To support SmartLog or SmartView Tracker reporting with Endpoint Security Clients for all supported servers (except R80.20 and higher), you must update the log schema. Follow instructions in sk106662.
Starting in E80.85, anonymized incident related data is sent to Check Point ThreatCloud, by default. To learn more see sk129753.
Important: Download SmartConsole with the E80.92 client to avoid "signature verification failed" messages when uploading the client to the SmartConsole.
The relevant links to downloads are located in the relevant section, i.e., Endpoint Security Server, Management Console, Endpoint Security Clients, Standalone Clients, Utilities/Services.
The relevant links to documentation are located in the "Documentation" section.
The relevant links to downloads are located in the relevant section, i.e., Endpoint Security Server, Management Console, Endpoint Security Clients, Standalone Clients, Utilities/Services.
The relevant links to documentation are located in the "Documentation" section.
BitLocker Management Check Point Endpoint Security E82.00 Client introduces BitLocker Management as an option in the Full Disk Encryption Blade. BitLocker is an integrated part of Windows. The Check Point BitLocker Management feature uses the Endpoint Security Server, Client Agent and Management UI to manage BitLocker. BitLocker Management is Windows 10 only. See the BitLocker Management Administration Guide.
New Detection Techniques
Meterpreter / Reverse Shell Detection Behavioral Guard now supports enhanced behavioral detections of reverse shells. This detection is currently in silent and will be turned on via a remote update at a later stage.
RDP Brute Force Detections Behavioral Guard now supports RDP Brute Force detections. This detection is currently in silent and will be turned on via a remote update at a later stage.
VPN's Post Disconnect Feature The post disconnect script feature allows users to run scripts on client computers after disconnections from gateways. See the Revision History of the Remote Access for Windows Administration Guide.
Enhancements
Anti-Ransomware, Behavioral Guard and Forensics
Fixes a rare issue which causes Forensics to crash if there is corruption in the backup and restoration database.
Fixes an issue that results in the entire Forensics database being purged when the database size limit is reached.
Fixes an issue where Privilege Escalation is not determined for the start process in the Forensics Report.
Fixes an issue where the Bypass User Account Control Mitre ATT&CK technique is not determined accurately.
Firewall and Application Control
Fixes a rare issue where Firewall blade is not running after an upgrade.
Fixes a rare issue where arbitrary processes are suspended.
Capsule Docs
Enforcements to prevent screen captures are not implemented now because there are no practical needs for them.
Media Encryption and Port Protection
Resolves the "Unrecognized scan log format" message when scanning a removable media with McAfee 8.8 on the Japanese OS version.
Fixes a localization issue of Japanese text in the Offline Access tool.
Installation
Fixes the rejected client msi import in MS AD GPO deployment.
Informs the user to reboot the machine after Windows 10 OS upgrade from builds below 18000 instead of forcing the reboot.
General
Automatically initiates client registration renewal with the server, if a new SID was assigned to the client machine.
Fixes a rare issue where the cpda process crashes.
Fixes a rare issue where the client's connection status is incorrectly displayed as "connected".
Starting from E80.85, SandBlast Agent improves coverage of malicious threats by sending anonymized Incident related data to the Check Point Threat Cloud. This feature is turned on by default. For more information, including how to disable this feature, refer to sk129753.
To support SmartLog or SmartView Tracker reporting with Endpoint Security Clients for all supported servers (except R80.20), you must update the log schema. Follow instructions in sk106662.
Endpoint Security E82.00 Clients
Platform
Package
Description
Link
Windows
E82.00 Endpoint Security Clients for Windows OS (Recommended)
A zip file that contains all package permutations listed below.
(ZIP)
E82.00 Complete Endpoint Security Client for 32 bit systems
Note: These Standalone clients do not require Endpoint Security Server installation as part of their deployment.
Known issue: The below Standalone Clients VPN packages have a small cosmetic issue. The version shows in the Help About screen is VPN E81.40 instead of VPN E82.00. The version of the software itself is OK (E82.00).
You can use the below installation, or if preferred, you can contact Check Point Support to get an updated version with the fix in the Help About screen.
E82.00 Standalone Clients
Platform
Package
Description
Link
Windows
E82.00 Remote Access Clients for Windows
Remote Access VPN Client for SmartConsole-managed clients
Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface for automatic upgrade through the gateway. For SmartConsole-managed clients only.
(CAB)
E81.40 Capsule Docs Standalone Client
Capsule Docs package for environments that are managed by Capsule Docs Cloud Service.
(EXE)
Capsule Docs PC Viewer
Check Point Capsule Docs Viewer is a stand-alone client that lets you view documents that were protected through Capsule Docs.
The SmartConsole for Endpoint Security Server allows the Administrator to connect to the Endpoint Security Server and to manage the new Endpoint Security Software Blades.
Latest Versions
Endpoint Security Server
Package
Link
R77.30.03
SmartConsole for Endpoint Security Server R77.30.03 / E81.40 and higher
(EXE)
R80.20
SmartConsole for Endpoint Security Server R80.20 / E81.40 and higher
Machines using Self Encrypting Drives (Opal) hardware encryption cannot switch to BitLocker using the BitLocker policy option.
EPS-23145
A machine with BitLocker enabled, by default, is not a supported scenario in Check Point Full Disk Encryption. If BitLocker is enabled, by default, it must be turned off, before you install FDE with a Check Point Full Disk Encryption Policy in effect.
Note: If you install FDE with a BitLocker management policy, this limitation does not apply.
Documentation and Related SecureKnowledge Articles