Support Center > Search Results > SecureKnowledge Details
Enterprise Endpoint Security E80.87 Windows Clients
Solution

Table of Contents:

  • In a Nutshell
  • What's New in E80.87
  • Endpoint Security Clients Downloads
  • Standalone Clients Downloads
  • Endpoint Security Server Downloads
  • Management Console Downloads
  • Utilities/Services Downloads
  • Known Limitations
  • Documentation and Related SecureKnowledge Articles
  • Revision History

 Endpoint Security Homepage is now available.

Notes:

  • To support SmartLog or SmartView Tracker reporting with E80.87 clients for all supported servers (except R80.20), you must update the log schema. Follow instructions in sk106662.
  • Starting in E80.85, anonymized incident related data is sent to Check Point ThreatCloud, by default. To learn more see sk129753.
  • The relevant links to downloads are located in the relevant section, i.e., Endpoint Security Server, Management Console, Endpoint Security Clients, Standalone Clients, Utilities/Services.
  • The relevant links to documentation are located in the "Documentation" section.
  • It is strongly recommended that you read the E80.87 Endpoint Security Client Release Notes, before installing this release.
  • This release includes all limitations of earlier releases unless explicitly shown as resolved.
  • For E80.71 releases for Mac: Refer to sk121595 - Enterprise Endpoint Security E80.71 Mac Clients and sk115655 - Check Point Capsule Docs E80.71 Mac Standalone Client.
Click Here to Show the Entire Article

In a Nutshell

Item Description Link
Managed Client E80.87 Endpoint Security Clients for Windows OS
(ZIP)
VPN Standalone Client

E80.87 Remote Access Clients for Windows

(MSI)
Capsule Docs E80.87 Capsule Docs Standalone Client
(EXE)
Documentation E80.87 Endpoint Security Client for Windows Release Notes  

What's New in E80.87

Show / Hide this section
This release includes stability and quality fixes. It supports all features of previous releases.

New Features

  • Unified Threat Prevention log structure:
    • Covers all Endpoint Threat Prevention products.
    • Adds additional incident details for existing Endpoint logs that provide improved abilities to monitor detected events by indicator's hash, name, or latest attack status.
    • Forensic attack analysis details are now available through the SmartLog queries.
    • New log entries for Anti-Ransomware and Anti-Exploit products.
    • To support SmartLog or SmartView Tracker reporting with E80.87 clients for all supported servers (except R80.20), you must update the log schema. Follow the instructions in sk106662.

    Enhancements

    • Resolves a sharing violation issue in Threat Emulation. Resolves scenarios where applications that try to access a file with exclusive access rights fail due to a Threat Emulation inspection of the file. This also resolves the issue to save documents in PDF format.
    • Addresses a rare situation where Forensics can stall in analysis.
    • Stabilizes serialization issues for the Remediation Service.
    • Stabilizes the initialization order of the Remediation Service for Anti-Bot.
    • Resolves an issue with Anti-Bot Service crashes on low bandwidth networks.
    • Addresses a rare stability issue in Anti-Ransomware in the scenario of policy file collision.
    • Resolves an Anti-Ransomware issue that could prevent complete restoration of files on a system restart in the event of a ransomware attack.
    • Full Disk Encryption in BIOS-mode now uses less memory than in earlier releases. This allows more boot strapping code from Microsoft Windows and prevents low-memory issues in pre-boot.
    • Resolves error in Japanese translation of "left" in the BIOS recovery. 
    • Resolves a Remote Access issue in a customized package of Endpoint Security Client full suite created with the VPN Configuration Utility. In previous releases, the original trac.defaults remains instead of the customized file.
    • Resolves a possible issue in which a "no network" message may occur when the client tries to connect to the VPN Security Gateway when there is connectivity.
    • Resolves a Threat Emulation performance issue during massive I/O activity including Windows OS upgrades.
    • Resolves an Anti-Bot issue that can cause slow performance on web browsers.
    • Resolves an Anti-Exploit compatibility issue with products such as App-V that inject code into protected applications.
    • Resolves a rare issue in which the Firewall blade does not run on upgrades from Windows 7 to Windows 10 with an older version of Endpoint Security client.

Endpoint Security Clients Downloads

Show / Hide this section
Important:
  • Starting from E80.85, SandBlast Agent improves coverage of malicious threats by sending anonymized Incident related data to the Check Point Threat Cloud. This feature is turned on by default. For more information, including how to disable this feature, refer to sk129753.

  • To support SmartLog or SmartView Tracker reporting with E80.87 clients for all supported servers (except R80.20), you must update the log schema. Follow instructions in sk106662.

Endpoint Security E80.87 Clients

Platform Package Description Link
Windows E80.87 Endpoint Security Clients for Windows OS (Recommended) A zip file that contains all package permutations listed below. (ZIP)
E80.87 Complete Endpoint Security Client for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E80.87 Complete Endpoint Security Client for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E80.87 Complete Endpoint Security Client without Anti-Malware for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E80.87 Complete Endpoint Security Client without Anti-Malware for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E80.87 SandBlast Agent Client for 32 bit systems
SandBlast Agent package for 32bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
(ZIP)
E80.87 SandBlast Agent Client for 64 bit systems
SandBlast Agent package for 64bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
 (ZIP)
E80.87 Full Disk Encryption and Media Encryption and Port Protection client for 32 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 32 bit systems
 (ZIP)
E80.87 Full Disk Encryption and Media Encryption and Port Protection client for 64 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 64 bit systems 
 (ZIP)
E80.87 Initial client Initial client is a very thin client without any blade used for software deployment purposes. (ZIP)

Standalone Clients Downloads

Show / Hide this section
Note: These Standalone clients do not require Endpoint Security Server installation as part of their deployment.

E80.87 Standalone Clients

Platform Package Description Link
Windows E80.87 Remote Access Clients for Windows Remote Access VPN Client for SmartDashboard-managed clients (MSI)
E80.87 Remote Access VPN Clients - Automatic Upgrade file Remote Access VPN Client for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E80.87 Remote Access VPN Clients for ATM Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface. (MSI)
E80.87 Remote Access VPN Clients for ATM - Automatic Upgrade file Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E80.87 Capsule Docs Standalone Client Capsule Docs package for environments that are managed by Capsule Docs Cloud Service.
(EXE)
Capsule Docs PC Viewer Check Point Capsule Docs Viewer is a stand-alone client that lets you view documents that were protected through Capsule Docs. Get from: Capsule Docs Portal

Endpoint Security Server Downloads

Show / Hide this section

Note: In order to download some of the packages you will need to have a Software Subscription or Active Support plan.

The packages provided below are Legacy CLI packages (not CPUSE packages).
 

R77.30.03

Clean installation and In-Place Upgrade

  • Before installing the hotfixes, you need R77.30 to be installed and to update CPUSE (sk92449) to the latest build.
  • You must install the R77.30 Jumbo Hotfix for Endpoint Security Server before you install the Endpoint Security Server Package for Gaia OS.
Order of Installation Package Link
1 R77.30 Jumbo Hotfix for Endpoint Security Server (TGZ)
2 R77.30.03 Endpoint Security Server Package for Gaia OS (TGZ)

R80.20

 

Endpoint Security Server Package Link
R80.20
Endpoint Security Server R80.20  (ISO)

Management Console Downloads

Show / Hide this section

Management Console for Endpoint Security Server

The SmartConsole for Endpoint Security Server allows the Administrator to connect to the Endpoint Security Server and to manage the new Endpoint Security Software Blades.

Latest Versions

Endpoint Security Server Package Link
R77.30.03 SmartConsole for Endpoint Security Server R77.30.03 / E80.87 (EXE)
R80.20
SmartConsole for Endpoint Security Server R80.20  (EXE)

Previous Versions

Endpoint Security Server Package Link
R77.30 SmartConsole for Endpoint Security Server R77.30 / E80.87 (EXE)
R80.10 SmartConsole for Endpoint Security Server R80.10 / E80.87 (EXE)
R77.30 EP6.5 SmartConsole for Endpoint Security Server R77.30 EP6.5 / E80.87 (EXE)
R77.20 EP6.2 SmartConsole for Endpoint Security Server R77.20 EP6.2 / E80.87
(EXE)

Utilities/Services Downloads

Show / Hide this section
Utilities

Platform Package Description Link
Windows SandBlast Agent Remediation Manager for Administrators

The administrator utility contains the capabilities of the end-user utility plus these additional features:

  • Quarantine - Send files to quarantine. 
  • Delete - Use the SandBlast Agent remediation service to delete a file. 
  • Import - Import a quarantined file from a different computer or location. Get the administrator utility from the release homepage
(EXE)
Capsule Docs Bulk Protection Services for Windows-based Servers and Workstations Capsule Docs Bulk Protection lets you manage file protection settings based on file locations and properties.  (EXE)
R77.30 DLP Gateway HF for Content-aware Capsule Docs protection (Mail attachments / Network locations)   (TGZ)

For more information about Capsule Docs Bulk Protection, refer to Capsule Docs Bulk Protection Services Reference Guide.

Advanced Upgrade Tools

Platform Package Link
Gaia R77.30.03 Management Server Migration Tools for Gaia (TGZ)
Windows R77.30.03 Management Server Migration Tools for Windows (TGZ)

Full Disk Encryption Offline Management Tool

Platform Package Description Link
Windows
Full Disk Encryption Offline Management Tool The Endpoint Offline Management Tool lets administrators manage offline mode users and give them password recovery and disk recovery. (TGZ)
Windows Full Disk Encryption Offline Management Tool (Japanese) The Endpoint Offline Management Tool lets administrators manage offline mode users and give them password recovery and disk recovery.
(TGZ)

Known Limitations

Show / Hide this section
Issue ID Symptom
EPS-18392
In some cases during software deployment on E80.87 clients, the postpone message appears but does not warn the user about the required reboot. This can happen when blades are added or removed. 
Show / Hide this section      
Document
Endpoint Security Server
R77.30.03 Management Endpoint Security Release Notes 
R77.30.03 Endpoint Security Management Administration Guide
R80.20 Release Notes
Endpoint Security Clients
E80.85 and higher Endpoint Security Client for Windows User Guide
E80.87 Endpoint Security Client for Windows Release Notes
Remote Access VPN Clients
E80.87 Remote Access Clients for Windows Release Notes
E80.72 and higher Remote Access Clients for Windows Administration Guide
Capsule Docs Client
E80.72 and higher Capsule Docs Plugin User Guide
Check Point Capsule Docs Viewer User Guide: Get from: Capsule Docs Portal
Capsule Docs Bulk Protection Services
Capsule Docs Bulk Protection Guide

Revision History

Show / Hide this section
Date Description
19 Oct 2018 Endpoint Security Client was replaced. The following fixes were added::
  • Resolved a Threat Emulation performance issue during massive I/O activity including Windows OS upgrades.
  • Resolved an Anti-Bot issue that can cause slow performance on web browsers.
  • Resolved an Anti-Exploit compatibility issue with products such as App-V that inject code into protected applications.
  • Resolved a rare issue in which the Firewall blade does not run on upgrades from Windows 7 to Windows 10 with an older version of Endpoint Security client.
27 Sep 2018 First release of this document.
This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment