Support Center > Search Results > SecureKnowledge Details
Enterprise Endpoint Security E80.85 Windows Clients
Solution

Table of Contents:

  • In a Nutshell
  • What's New in E80.85
  • Endpoint Security Server Downloads
  • Management Console Downloads
  • Endpoint Security Clients Downloads
  • Standalone Clients Downloads
  • Utilities/Services Downloads
  • Known Limitations
  • Resolved Issues
  • Documentation and Related SecureKnowledge Articles
  • Revision History

 Endpoint Security Homepage is now available.

Notes:

Click Here to Show the Entire Article

In a Nutshell

Item Description Link
Server Package 1 R77.30 Jumbo Hotfix for Endpoint Security Server (TGZ)
Server Package 2 R77.30.03 Endpoint Security Server Package for Gaia OS (TGZ)
Console SmartConsole for Endpoint Security Server R77.30.03 / E80.85
(EXE)
Managed Client E80.85 Endpoint Security Clients for Windows OS
(ZIP)
VPN Standalone Client

E80.85 Remote Access Clients for Windows

(MSI)
Capsule Docs E80.85 Capsule Docs Standalone Client
(EXE)
Documentation E80.85 Endpoint Security Client for Windows Release Notes  
R77.30.03 Endpoint Security Management Administration Guide  

What's New in E80.85

Show / Hide this section
This release includes stability and quality fixes. It supports all features of previous releases.

New Features

  • Anti-Malware - A DHS-compliant Anti-Malware engine is available for download, as specified in DHS Binding Operational Directive 17-01. To learn more, and to download the packages, contact Check Point Support.
  • Behavioral Guard - SandBlast Agent Behavioral Guard is a behavioral detection engine that detects and remediates all forms of malicious behavior. If malicious behavior is detected, a forensics report is generated of the entire attack. The attack can be automatically or manually remediated based on the forensics report. To learn how to configure Behavioral Guard, see sk129892.
  • Data Collection - SandBlast Agent improves the detection of malicious threats by sending anonymized incident-related data to the Check Point ThreatCloud. It is enabled by default. To learn more about data collection and to find out how to disable it, see sk129753.
  • Remote Access VPN - Support for Key Storage Providers (KSP) for machine certificates. Support for KSP is enabled by default for machine authentication. If machine authentication is configured on the client and on the Security Gateway, clients can authenticate with machine certificates that use a Key Storage Provider.

Enhancements

  • Full Disk Encryption - Improved logging when enabling or disabling Pre-boot using the fdecontrol.exe utility.

Endpoint Security Server Downloads

Show / Hide this section

Note: In order to download some of the packages you will need to have a Software Subscription or Active Support plan.

The packages provided below are Legacy CLI packages (not CPUSE packages).
 

Clean installation and In-Place Upgrade

  • Before installing the hotfixes, you need R77.30 to be installed and to update CPUSE (sk92449) to the latest build.
  • You must install the R77.30 Jumbo Hotfix for Endpoint Security Server before you install the Endpoint Security Server Package for Gaia OS.
Order of Installation Package Link
1 R77.30 Jumbo Hotfix for Endpoint Security Server (TGZ)
2 R77.30.03 Endpoint Security Server Package for Gaia OS (TGZ)

Management Console Downloads

Show / Hide this section

Management Console for Endpoint Security Server

The SmartConsole for Endpoint Security Server allows the Administrator to connect to the Endpoint Security Server and to manage the new Endpoint Security Software Blades.

Latest Versions

Endpoint Security Server Package Link
R77.30.03 SmartConsole for Endpoint Security Server R77.30.03 / E80.85 (EXE)
R80.20.M1
SmartConsole for Endpoint Security Server R80.20.M1  (EXE)

Previous Versions

Endpoint Security Server Package Link
R77.30 SmartConsole for Endpoint Security Server R77.30 / E80.84 (EXE)
R80.10 SmartConsole for Endpoint Security Server R80.10 / E80.84 (EXE)
R77.30 EP6.5 SmartConsole for Endpoint Security Server R77.30 EP6.5 / E80.84 (EXE)
R77.20 EP6.2 SmartConsole for Endpoint Security Server R77.20 EP6.2 / E80.84
(EXE)

Endpoint Security Clients Downloads

Show / Hide this section
Important: Starting from E80.85, SandBlast Agent improves coverage of malicious threats by sending anonymized Incident related data to the Check Point Threat Cloud. This feature is turned on by default. For more information, including how to disable this feature, refer to sk129753.

Endpoint Security E80.85 Clients

Platform Package Description Link
Windows E80.85 Endpoint Security Clients for Windows OS (Recommended) A zip file that contains all package permutations listed below. (ZIP)
E80.85 Complete Endpoint Security Client for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E80.85 Complete Endpoint Security Client for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E80.85 Complete Endpoint Security Client without Anti-Malware for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E80.85 Complete Endpoint Security Client without Anti-Malware for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E80.85 SandBlast Agent Client for 32 bit systems
SandBlast Agent package for 32bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
(ZIP)
E80.85 SandBlast Agent Client for 64 bit systems
SandBlast Agent package for 64bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
 (ZIP)
E80.85 Full Disk Encryption and Media Encryption and Port Protection client for 32 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 32 bit systems
 (ZIP)
E80.85 Full Disk Encryption and Media Encryption and Port Protection client for 64 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 64 bit systems 
 (ZIP)
E80.85 Initial client Initial client is a very thin client without any blade used for software deployment purposes. (ZIP)

Standalone Clients Downloads

Show / Hide this section
Note: These Standalone clients do not require Endpoint Security Server installation as part of their deployment.

E80.85 Standalone Clients

Platform Package Description Link
Windows E80.85 Remote Access Clients for Windows Remote Access VPN Client for SmartDashboard-managed clients (MSI)
E80.85 Remote Access VPN Clients - Automatic Upgrade file Remote Access VPN Client for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E80.85 Remote Access VPN Clients for ATM Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface. (MSI)
E80.85 Remote Access VPN Clients for ATM - Automatic Upgrade file Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E80.85 Capsule Docs Standalone Client Capsule Docs package for environments that are managed by Capsule Docs Cloud Service.
(EXE)
Capsule Docs PC Viewer Check Point Capsule Docs Viewer is a stand-alone client that lets you view documents that were protected through Capsule Docs. Get from: Capsule Docs Portal

Utilities/Services Downloads

Show / Hide this section
Utilities

Platform Package Description Link
Windows SandBlast Agent Remediation Manager for Administrators

The administrator utility contains the capabilities of the end-user utility plus these additional features:

  • Quarantine - Send files to quarantine. 
  • Delete - Use the SandBlast Agent remediation service to delete a file. 
  • Import - Import a quarantined file from a different computer or location. Get the administrator utility from the release homepage
(EXE)
Capsule Docs Bulk Protection Services for Windows-based Servers and Workstations Capsule Docs Bulk Protection lets you manage file protection settings based on file locations and properties.  (EXE)
R77.30 DLP Gateway HF for Content-aware Capsule Docs protection (Mail attachments / Network locations)   (TGZ)

For more information about Capsule Docs Bulk Protection, refer to Capsule Docs Bulk Protection Services Reference Guide.

Advanced Upgrade Tools

Platform Package Link
Gaia R77.30.03 Management Server Migration Tools for Gaia (TGZ)
Windows R77.30.03 Management Server Migration Tools for Windows (TGZ)

Full Disk Encryption Offline Management Tool

Platform Package Description Link
Windows
Full Disk Encryption Offline Management Tool The Endpoint Offline Management Tool lets administrators manage offline mode users and give them password recovery and disk recovery. (TGZ)
Windows Full Disk Encryption Offline Management Tool (Japanese) The Endpoint Offline Management Tool lets administrators manage offline mode users and give them password recovery and disk recovery.
(TGZ)

Known Limitations

Show / Hide this section
ID Description
Full Disk Encryption
EPS-15576  If the policy setting "Require that only an authorized preboot user is allowed to log into the operation system" is enabled, it does not block unauthorized users from signing-in using credential providers other than password and smartcard. For further information see sk128992.

Resolved Issues

Show / Hide this section
ID Description
Full Disk Encryption
EPS-16555  Doing a restart of the computer during decryption, after uninstalling the Endpoint Connect client, may fail when using XTS-AES (128/256 bit) encryption on a BIOS (that is, a non-UEFI) computer.
Capsule Docs
CDOC-264, CDOC-269
Preview for Microsoft Office 2010 x64 documents is available for unprotected documents only. Protected documents are shown as friendly files.
Show / Hide this section
Document
Endpoint Security Server
R77.30.03 Management Endpoint Security Release Notes 
R77.30.03 Endpoint Security Management Administration Guide
Endpoint Security Clients
E80.85 Endpoint Security Client for Windows User Guide
E80.85 Endpoint Security Client for Windows Release Notes
Remote Access VPN Clients
E80.85 Remote Access Clients for Windows Release Notes
E80.72 and higher Remote Access Clients for Windows Administration Guide
Capsule Docs Client
E80.72 and higher Capsule Docs Plugin User Guide
Check Point Capsule Docs Viewer User Guide: Get from: Capsule Docs Portal
Capsule Docs Bulk Protection Services
Capsule Docs Bulk Protection Guide

Revision History

Show / Hide this section
Date Description
11 July 2018 First release of this document.

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment