Support Center > Search Results > SecureKnowledge Details
Enterprise Endpoint Security E81.10 Windows Clients
Solution

Table of Contents:

  • In a Nutshell
  • What's New in E81.10
  • Endpoint Security Clients Downloads
  • Standalone Clients Downloads
  • Endpoint Security Server Downloads
  • Management Console Downloads
  • Utilities/Services Downloads
  • Known Limitations
  • Documentation and Related SecureKnowledge Articles
  • Revision History

 Endpoint Security Homepage is now available.

Notes:

  • To support SmartLog or SmartView Tracker reporting with Endpoint Security Clients for all supported servers (except R80.20), you must update the log schema. Follow instructions in sk106662.
  • Starting in E80.85, anonymized incident related data is sent to Check Point ThreatCloud, by default. To learn more see sk129753.
  • Important: Download SmartConsole with the E80.92 client to avoid "signature verification failed" messages when uploading the client to the SmartConsole.
  • The relevant links to downloads are located in the relevant section, i.e., Endpoint Security Server, Management Console, Endpoint Security Clients, Standalone Clients, Utilities/Services.
  • The relevant links to documentation are located in the "Documentation" section.
  • It is strongly recommended that you read the E81.10 Endpoint Security Client Release Notes, before installing this release.
  • This release includes all limitations of earlier releases unless explicitly shown as resolved.
  • For E80.89 releases for Mac: Refer to sk131152 - Enterprise Endpoint Security E80.89 Mac Clients.
Click Here to Show the Entire Article

In a Nutshell

Item Description Link
Managed Client E81.10 Endpoint Security Clients for Windows OS
(ZIP)
VPN Standalone Client

E81.10 Remote Access Clients for Windows

(MSI)
Capsule Docs E81.10 Capsule Docs Standalone Client
(EXE)
Documentation E81.10 Endpoint Security Client for Windows Release Notes  

What's New in E81.10

Show / Hide this section

New Features

  • E81.10 adds support for Endpoint on Windows 10 19H1 (v1903). Anti-Malware users are only supported with a required server hotfix as seen in sk141033
  • When a file is determined as malicious by Threat Emulation, the TE report is in a new format. The report is now available from the Client UI and the SmartLog entry. The new format requires server versions shown in the "Management Requirements" section of the E81.10 Endpoint Security Client for Windows Release Notes.
  • This release adds a new authentication capability for VPN clients: Authentication with a CNG certificate.
  • This release introduces 32-bit and 64-bit download packages for the Threat Prevention Client.
    Important: The Threat Prevention package includes an initial set of Anti-Malware signatures. The complete set updates right after the client connects to the update server.
  • Anti-Exploit now protects against the Windows Remote Desktop Protocol (RDP) vulnerability, as defined in CVE-2019-0708.

Enhancements 

  • Anti-Malware
    • Fixes an issue where using Anti-Malware in the "Windows Security Center" would suspend Anti-Malware.
    • Fixes an issue where an Anti-Malware scheduled scan does not start after waking the machine from sleep.
    • Fixes an issue where Endpoint upgrades from versions prior to 80.92 fail while the Anti-Malware scan is active. 
    • Fixes an issue where Microsoft VPN and Direct Access do not work when the Anti-Malware blade is installed. 
    • Improves security by using "protected process" support for Anti-Malware and firewall processes. This feature is the default when the client runs Windows 19H1, which requires a server hotfix for Anti-Malware users. For more information, see sk141033.
  • Threat Emulation and Anti-Exploit
    • Fixes a rare false positive with the Return Oriented Programming (ROP) detection in Anti-Exploit.
    • Anti-Exploit now protects against the Remote Desktop Protocol (RDP) vulnerability, as defined in CVE-2019-0708:
      • This represents a critical flaw found in the Remote Desktop Protocol of Windows allowing for either Remote Code Execution or Denial of Service attacks. Vulnerable systems protected by Anti-Exploit, include Windows 7 SP1 and Windows 2008R2. To learn more, see sk154232.
      • Note: Users who run SandBlast Agent with a third party Anti-Virus (AV) should be aware that Anti-Exploit is turned off in the presence of third party AVs. For this protection to be enabled, you must allow Anti-Exploit to work with third party AVs, as detailed in sk154454.
  • Anti-Ransomware, Behavioral Guard and Forensics
    • Anti-Ransomware Honeypots are now less likely to be skipped by certain ransomware families.
    • Reduces false positives in Anti-Ransomware, when using MS Office applications.
    • Fixes an issue so that the Backup and Restoration database does not grow beyond a certain limit.
    • Fixes an issue so that the Anti-Ransomware backup folder does not grow beyond a certain limit.
    • Anti-Ransomware now correctly backs up and restores for users who are explicitly named "temp".
    • Improves Forensics performance, when the system is waking up from hibernate and sleep. 
    • Improves Forensics performance during OS upgrades.
    • Fixes a rare Forensics crash that can occur during the analysis, if the Entry Point is unknown.
    • Fixes a very rare issue that can occur where the Forensic Analysis takes hours to complete.
    • Fixes an issue of terminating processes that may be spawned, while the Forensics analysis is ongoing. 
    • Fixes an incorrect remediation status in the Forensics report when copying a malicious file from a network share.
    • Improves Forensics to deal with command line parameters more effectively during an incident analysis.
    • If Reputation is unavailable, unsigned processes will no longer appear with incorrect details in the Reputation screen.
    • The IP Reputation is now calculated even when there are no http or https operations. 
    • The Forensics Report now correctly shows the World Map of unknown or malicious IP addresses even when there are no http or https connections.
  • Media Encryption and Port Protection
    • Fixes additional cases where the Offline Data Access tool does not always start in Read-Only mode, if write protection is configured in the system.
  • Firewall and Application Control
    • Fixes a rare issue where the Endpoint Security Client stalls during an upgrade and the network is lost.
    • Fixes an issue where 'disabling Wi-Fi connection upon Ethernet connection' does not work if both connect to the same router or network.
    • Adds support to Device Guard features based on Hypervisor Enforced Code Integrity (HVCI).
  • Updater
    • Enhances the signature update mechanism to be more resilient during failures, and to hold the most up-to-date signatures.
  • URL Filtering
    • Reduces end-user popups and notifications to the items that require user knowledge or intervention, similar to the behavior of the other Endpoint blades. 
  • General
    • Fixes a very rare issue where an installation from the "Initial Client" fails, when Windows 7 is missing KB2533623.
    • Fixes a rare issue when an Anti-Bot service uninstall may fail on the client with an unclear message.      

Endpoint Security Clients Downloads

Show / Hide this section
Important:
  • Starting from E80.85, SandBlast Agent improves coverage of malicious threats by sending anonymized Incident related data to the Check Point Threat Cloud. This feature is turned on by default. For more information, including how to disable this feature, refer to sk129753.

  • To support SmartLog or SmartView Tracker reporting with Endpoint Security Clients for all supported servers (except R80.20), you must update the log schema. Follow instructions in sk106662.

Endpoint Security E81.10 Clients

Platform Package Description Link
Windows E81.10 Endpoint Security Clients for Windows OS (Recommended) A zip file that contains all package permutations listed below. (ZIP)
E81.10 Complete Endpoint Security Client for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E81.10 Complete Endpoint Security Client for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E81.10 Complete Endpoint Security Client without Anti-Malware for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E81.10 Complete Endpoint Security Client without Anti-Malware for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E81.10 SandBlast Agent Client for 32 bit systems
SandBlast Agent package for 32bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
(ZIP)
E81.10 SandBlast Agent Client for 64 bit systems
SandBlast Agent package for 64bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
 (ZIP)
E81.10 Full Disk Encryption and Media Encryption and Port Protection client for 32 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 32 bit systems
 (ZIP)
E81.10 Full Disk Encryption and Media Encryption and Port Protection client for 64 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 64 bit systems 
 (ZIP)
E81.10 Initial client Initial client is a very thin client without any blade used for software deployment purposes. (ZIP)
E81.10 Threat Prevention Client for 32 bit systems Threat Prevention package for 32bit devices: 
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
  • Compliance
(ZIP)
E81.10 Threat Prevention Client for 64 bit systems Threat Prevention package for 64bit devices:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
  • Compliance
(ZIP)

Standalone Clients Downloads

Show / Hide this section
Note: These Standalone clients do not require Endpoint Security Server installation as part of their deployment.

E81.10 Standalone Clients

Platform Package Description Link
Windows E81.10 Remote Access Clients for Windows Remote Access VPN Client for SmartDashboard-managed clients (MSI)
E81.10 Remote Access VPN Clients - Automatic Upgrade file Remote Access VPN Client for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E81.10 Remote Access VPN Clients for ATM Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface. (MSI)
E81.10 Remote Access VPN Clients for ATM - Automatic Upgrade file Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E81.10 Capsule Docs Standalone Client Capsule Docs package for environments that are managed by Capsule Docs Cloud Service.
(EXE)
Capsule Docs PC Viewer Check Point Capsule Docs Viewer is a stand-alone client that lets you view documents that were protected through Capsule Docs. Get from: Capsule Docs Portal

Endpoint Security Server Downloads

Show / Hide this section

Note: In order to download some of the packages you will need to have a Software Subscription or Active Support plan.

The packages provided below are Legacy CLI packages (not CPUSE packages).
 

R77.30.03

Clean installation and In-Place Upgrade

  • Before installing the hotfixes, you need R77.30 to be installed and to update CPUSE (sk92449) to the latest build.
  • You must install the R77.30 Jumbo Hotfix for Endpoint Security Server before you install the Endpoint Security Server Package for Gaia OS.
Order of Installation Package Link
1 R77.30 Jumbo Hotfix for Endpoint Security Server (TGZ)
2 R77.30.03 Endpoint Security Server Package for Gaia OS (TGZ)

R80.20

 

Endpoint Security Server Package Link
R80.20
Endpoint Security Server R80.20  (ISO)

Management Console Downloads

Show / Hide this section

Management Console for Endpoint Security Server

The SmartConsole for Endpoint Security Server allows the Administrator to connect to the Endpoint Security Server and to manage the new Endpoint Security Software Blades.

Latest Versions

Endpoint Security Server Package Link
R77.30.03 SmartConsole for Endpoint Security Server R77.30.03 / E81.10 (EXE)
R80.20
SmartConsole for Endpoint Security Server R80.20 sk137593
R80.30 SmartConsole for Endpoint Security Server R80.30
sk144293

Previous Versions

Endpoint Security Server Package Link
R77.30 SmartConsole for Endpoint Security Server R77.30 / E81.00 / E81.10 (EXE)
R80.10 SmartConsole for Endpoint Security Server R80.10 (EXE)
R77.30 EP6.5 SmartConsole for Endpoint Security Server R77.30 EP6.5 / E81.00 / E81.10 (EXE)
R77.20 EP6.2 SmartConsole for Endpoint Security Server R77.20 EP6.2 / E81.00 / E81.10
(EXE)

Utilities/Services Downloads

Show / Hide this section
Utilities

Platform Package Description Link
Windows SandBlast Agent Remediation Manager for Administrators

The administrator utility contains the capabilities of the end-user utility plus these additional features:

  • Quarantine - Send files to quarantine. 
  • Delete - Use the SandBlast Agent remediation service to delete a file. 
  • Import - Import a quarantined file from a different computer or location. Get the administrator utility from the release homepage
(EXE)
Capsule Docs Bulk Protection Services for Windows-based Servers and Workstations Capsule Docs Bulk Protection lets you manage file protection settings based on file locations and properties.  (EXE)
R77.30 DLP Gateway HF for Content-aware Capsule Docs protection (Mail attachments / Network locations)   (TGZ)

For more information about Capsule Docs Bulk Protection, refer to Capsule Docs Bulk Protection Services Reference Guide.

Full Disk Encryption Offline Management Tool

Platform Package Description Link
Windows
Full Disk Encryption Offline Management Tool The Endpoint Offline Management Tool lets administrators manage offline mode users and give them password recovery and disk recovery. (TGZ)
Windows Full Disk Encryption Offline Management Tool (Japanese) The Endpoint Offline Management Tool lets administrators manage offline mode users and give them password recovery and disk recovery.
(TGZ)

Known Limitations

Show / Hide this section
Issue ID Description
EPS-20253 Unable to copy some files to USB media although the policy allows it. Sometimes files from the Internet have extra information to show this as the source. If this attribute is set, Windows handles permissions for these files differently. See the workaround in sk154332.
EPS-18355 Check Point Full Disk Encryption is not supported on Lenovo ThinkPad X260 Ultrabook that has Device Guard enabled in the firmware configuration.
ESVPN-1219

This release adds a new authentication capability for VPN clients: Authentication with a CNG certificate. 

  • The new authentication capability with a CNG certificate for VPN clients is supported for R80.10 with R80.10 Jumbo Hotfix Take 169 and above.
  • These curves are supported: P-256, P-384, and P-521.
  • Enrollment, distribution, and management ECDH user certificates from Check Point Internal CA are not supported. 
Show / Hide this section      
Document
Endpoint Security Server
R77.30.03 Management Endpoint Security Release Notes 
R77.30.03 Endpoint Security Management Administration Guide
R80.20 Release Notes
Endpoint Security Clients
E80.85 and higher Endpoint Security Client for Windows User Guide
E81.10 Endpoint Security Client for Windows Release Notes (English)
E81.10 Endpoint Security Client for Windows Release Notes (Japanese)
Remote Access VPN Clients
E81.10 Remote Access Clients for Windows Release Notes
E80.72 and higher Remote Access Clients for Windows Administration Guide
Capsule Docs Client
E80.72 and higher Capsule Docs Plugin User Guide
Check Point Capsule Docs Viewer User Guide: Get from: Capsule Docs Portal
Capsule Docs Bulk Protection Services
Capsule Docs Bulk Protection Guide

Revision History

Show / Hide this section
Date Description
15 July 2019  Link to Maintrain Release map was replaced
30 Jun 2019 First release of this document.

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment