We strongly recommend reading this article in your web browser.
Important: Starting January 1st, 2021, some outdated versions of Remote Client VPN and Endpoint Security Client may stop functioning correctly. Corrective actions are required before January 1st, 2021. This affects only versions E81.10 and lower which are already out of support. After January 1st, 2021, those versions may stop functioning, upgrade will fail and they will require a patch. The issue happens due to the internal certificate used by Endpoint services. One of the certificates expires on January 1st, 2021 therefore all services that use this certificate will stop working on January 1st, 2021. If you’re using Check Point Remote Access (VPN) / Endpoint 80.81-81.10 versions or Check Point SandBlast version E81.10 or earlier, you’ll have two options. Upgrade to a newer version (recommended) or apply a simple fix to the old version (sk171213).
SandBlast Agent Web Management - A new Web-based management interface for Endpoint Threat Prevention components. Note: For the best user experience it is recommended to use SandBlast Agent Web Management with Google Chrome.
Communication with management services remains on port 443, instead of port 4434, when the Endpoint Management component is activated.
Anti-Malware support for shared signature locations to support non-persistent VDI environments.
Manage URL Filtering capabilities of SandBlast Agent Browser Extension.
Application Control policy changes - Support multiple versions per product, terminate application and block WSL. (Windows Subsystem for Linux).
New set of Developer Protections for developers computers.
Compliance integration with Windows Server Update Services (WSUS).
TACACS authentication for Web Remote Help (WebRH).
Media Encryption & Port Protection - Import device overrides from a file.
Enterprise Endpoint Security E85.40 Windows Clients is now available. It adds support for Endpoint Security on Windows Server 2022 and Windows 11. It also introduces new features such as, Super Node that now supports software deployment and Added ability to Customize certificate warning dialog in Remote Access VPN clients. There are also many other enhancements under various categories.
Enterprise Endpoint Security E85.30 Windows Clients - introduces new features such as, Users can now execute PowerShell scripts on client computers using Push operations, Static Detection Engines have moved to monitor the access to the file, and not only the creation of the file, Behavioral Guard has a new active behavioral security technology that attempts to find zero-day local privilege escalation (LPE) attempts and Media Encryption events are now sent to Threat Hunting. There are also many other features and enhancements under various categories.
Enterprise Endpoint Security E85.10 Windows Clients - introduces new features such as: During an upgrade from E85.10, the firewall stays connected; Portuguese translations for the Client UI; Customers can now execute PowerShell scripts on client machines, using push operations; Browser Extension New Capability; Sandblast Agent is now called Harmony Endpoint. There are also many other features and enhancements under various categories.
Enterprise Endpoint Security E84.71 Windows Clients - introduces a hotfix on top of E84.70, in addition to all the E84.70 contents. In this release, the PPL processes for Windows Security Center: Anti-Malware, Firewall and Threat Emulation were signed with a newcross-signed certificate. The new signature preempts the possibility that a future KB release of Microsoft Windows will block the Check Point PPL processes. This fixes an issue that only exists in E84.70.
Enterprise Endpoint Security E84.70 Windows Clients - introduces new features such as connect to a VPN gateway via a hotspot, while restricting internet access from other applications, VPN support for the Security Assertion Markup Language (SAML) protocol in user authentications, and Management Servers can now limit registration to clients which have unique time-limited tokens. There are also many other features and enhancements under various categories.
Check Point Endpoint Security clients protect all of your Windows and Mac workstations, including laptops, Desktops, and Windows Servers.
Check Point takes part in various OS manufactures' development processes and we start the support of new versions when vendors release development builds.
We are committed to offer early availability clients within 3 weeks of OS GA and to announce GA within 2 months of OS GA, however in practice we are delivering much faster. See sk115192 for OS support timeline.