Disk Encryption and Media Encryption and Port Protection client for 64 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 64 bit systems 
 (ZIP)
E80.71 Initial client Initial client is a very thin client without any blade used for software deployment purposes. (ZIP)

E80.71 Standalone Clients

Platform Package Description Link
Windows E80.71 Remote Access Clients for Windows Remote Access VPN Client for SmartDashboard-managed clients (MSI)
E80.71 Remote Access VPN Clients - Automatic Upgrade file Remote Access VPN Client for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E80.71 Remote Access VPN Clients for ATM Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface. (MSI)
E80.71 Remote Access VPN Clients for ATM - Automatic Upgrade file Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E80.71 Capsule Docs Standalone Client Capsule Docs package for environments that are managed by Capsule Docs Cloud Service.
(EXE)
Capsule Docs PC Viewer Check Point Capsule Docs Viewer is a stand-alone client that lets you view documents that were protected through Capsule Docs. Get from: Capsule Docs Portal
What's New in E80.71

This release supports all Software Blades and features of previous releases.
It adds support for Windows 10 Fall Creators Update (version 1709) and support for new and improved features.

In-place OS Upgrade Support

For in-place upgrades with the Full Disk Encryption Blade, refer to sk120667

General Client Enhancements

  • UserCheck Ultra HD Screens Support

Full Disk Encryption

  • XTS-AES 128/256-bit encryption for BIOS systems
  • Allow encryption algorithm change from AES-CBC to XTS-AES with seamless re-encryption, on UEFI-based computers.
Note: The XTS-AES encryption options require a management backend that supports them.

SandBlast Agent

  • Anti-Exploit - Detects and prevents exploit based attacks. By default, Anti-Exploit protects web browsers, MS Office applications, Adobe Acrobat Reader and Adobe Flash Player. Anti-Exploit is able to detect and prevent the exploit attempt, before the attack downloads the malware and executes the malicious payload. If configured to prevent mode, on detection, Anti-Exploit will shut down the process being exploited and then will generate a forensics report. Please refer to sk121793.
  • SandBlast Agent Browser extension was upgraded to a new version and is now also supported on Internet Explorer 11. Please refer to sk108695.

Media Encryption & Port Protection

  • CryptoCore 4.0 support - Improved encryption speed, and a new password protection scheme.
    Note: Previous Media Encryption versions cannot authenticate with a password on media that is encrypted with the new version. However, Remote Help and Automatic Access do work. The new Media Encryption version opens old and new versions.

Remote Access VPN

  • Machine authentication - Authentication capability for Remote Access clients to authenticate with a machine certificate from the Windows System Store. This requires a Security Gateway version that supports this feature. See sk121173
  • Device Guard support - the Remote Access clients can be installed on a Microsoft Windows computer with Device Guard enabled.
  • High DPI support - Support for devices with High-dots-per-inch (DPI) display.
See the E80.71 Remote Access Clients Release Notes for more details.


Known Limitations

E80.70

11-May-2017 11-May-2017 August 2020
Show Supported OS
Win7

Win8.1.1

Win10 1511

Win10 1607

Win10 1703
Show Upgrade Paths
E80.65

E80.64

E80.62 HFA1

E80.51 EP 6.0
From Win7/Win 8.1.1/Win 10 1511/Win 10 1607 to Win10 1703
Show supported blades
Desktop Firewall and Application Control

Anti-Malware

Forensics and Anti-Ransomware

URL Filtering

Anti-Bot

Threat Emulation

Media Encryption and Port Protection

Full Disk Encryption

Compliance

Remote Access VPN (SA/Managed)

Capsule Docs (SA/Managed)
Show Supported Management Servers
R77.30 EP 6.5

R77.30.03

R77.30.02

R77.30
Show Downloads

Endpoint Security E80.70 Clients

Platform Package Link
Windows E80.70 Endpoint Security Clients for Windows OS (Recommended) (ZIP)
E80.70 Complete Endpoint Security Client for 32 bit systems (ZIP)
E80.70 Complete Endpoint Security Client for 64 bit systems (ZIP)
E80.70 Complete Endpoint Security Client without Anti-Malware for 32 bit systems (ZIP)
E80.70 Complete Endpoint Security Client without Anti-Malware for 64 bit systems (ZIP)
E80.70 SandBlast Agent client for 32 bit systems (ZIP)
E80.70 SandBlast Agent client for 64 bit systems (ZIP)
E80.70 Full Disk Encryption and Media Encription and Port Protection client for 32 bit systems (ZIP)
E80.70 Full Disk Encryption and Media Encription and Port Protection client for 64 bit systems
(ZIP)
E80.70 Initial client (ZIP)

Note: Initial client is a very thin client without any blade that allows the admin to use it in order to download the large ZIP file and then distribute it in his organization.

Remote Access VPN E80.70 Clients

Platform Package Link
Windows E80.70 Remote Access Clients for Windows (MSI)
E80.70 Remote Access VPN Clients - Automatic Upgrade file (CAB)
E80.70 Remote Access VPN Clients for ATM (MSI)
E80.70 Remote Access VPN Clients for ATM - Automatic Upgrade file (CAB)

Capsule Docs E80.70 Clients

Platform Package Link
Windows E80.70 Capsule Docs Standalone Client (EXE)
E80.70 Capsule Docs PC Viewer Get from: Capsule Docs Portal
What's New in E80.70

This release supports all Software Blades and features of previous releases. It adds support for Windows 10 Creators Update (version 1703) and support for new VPN and improved features.

Remote Access VPN

New VPN Features
  • Option to exclude local network traffic when Hub mode (Route all traffic) is configured.
  • Register to hotspots with the computer's default browser instead of the client?s embedded browser.
  • Support for Multiple Login Options (from E80.65).
For more information about E80.70 Remote Access VPN, see the E80.70 Remote Access VPN Clients for Windows Release Notes.

Third Generation OneCheck

The Full Disk Encryption OneCheck Logon features are improved to continue to work transparently with new versions of operating systems.

SandBlast Agent

The SandBlast Web Extension is supported on Internet Explorer 11. While the Web Extension is enabled automatically for Google Chrome, for Internet Explorer it is disabled by default.


Known Limitations

Documentation
Platform Document
Endpoint Security Clients
Windows E80.70 Endpoint Security Client for Windows User Guide
Windows E80.70 Endpoint Security Client for Windows Release Notes
Remote Access VPN Clients
Windows E80.70 Remote Access Clients for Windows Release Notes
Windows E80.70 Remote Access Clients for Windows Administration Guide
Capsule Docs Client
Windows E80.70 Capsule Docs Plugin User Guide
Windows E80.70 Check Point Capsule Docs Viewer User Guide: Get from: Capsule Docs Portal
Capsule Docs Bulk Protection Services
Windows Capsule Docs Bulk Protection Guide
E80.65 19-Feb-2017 19-Feb-2017 August 2020
Show Supported OS
Win7

Win8.1.1

Win10 1511

Win10 1607

Show Upgrade Paths

E80.64

E80.62 HFA1

E80.61

E80.51

R73

From Win7/Win 8.1.1/Win 10 1511 to Win10 1607
Show supported blades
Desktop Firewall and Application Control

Anti-Malware

Forensics and Anti-Ransomware

URL Filtering

Anti-Bot

Threat Emulation

Media Encryption and Port Protection

Full Disk Encryption

Compliance

Remote Access VPN (SA/Managed)

Capsule Docs (SA/Managed)
Show Supported Management Servers

R77.30 EP 6.5

R77.30.03

R77.30.02

R77.30

Show Downloads

Endpoint Security E80.65 Clients

Platform Package Link
Windows E80.65 Endpoint Security Clients for Windows OS (ZIP)
E80.65 Complete Endpoint Security Client for 32 bit systems (ZIP)
E80.65 Complete Endpoint Security Client for 64 bit systems (ZIP)
E80.65 Complete Endpoint Security Client without Anti-Malware for 32 bit systems (ZIP)
E80.65 Complete Endpoint Security Client without Anti-Malware for 64 bit systems (ZIP)
E80.65 SandBlast Agent client for 32 bit systems (ZIP)
E80.65 SandBlast Agent client for 64 bit systems (ZIP)
E80.65 Initial client (ZIP)

Note: Initial client is a very thin client without any blade that allows the admin to use it in order to download the large ZIP file and then distribute it in his organization.

Remote Access VPN E80.65 Clients

Platform Package Link
Windows E80.65 Remote Access Clients for Windows (MSI)
E80.65 Remote Access VPN Clients - Automatic Upgrade file (CAB)

Capsule Docs E80.64 Clients

Platform Package Link
Windows E80.64 Capsule Docs Standalone Client (EXE)
E80.64 Capsule Docs PC Viewer (EXE)
What's New in E80.65

This release supports all Software Blades and features of previous releases. It includes new SandBlast Agent features and enhancements and support for new VPN features.

SandBlast Agent

Anti-Ransomware As part of the Forensics blade, Anti-Ransomware constantly monitors files and processes for unusual activity. Before a ransomware attack can encrypt files, Anti-Ransomware backs up files to a safe location. After the attack is stopped, it deletes files involved in the attack and restores the original files from the backup location.
Improved Browser Extension The SandBlast Agent Browser Extension protects against malicious files that come from Internet sources. It supports Google Chrome for Threat Emulation, Threat Extraction, and Zero Phishing. The new Zero Phishing feature provides:
  • Phishing Prevention - Checks different characteristics of a website to make sure that a site does not pretend to be a different site and use personal information maliciously.
  • Password Reuse Prevention - Alerts users not to use their corporate password in non-corporate domains.
Simple Integration with Third Party Anti-Virus Vendors

Refer to sk116024 - SandBlast Integration with Third Party Anti-Virus Vendors.

Forensics can use information from the Windows Event Log to monitor and analyze malware events from third party anti-virus vendors.
  • Works with most common vendors without manual configuration.
  • Events are detected when the client is online or offline.
SandBlast Agent Dynamic Updates

SandBlast Agent dynamic updates enable stronger security for endpoints, with regular updates to SandBlast Agent files. This keeps clients protected from the latest threats.

Remote Access VPN

Support for Multiple Login Options and Dynamic ID

E80.65 Remote Access VPN clients have the ability to connect to an IPsec VPN gateway that is configured with Multiple Login Options.

One of the authentication factors can be Dynamic ID - Users who successfully complete the first-phase authentication can be challenged to provide an additional credential: a Dynamic ID One Time Password (OTP). The OTP is sent by text message or email.

The new support requires an R80.10 or higher IPsec VPN gateway.

For more information about E80.65 Remote Access VPN, see the E80.65 Remote Access VPN Clients for Windows Release Notes.


Known Limitations

E80.64 22-Aug-2016 9-May-2017 August 2020
Show Supported OS
Win7

Win8.1.1

Win10 1511

Win10 1607

macOS Sierra (10.12)
Show Upgrade Paths

E80.62 HFA1

E80.61

E80.51

R73

E80.62 Mac

E80.61 Mac

FDE 3.4.4 Mac

From Win7/Win 8.1.1/Win 10 1511 to Win10 1607
Show supported blades
Desktop Firewall and Application Control

Anti-Malware

Forensics and Anti-Ransomware

URL Filtering

Anti-Bot

Threat Emulation

Media Encryption and Port Protection

Full Disk Encryption

Compliance

Remote Access VPN (SA/Managed)

Capsule Docs (SA/Managed)
Show Supported Management Servers

R77.30.02

R77.30.01

R77.30

Show Downloads

Endpoint Security E80.64 Clients

Important: Download the updated SmartConsole to work with the E80.64 Mac clients.

For E80.64 users with R77.30.02 server who do not use SmartCards, download the fixed client: E80.64 HFA1 Check Point Endpoint Security Clients for Windows OS.

Platform Package Link
Windows E80.64 Endpoint Security Clients for Windows OS (ZIP)
macOS E80.64 Endpoint Security Client and Capsule Docs for macOS
(used with R77.30.02 Endpoint Security Server)
(ZIP)
macOS E80.64 Endpoint Security Client for macOS (without Capsule Docs)
(used with R77.30 Endpoint Security Server)
(ZIP)

Users with Windows 10 Anniversary Update should refer to sk115485.

Remote Access VPN E80.64 Clients

Important: Download the updated SmartConsole to work with the E80.64 Mac clients.

Platform Package Link
Windows E80.64 Remote Access Clients for Windows (MSI)
E80.64 Remote Access VPN Clients - Automatic Upgrade file (CAB)
E80.64 Remote Access VPN Clients for ATM (MSI)
E80.64 Remote Access VPN Clients for ATM - Automatic Upgrade file (CAB)
macOS E80.64 Endpoint Security VPN for macOS - Disc Image (DMG) (DMG)
E80.64 Endpoint Security VPN for macOS - Installation package (PKG) (PKG)
E80.64 Endpoint Security VPN for macOS - Signature for automatic upgrade (signature)

Capsule Docs E80.64 Clients

Platform Package Link
Windows E80.64 Capsule Docs Standalone Client (EXE)
E80.64 Capsule Docs PC Viewer (EXE)
macOS E80.64 Capsule Docs Mac Viewer (Alpha) (DMG)
What's New in E80.64

This release supports all Software Blades and features of previous releases. It includes new platform support, technologies, and features.

SandBlast Agent

Show / Hide this section
Check Point SandBlast Agent delivers advanced Threat Extraction and Threat Emulation, Forensics, and Anti-Bot to endpoint devices. Refer to SandBlast Agent Product Page.
Key Benefits
  • Defends against multiple attack vectors, including web downloads, external storage devices, lateral movement, or encrypted content.
  • Quickly delivers safe, sanitized versions of documents without business interruption.
  • Identifies and contains infected hosts to limit damage and spread of malware.
  • Continuously collects data about user systems for later forensics use.
  • Automatically builds actionable forensics reports with important attack information.
  • Integrates monitoring and investigation of security events through SmartEvent and SmartLog.
Key Features
  • Check Point SandBlast Agent delivers advanced Threat Extraction and Threat Emulation, Forensics, and Anti-Bot to endpoint devices.
  • Threat Emulation for web downloads and for files copied to the file-system.
  • Automated Forensic analysis of security events.
  • Quarantine of infected hosts.
  • Malware removal based on Forensic analysis.
  • Threat Extraction for web downloads.

Endpoint Core

Show / Hide this section
  • Platforms and Alignment to R77.30 Jumbo Hotfix

    • Windows 10 Anniversary Update (version 1607) support for Endpoint Security clients.
    • Endpoint Security Server installation on R77.30 with a dedicated Jumbo Hotfix for Endpoint Security. (This Jumbo hotfix is aligned to Take 143 of the Jumbo Hotfix Accumulator for R77.30.)
  • Management

    • New Policies & Reports.
    • Offline Management Tool for Full Disk Encryption Offline Mode.
    • Faster synchronization between Endpoint Security Management and Policy Servers.
    • General performance improvements.
    • New Client UI look and feel.
  • Full Disk Encryption

    • Offline Mode - Provides Endpoint Security client support for computers that are not connected to an Endpoint Security Management Server, with the same level of security as regular deployments. Features include:
      • Policy management.
      • Data recovery and Emergency Access.
      • Logs, Statistics, and Reporting.
      • New Deployment User type for creating Offline Mode users at preboot.
    • XTS-AES Encryption on UEFI Systems - Supports new AES algorithms for optimal performance and security:
      • XTS-AES 128 (2x128) encryption.
      • XTS-AES 256 (2x256) encryption.
    • Performance optimizations for disk I/O.
    • Pre-boot usability improvements.
  • Media Encryption

    • Media Encryption Default container size configuration.
    • Optical Media Scan support.
  • Capsule Docs

    • Support for new File Types.
    • Support for Adobe Acrobat Reader DC.
    • New Document Expiration feature- Set an expiration date for protected files. After the expiration date, only the author can access the document.
    • Ability to set, change, and remove protection from Microsoft Office and PDF files with a right-click context menu.
  • Remote Access VPN

    • VPN performance enhancements in upload and download paths.
    • Support for ATM client.
  • Endpoint Security Clients for macOS

    • macOS Sierra (10.12) support for the Endpoint Security clients.
    • VPN support for SHA-256 and Diffie-Helman group 14.
    • Support for Smart Card authentication in Full Disk Encryption Pre-boot.
    • New compliance checks for the Endpoint Security Compliance blade:
      • Check if a computer is in an Active Directory Domain
      • Check for a Mac OS build number and hotfix number


Known Limitations

Resolved Issues

E80.62

E80.62 HFA

7-Dec-2015 27-Jun-2016 December 2019
Show Supported OS
Win10 10586

Win10 10240

Win8.1.1

Win7

Mac OS X 10.11 (El Capitan)
Show Upgrade Paths

E80.61

E80.60

E80.51

E80.50

R73

FDE EW 6.3.1

VPN E75 and higher

FDE 3.4.4 Mac

E80.61 Mac

E80.60 Mac

E80.50.03 Mac

From Win7 or Win8.1.1 to Win10 10240, 10586  
Show Supported Management Servers

R77.30.03

R77.30.02

R77.30.01 HFA

R77.30.01

R77.30

R77.20.01

R77.20

Show Downloads

Endpoint Security Client E80.62 HFA1 Downloads

Platform Package Link
Windows E80.62 HFA1 Endpoint Security Clients for Windows OS (ZIP)
Mac OS X * E80.62 Endpoint Security Client and Capsule Docs for Mac OS X
(used with R77.30.01 Endpoint Security Server)
(ZIP)
Mac OS X * E80.62 Endpoint Security Client for Mac OS X (without Capsule Docs)
(used with R77.30 Endpoint Security Server)
(ZIP)

* Note: Mac OS X 10.11 can work only with E80.62 clients. Therefore, you must upgrade the
Endpoint Security Client to E80.62 version before you can upgrade the Mac OS X to 10.11.
For Endpoint Security clients that include Full Disk Encryption, refer to:
sk108060 - How to upgrade Mac OS X with installed Full Disk Encryption to 10.11 (El Capitan).


Remote Access VPN E80.62 HFA1 Clients Downloads

Platform Package Link
Windows E80.62 HFA1 Remote Access VPN Clients (MSI)
E80.62 HFA1 Remote Access VPN Clients - Automatic Upgrade file (CAB)
E80.62 HFA1 Remote Access VPN Clients for ATM (MSI)
E80.62 HFA1 Remote Access VPN Clients for ATM - Automatic Upgrade file (CAB)
Mac OS X * E80.62 Endpoint Security VPN for Mac OS X - Disc Image (DMG) (DMG)
E80.62 Endpoint Security VPN for Mac OS X - Installation package (PKG) (PKG)
E80.62 Endpoint Security VPN for Mac OS X - Signature for automatic upgrade (signature)

* Note: Mac OS X 10.11 can work only with E80.62 clients. Therefore, you must upgrade the
Remote Access VPN Client to E80.62 version before you can upgrade the Mac OS X to 10.11.


Capsule Docs Client E80.62 Downloads

Platform Package Link
Windows E80.62 HFA1 Capsule Docs Standalone Client (EXE)
E80.62 HFA1 Capsule Docs PC Viewer (EXE)
Mac OS X E80.62 Capsule Docs Mac Viewer (Alpha) (DMG)
What's New in E80.62/R77.30.01 HFA1

  • Bulk Protection Services

    Capsule Docs Bulk Protection Services applies protection to documents based on location and properties. The protection is based on your configuration.

    There are two options to manage Bulk Protection Services:
    • Content-Aware File Protection for CIFS and NFS-compatible Network Locations - Protection is applied through a network gateway with the DLP Software Blade to files that match specified data types.
    • File Protection for Windows-based Servers and Workstations - Protection is applied locally and runs on the Windows computer. Continuous monitoring on specific targets is also available to protect new files as soon as they are created. Refer to the Capsule Docs Bulk Protection Guide
  • Content-Aware Protection for Mail Attachments

    This feature enables DLP Gateway administrators to set protect action for E-mails:
    • Seamless experience - Automatic protection based on administrator configuration.
    • Flexibility - The administrator can allow sending protected documents, and allow or block attachments.
    • Content Awareness - Different protection settings for different types of data.
    • Access Control - The authorized user list can include defined users and groups and/or e-mail sender/recipients.
    • End User Education - UserCheck alerts the user to the organization security policy.
  • Capsule Docs Development Tools

    Note: Refer to sk108950 - Capsule Docs Development Tools and SDK
  • Enhanced Remote Access VPN Client Verification

    • Verifies the identity of the Endpoint Server that manages the client through the Endpoint Server?s certificate.
    • Verifies the client?s minimum version.*
      *For SmartEndpoint-managed Remote Access VPN clients only

  • Performance improvements and bugs fixes


Known Limitations

E80.62 / R77.30.01 HFA1 Resolved Issues

Documentation
E80.61 14-May-2015 14-May-2015 May 2019
Show Supported OS
Win8.1

Win8

Win7

WinXP
Show Upgrade Paths

E80.60

E80.60 Mac

E80.51

E80.50.03 Mac

E80.50

E80.50 Mac

E80.42

E80.42 Mac

E80.41

E80.41 Mac

E80.40

R73

FDE EW 6.3.1

VPN E75 and higher

FDE 3.4.4

   
Show Supported Management Servers
R77.30.03

R77.30.02

R77.30.01 HFA

R77.30.01

R77.20.01

Show Downloads

Endpoint Security Client E80.61 Downloads

Platform Package Link
Windows E80.61 Endpoint Security Clients for Windows (ZIP)
Mac E80.61 Endpoint Security Client and Capsule Docs for Mac
(used with R77.20.01 Endpoint Security Server)
(ZIP)
Mac E80.61 Endpoint Security Client for Mac (without Capsule Docs)
(used with R77.20/R77.30 Endpoint Security Server)
(ZIP)

Note: On October 22, 2015, both E80.61 Endpoint Security Client on Mac downloads were replaced.

Remote Access VPN E80.61 Clients Downloads

Note: In order to download some of the packages you will need to have a Software Subscription or Active Support plan.

Platform Package Link
Windows E80.61 Remote Access Clients for Windows - MSI file (MSI)
E80.61 Remote Access Clients for Windows - Automatic Upgrade file (CAB)
E80.61 Remote Access Clients for Windows - ATM MSI file (MSI)
E80.61 Remote Access Clients for Windows - Automatic Upgrade file for ATM (CAB) (CAB)
Mac E80.61 Endpoint Security VPN for Mac - Disc Image (DMG) (DMG)
E80.61 Endpoint Security VPN for Mac - Installation package (PKG) (PKG)
E80.61 Endpoint Security VPN for Mac - Signature for automatic upgrade (signature) (signature)

Capsule Docs Client Downloads

Platform Description Link
Windows E80.61 Endpoint Security Clients (ZIP)
Capsule Docs Standalone Client (EXE)
Capsule Docs PC Viewer (EXE)
What's New in E80.61

User and Device Management (UDM)

UDM is a web based application that manages a range of user and device related tasks in an organization. A typical user accesses organizational resources from multiple devices: computers, laptops, smartphones, and tablets. UDM provides a unified environment for managing various user and device related tasks, such as provisioning, transparency of access via SmartLog logs, viewing user and device details, certificate management, AD user management, and FDE password recovery (for Endpoint Security clients).

With UDM, security administrators can delegate user and device management tasks to Help Desk administrators. This delegation of responsibilities lets the network security team handle security policy issues and the Help Desk team manage some user access tasks.

UDM includes:

  • Remote Access certificate management
    • Manage, create, and revoke user certificates for remote access.
    • Use email templates to send information to users on how to connect remotely from their devices.
  • Integration with Active Directory
    • See all users in the organization and the devices they are using to connect to organizational resources.
    • Change the status of Active Directory users when necessary (expired, disabled, or locked).
    • Manage Active Directory user groups.
  • Integration with SmartLog
    • See user login and activity logs.
    • Search and filter logs for a specified user.
    • See if a device is connected or disconnected.
  • Integration with Endpoint Security Server
    • See activity of users and devices.
    • Use Full Disk Encryption password recovery.
    • Active Directory integration.
  • Integration with Capsule Cloud
    • See logs of Capsule Cloud users.
    • Send new registration codes to users.

  • Full Disk Encryption

    • TPM support for version 1.2 and 2.0.
    • Support for Active Directory groups in Pre-boot.

  • Mobile Access Blade

    • Simple and comprehensive mobile/remote access solution that delivers exceptional operational efficiency.
    • Allows mobile and remote workers to connect easily and securely from any location, with any Internet device to critical resources while protecting networks and endpoint computers from threats.
    • Data transmitted by remote access is decrypted and then filtered and inspected in real time by Check Point?s award-winning gateway security services such as Anti-Virus, Intrusion Prevention and Web Security.
    • Includes in-depth authentications, and the ability to check the security posture of the remote device. This further strengthens the security for remote access.

    The Mobile Access Blade is available in its latest versions in R77.20 (sk101208).

  • Endpoint Security Client for Mac

    This release adds these new features:
    • Support for the Endpoint Security client on Mac OS X 10.10 Yosemite.
    • Support for the Media Encryption Offline Access utility on Mac OS X 10.10 Yosemite.
    Features:
    • From E80.60: New Capsule Docs Software Blade (alpha) for Mac
      • Compatibility with both Check Point On-Premises deployment and Cloud Deployment
      • Enhanced rendering capabilities
      • Support unprotecting a document based on user permissions
    • From R77.20 (and higher): Full Disk Encryption Software Blade new features
      • Dynamic Tokens
      • Remote Help Response Length

    Full Disk Encryption support for In-place major OS upgrade (until September, 2015, this is available only as EA, see sk106668.)

  • Remote Access VPN

    • Remote Access Clients for Windows
      • Improved stability, and bug fixes.
      • Configure password complexity requirements in the VPN Configuration Utility.
    • Endpoint Security VPN for Mac
      • Improved stability, and bug fixes.


  • Known Limitations

    Documentation
    E80.60 28-Oct-2014 28-Oct-2014 October 2018
    Show Supported OS
    Win8.1

    Win8

    Win7

    WinXP
    Show Upgrade Paths

    E80.51

    E80.50

    E80.50 Mac

    E80.42

    E80.42 Mac

    E80.41

    E80.41 Mac

    E80.40

    R73

    FDE EW 6.3.1

    VPN E75 and higher

    FDE 3.4.4

       
    Show Supported Management Servers

    R77.30.01 HFA

    R77.30.01

    R77.20.01

    R77 with E80.60

    Show Downloads

    Endpoint Security E80.60 Clients

    Platform Description Download Link
    Windows Endpoint Security E80.60 Clients (ZIP)
    Mac E80.60 Endpoint Security Client on Mac (ZIP)

    Remote Access VPN E80.60 Clients Downloads

    Note: In order to download some of the packages you will need to have a Software Subscription or Active Support plan.

    Platform Description Download Link
    Windows Remote Access Clients E80.60 msi file (MSI)
    Remote Access Clients E80.60 Automatic Upgrade file
    (CAB)
    Remote Access Clients E80.60 for ATM msi file (MSI)
    Remote Access Clients E80.60 Automatic Upgrade file for ATM (CAB) (CAB)
    Mac Endpoint Security VPN for Mac E80.60 - Disc Image (DMG) (DMG)
    Endpoint Security VPN for Mac E80.60 - Installation package (PKG) (PKG)
    Endpoint Security VPN for Mac E80.60 - Signature for automatic upgrade (signature) (signature)

    Check Point Capsule Docs

    Description Download Link
    Endpoint Security E80.60 Clients (ZIP)
    Capsule Docs Standalone Client (EXE)
    Capsule Docs PC Viewer (EXE)
    Capsule Docs Proxy (R77.10) (TGZ)
    Capsule Docs Proxy (R77.20) (TGZ)
    What?s New in E80.60

    What's New in Endpoint Security Clients

    Check Point Capsule Docs

    The Check Point Capsule Docs Software Blade, managed by an on-premise Security Management Server, lets organizations protect and share documents safely within the organization and with business partners, and manage the organizational Check Point Capsule Docs policy, monitoring, and deployment through SmartEndpoint.

    The Check Point Capsule Docs Software Blade comes integrated with the Endpoint Security on Microsoft Windows computers. There is also a non-managed Check Point Capsule Docs plugin for supported applications, and the Check Point Capsule Docs Viewer. The Viewer does not require administrative privileges or the installation of Microsoft Office or Adobe Acrobat Reader, and gives read-only access to protected documents. The Check Point Capsule Docs plugin, which is mainly for the external users, and the Check Point Capsule Docs Software Blade give full editing capabilities and these benefits:

    Control the parties that can access the data

    • Restrict access to individuals, groups or entire organizations
    • Use granular Classification model to assign different permissions for internal and external users
    • Control data distribution (Forward, Copy/Paste, Print)
    • Choose contacts from your Outlook address book with whom you usually communicate
    • Prevent unintentional data loss with the help of UserCheck

    Protect data stored on untrusted servers and shared via untrusted channels

    • Each protected document remains protected even on untrusted servers
    • Prevent forwarding to unauthorized parties
    • Secure all created documents automatically

    See full audit trail for data access

    • All actions on protected documents are logged and are available through SmartView Tracker and SmartLog
    • Follow paper trail for a single document
    • Audit distribution patterns for documents in an organization
    • Monitor access by external parties

    Access protected documents easily from your platform of choice

    • Seamless integration with Microsoft Office and Adobe Acrobat on Windows platforms
    • Lightweight Windows Viewer that does not require administrative privileges or Microsoft Office or Adobe Acrobat clients installed
    • Lightweight flexible viewer for Mac OS X
    • Access protected documents from proprietary Apps on Android, and iOS mobile devices

    Full Integration with Organizational Active Directory

    • Users that are defined in the Active Directory are automatically provisioned to use Check Point Capsule Docs
    • User's Active Directory account authentication is sufficient to access relevant protected documents
    • Customize Document Security policy for different Users, Organizational Units and Groups

    Capsule Docs Proxy

    • Allows accessing protected documents managed with the on-premise Security Management Server for users outside of the organizational network.
    • Provides secured connectivity, leveraging HTTP security and IPS inspection on a hardened Gaia operating system.
    • Built on top of Check Point Mobile Access Blade.
    • Delivered as a Hotfix on top of R77.10 and on top of R77.20.

    Check Point Capsule Docs encrypts documents to protect them from unauthorized access. It protects users from unintentional data leaks. It is not possible to prevent all intentional violations made by malicious authorized users and this is not the goal of Check Point Capsule Docs.

    URL Filtering

    The Check Point Endpoint URL Filtering Software Blade lets an organization control access to web sites by category, user or group. This way it improves network security and enhances user productivity.

    User Check technology empowers and educates Endpoint users on web usage policy in real time.

    The Endpoint URL Filtering Software Blade has these benefits:

    • Lets you utilize a database of over 200 million websites, updated in real-time
    • Lets you choose from 64 predefined content categories or create custom categories and URL families
    • Works inside and outside of the organization - policy is enforced on the client
    • Does unified management - lets the administrator configure one Rule Base in SmartDashboard for an Endpoint and a Gateway policy
    • Does unified log reporting through SmartLog
    • Uses Identity Awareness - lets the administrator grant, limit, or block user access, group access, or access from specific machines to individual web sites or categories of web sites
    • Fully integrates the organization's Active Directory
    • Utilizes SSL Inspection

    Supported Features for Endpoint Security URL Filtering

    URL Filtering in Endpoint Security supports most features of URL Filtering from SmartDashboard. See the R77 Application Control and URL Filtering Administration Guide.

    Anti-Bot

    The Anti-Bot Software Blade:

    • Uses the ThreatCloud repository to receive updates, and queries it for classification of unidentified IP, URL, and DNS resources.
    • Prevents damage by blocking bot communication to C&C sites and makes sure that no sensitive information is stolen or sent out of the organization.
    The Endpoint Anti-Bot blade uses these procedures to identify bot infected computers:
    • Identify the C&C addresses used by criminals to control bots.
    • These web sites are constantly changing and new sites are added on an hourly basis. Bots can attempt to connect to thousands of potentially dangerous sites. It is a challenge to know which sites are legitimate and which are not.
    Check Point uses the ThreatCloud repository to find bots based on these procedures.

    The ThreatCloud repository contains more than 250 million addresses that were analyzed for bot discovery and more than 2,000 different botnet communication patterns. The ThreatSpect engine uses this information to classify bots and viruses.

    The Endpoint Anti-Bot blade gets reputation updates from the ThreatCloud repository. It can query the cloud for new, unclassified URL/DNS resources that it finds.

    Media Encryption & Port Protection

    This release adds NTFS file system support for encrypted storage devices. NTFS file system lets you encrypt files over 4GB.

    Notes:

    • Check Point Media Encryption Offline Utility lets you access NTFS encrypted storage devices on non-managed MS Windows computers in admin mode.
    • Apple Mac computers do not by default support the NTFS file system. To make an encrypted storage device accessible on a Mac computer, format it as a FAT32.
    • To create encrypted NTFS storage on a Windows 7 computer, you must first install SP1 on it.

    Forensics

    The Check Point Endpoint Forensics Software Blade monitors files and the registry for suspicious processes and network activity. When the Anti-Malware or the Anti-Bot Client Software Blade, or the Check Point Gateway Software Blade detects an attack, the Check Point Endpoint Forensics Software Blade analyzes the attack, and uploads the complete attack report to the Endpoint Security Management Server.

    Note: The Check Point Endpoint Forensics Software Blade is not supported on Microsoft Windows XP operating system.

    Full Disk Encryption Features

    This release adds support for these features:

    • Use of TPM to measure integrity of Pre-boot components.
    • Password synchronization between the OS and Pre-boot after Remote Help.

    Remote Access VPN

    For new features in the Remote Access VPN blade and standalone Remote Access Clients see
    What's New in Remote Access VPN E80.60 Clients

    For more information about E80.60, refer to Endpoint Security Client E80.60 Known Limitations.

    Supplemental Software

    Mobile Access Blade

    • Simple and comprehensive mobile/remote access solution that delivers exceptional operational efficiency.
    • Allows mobile and remote workers to connect easily and securely from any location, with any Internet device to critical resources while protecting networks and endpoint computers from threats.
    • Data transmitted by remote access is decrypted and then filtered and inspected in real time by Check Point?s award-winning gateway security services such as antivirus, intrusion prevention and web security.
    • Includes in-depth authentications, and the ability to check the security posture of the remote device. This further strengthens the security for remote access.
    The Mobile Access Blade is available in its latest versions in R77.10 (sk97617) and R77.20 (sk101208)

    User and Device Management

    • Helps organizations roll out Check Point Capsule to users.
    • Provides Remote Access certificate management for organizational Active Directory users.
    • Provides visibility of organizational Active Directory users and the devices they use to connect.
    • Leveraging SmartLog for user login and activity logs, including filtering capabilities.
    • Provides Integration with Endpoint Security Server for Full Disk Encryption password recovery.
    User and Device Management is available via sk101672.

    What's New in Remote Access VPN E80.60 Clients

    • SHA-256 (SHA-2) IPSEC support for Remote Access (Windows) Clients Data Integrity encryption
    • Certificate Enhancements:

      • Display the Friendly Name for a certificate
      • Filter certificates according to the Enhanced Key Usage attribute (certificates without client authentication are not shown)
      • Choose not to show expired certificates in the certificate selection list
    • Automatic upgrades from the gateway with a customized package
    • Support for the visually impaired with MSAA (Microsoft active accessibility component) integration
    • Ability to close open session before you make configuration changes
    • Improved server certificate verification for less browser warnings
    • Added support for Certificate Subject Alternative Name (DNS entries only) as part of certificate verification (previously only based on CN)
    • Policy Compression for gateways that support it, to enable policy compression for faster topology download
    • UTF-8 support in all user input fields (user names, passwords, CN). P12 certificate paths still must have only ASCII characters.
    • Dual hotspot detection mechanism.
    • Hotspot registration and mini-browser in Endpoint Security Suite (was previously in Standalone client only).
    • Improved stability, and bug fixes.


    Known Limitations

    Documentation

    Endpoint Security E80.60 Clients

    Platform Description Documentation
    Windows Endpoint Security E80.60 Clients (Release Notes)
      E80.60 Endpoint Security Client on Windows User Guide (User Guide)
      E80.60 Endpoint Security Administration Guide (Administration Guide)
    Mac E80.60 Endpoint Security Client on Mac

    (User Guide)


    Remote Access VPN E80.60 Clients Documentation

    Platform Description Documentation
    Windows Remote Access Clients E80.60 msi file (Release Notes)
    Remote Access Clients E80.60 Automatic Upgrade file
    (Release Notes)
    Remote Access Clients E80.60 for ATM msi file (Release Notes)
    Remote Access Clients E80.60 Automatic Upgrade file for ATM (CAB) (Release Notes)
    E80.60 Remote Access Clients for Windows Administration Guide
    (Admin Guide)
    Mac Endpoint Security VPN for Mac E80.60 - Disc Image (DMG) (Release Notes)
    Endpoint Security VPN for Mac E80.60 - Installation package (PKG) (Release Notes)
    Endpoint Security VPN for Mac E80.60 - Signature for automatic upgrade (signature) (Release Notes)
    E80.60 Endpoint Security VPN for Mac Administration Guide (Admin Guide)

    Check Point Capsule Docs

    Description Documentation
    Endpoint Security E80.60 Clients (Release Notes)
    E80.60 Check Point Capsule Docs Plugin User Guide (User Guide)
    E80.60 Check Point Capsule Docs Viewer User Guide (User Guide)
    E80.51 23-Jul-2014 23-Jul-2014 October 2017
    Show Supported OS
    Win8.1

    Win8

    Win7

    Win Vista

    WinXP
    Show Upgrade Paths

    E80.50

    E80.42

    E80.42 Mac

    E80.41

    E80.41 Mac

    E80.40

    E80.32

    E80.3x

    R73

    FDE EW 6.3.1

    VPN E75 and higher

    FDE 3.4.4

    From Win8 to Win8.1  
    Show Supported Management Servers

    R80

    R77.30.03

    R77.30.02

    R77.30.01 HFA

    R77.30.01

    R77.30

    R77.20.01

    R77.20

    R77.10

    R77 with E80.60

    R77

       

    Management Server Releases Trains and Timeline

     


       Relevant Documents and SecureKnowledge   More

     


    Revision History

    Show / Hide this section
    Date Description
    12 Mar 2019  Added information about E80.94
    14 Feb 2019 Added information about E80.92
    31 Dec 2018 Added information about E80.90
    30 Dec 2018 Added information about E80.89 for Mac
    09 Dec 2018 Added information about E80.89
    08 Nov 2018 Added information about E80.88
    27 Sep 2018 Added information about E80.87
    22 August 2018 Added information about E80.86
    11 July 2018 Added information about E80.85
    20 June 2018 Added information about E80.84
    08 Mar 2018 Added information about E80.81
    06 Feb 2018 Added information about E80.80
    21 Dec 2017 Added information about E80.71 for Mac
    30 Nov 2017 Added information about E80.71
    27 Aug 2017 First release of this document.
    This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.

    Give us Feedback
    Please rate this document
    [1=Worst,5=Best]
    Comment