Support Center > Search Results > SecureKnowledge Details
Enterprise Endpoint Security E82.20 Windows Clients
Solution

Table of Contents:

  • In a Nutshell
  • What's New in E82.20
  • Endpoint Security Clients Downloads
  • Standalone Clients Downloads
  • Endpoint Security Server Downloads
  • Management Console Downloads
  • Utilities/Services Downloads
  • Known Limitations
  • Documentation and Related SecureKnowledge Articles
  • Revision History

 Endpoint Security Homepage is now available.

Notes:

  • To support SmartLog or SmartView Tracker reporting with Endpoint Security Clients for all supported servers (except R80.20 and higher), you must update the log schema. Follow instructions in sk106662.
  • Starting in E80.85, anonymized incident related data is sent to Check Point ThreatCloud, by default. To learn more see sk129753.
  • Important: Download SmartConsole with the E80.92 client to avoid "signature verification failed" messages when uploading the client to the SmartConsole.
  • The relevant links to downloads are located in the relevant section, i.e., Endpoint Security Server, Management Console, Endpoint Security Clients, Standalone Clients, Utilities/Services.
  • The relevant links to documentation are located in the "Documentation" section.
  • It is strongly recommended that you read the E82.20 Endpoint Security Client Release Notes, before installing this release.
  • This release includes all limitations of earlier releases unless explicitly shown as resolved.
  • For E80.89 releases for Mac: Refer to sk131152 - Enterprise Endpoint Security E80.89 Mac Clients.
Click Here to Show the Entire Article

In a Nutshell

Item Description Link
Managed Client E82.20 Endpoint Security Clients for Windows OS
(ZIP)
VPN Standalone Client

E82.20 Remote Access Clients for Windows

(MSI)
Capsule Docs E82.20 Capsule Docs Standalone Client
(EXE)
Documentation E82.20 Endpoint Security Client for Windows Release Notes  

What's New in E82.20

Show / Hide this section

New Features

  • The new detection engine "File Reputation" is now active as part of the Threat Emulation blade.
    • Scans files eligible for Threat Emulation upon creation.
    • Checks the file hash against the Check Point cloud reputation service and treats malicious files accordingly.
    • Considers Malware, Riskware and Adware with medium or high confidence as malicious.
    • Is an online service.
    • For more information, see Known Limitations.
  • Adds the ability to check for the latest updates on the client using an integration with Microsoft's Windows Server Update Services (WSUS). See sk164060.
  • Adds DNS connection information to the Tree and Tree-Timeline Views of the Forensics Report.
  • Mutexes and other named objects now appear in the Tree and Tree-Timeline Views of the Forensics Report.
  • Adds Full Disk Encryption Caps Lock notification to pre-boot.

Enhancements 

  • Anti-Malware
    • Fixes an issue where the Anti-Malware process does not stop during an upgrade in Windows 19H1.
    • Resolves a rare crash of Anti-Malware that happens if Anti-Malware exits, while a system scan is active.
  • Media Encryption and Port Protection
    • Fixes internal scanner error during the authorization scan with McAfee VirusScan Enterprise.
    • Fixes an unexpected UserCheck message when no data is being written to a removable media.
    • Fixes the incorrect deployed package name in deployment reports.
    • Fixes Windows Autoplay feature interference on unmanaged machines, when the Access To Business Data window is opened behind the Windows Explorer.
  • Firewall and Application Control
    • Fixes an issue where Windows Subsystems for Linux (WSL) processes sometimes hang on network access.
  • Anti-Ransomware, Behavioral Guard and Forensics
    • Improves performance by eliminating unnecessary logging from the API sensor.
    • Improves performance by not logging repeating errors in third party AV logs, when used with Forensics.
    • Improves performance of the Forensics Report collection subsystem by not attempting to resend corrupted reports.
    • Fixes an issue that could prevent Anti-Ransomware backup operations.
    • Fixes an issue that prevents Anti-Ransomware restoration, in the case of a delete failure followed by a delete success.
    • Removing a Folder exclusion from Anti-Ransomware now correctly enforces backup and restorations for the folder.
    • Fixes a Behavioral Guard rule issue that can result in failures in non-English language detections.
    • Adds a new section for Incident Remediation applied policy in the Remediation section of the Forensics report. This now shows the effective Incident Remediation settings when the report is created.
    • Removes the duplicate line in the Forensics Log Card Description for when the report is not created.
    • Fixes an issue where the user does not show correctly in the Forensics Report.
    • Kaspersky Anti-Virus detections now correctly trigger Forensics.
    • Forensics now treats PowerShell_ISE.exe similarly to PowerShell.exe for the relevant Mitre ATT&CK™ techniques. 
    • Remote Logon techniques now show as either External or Internal Remote Logon techniques in the Forensics Report.
    • Fixed an issue in which processes were terminated although they were excluded in policy.
  • Installation
    • Fixes an issue where a redundant reboot is required when installing Endpoint on a machine with the Media Encryption and Port Protection (MEPP) offline utility.
    • Fixes an issue where the installation process crashes, causing the upgrade to fail.
    • Fixes an issue where services are down after a client upgrade due to a WatchDog failure.
    • Resolves a rare issue, where the Compliance blade crashes during an upgrade when WatchDog restarts the new blade before the installer completed files cleanup.
  •  General
    • Fixes an issue where the Daf-Server process crashes due to error in logging infrastructure.
    • Resolves a possible issue, where the client sometimes does not connect to the Endpoint Security Server, when a synchronous connection takes too long.
    • Fixes uninstall password mismatch issue for a never connected client.
    • Fixes an issue where 5 minutes after login, the user policy is changed into the default policy for a few seconds.
    • Fixes an issue where Check Point processes are assigned with insufficient privileges and suspended after client installation.
    • Fixes an issue where blades might appear as not running due to a failure in the Check Point Device Auxiliary Framework Service (IDAFServerHostService.exe) process.
    • Enables forcing TLS 1.2 only, in client-server communication.
  • VPN
    • Stability improvements.
    • Minor localization issues are fixed.
    • Fixes not displaying the login prompt, when a user roams from the internal to an external network.
  • SandBlast Agent for Browsers
    • When a form site is scanned by SandBlast Agent for Browsers Zero Phishing, the user now has the following options:
      • In case of detection as phishing site, the user can report the detection as a false positive.
      • In case of no detection (the page was verified as Bengin by Zero Phishing), the user can report the page as a Phishing site by clicking on the "report Phishing site" link in the extension pop up. 
  • Full Disk Encryption

Endpoint Security Clients Downloads

Show / Hide this section
Important:
  • Starting from E80.85, SandBlast Agent improves coverage of malicious threats by sending anonymized Incident related data to the Check Point Threat Cloud. This feature is turned on by default. For more information, including how to disable this feature, refer to sk129753.

  • To support SmartLog or SmartView Tracker reporting with Endpoint Security Clients for all supported servers (except R80.20), you must update the log schema. Follow instructions in sk106662.

Endpoint Security E82.20 Clients

Platform Package Description Link
Windows E82.20 Endpoint Security Clients for Windows OS (Recommended) A zip file that contains all package permutations listed below. (ZIP)
E82.20 Complete Endpoint Security Client for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E82.20 Complete Endpoint Security Client for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E82.20 Complete Endpoint Security Client without Anti-Malware for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E82.20 Complete Endpoint Security Client without Anti-Malware for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E82.20 SandBlast Agent Client for 32 bit systems
SandBlast Agent package for 32bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
(ZIP)
E82.20 SandBlast Agent Client for 64 bit systems
SandBlast Agent package for 64bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
 (ZIP)
E82.20 Full Disk Encryption and Media Encryption and Port Protection client for 32 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 32 bit systems
 (ZIP)
E82.20 Full Disk Encryption and Media Encryption and Port Protection client for 64 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 64 bit systems 
 (ZIP)
E82.20 Initial client Initial client is a very thin client without any blade used for software deployment purposes. (ZIP)
E82.20 Threat Prevention Client for 32 bit systems Threat Prevention package for 32bit devices: 
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
  • Compliance
(ZIP)
E82.20 Threat Prevention Client for 64 bit systems Threat Prevention package for 64bit devices:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
  • Compliance
(ZIP)

Standalone Clients Downloads

Show / Hide this section
Note: These Standalone clients do not require Endpoint Security Server installation as part of their deployment.

E82.20 Standalone Clients

Platform Package Description Link
Windows E82.20 Remote Access Clients for Windows Remote Access VPN Client for SmartDashboard-managed clients (MSI)
E82.20 Remote Access VPN Clients - Automatic Upgrade file Remote Access VPN Client for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E82.20 Remote Access VPN Clients for ATM Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface. (MSI)
E82.20 Remote Access VPN Clients for ATM - Automatic Upgrade file Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
E82.20 Capsule Docs Standalone Client Capsule Docs package for environments that are managed by Capsule Docs Cloud Service.
(EXE)
Capsule Docs PC Viewer Check Point Capsule Docs Viewer is a stand-alone client that lets you view documents that were protected through Capsule Docs. Get from: Capsule Docs Portal

Endpoint Security Server Downloads

Show / Hide this section

Note: In order to download some of the packages you will need to have a Software Subscription or Active Support plan.

The packages provided below are Legacy CLI packages (not CPUSE packages).
 

R77.30.03

Clean installation and In-Place Upgrade

  • Before installing the hotfixes, you need R77.30 to be installed and to update CPUSE (sk92449) to the latest build.
  • You must install the R77.30 Jumbo Hotfix for Endpoint Security Server before you install the Endpoint Security Server Package for Gaia OS.
Order of Installation Package Link
1 R77.30 Jumbo Hotfix for Endpoint Security Server (TGZ)
2 R77.30.03 Endpoint Security Server Package for Gaia OS (TGZ)

R80.30

 

Endpoint Security Server Package Link
R80.30
Endpoint Security Server R80.30  (ISO)

Management Console Downloads

Show / Hide this section

Management Console for Endpoint Security Server

The SmartConsole for Endpoint Security Server allows the Administrator to connect to the Endpoint Security Server and to manage the new Endpoint Security Software Blades.

Latest Versions

Endpoint Security Server Package Link
R77.30.03 SmartConsole for Endpoint Security Server R77.30.03 / E82.20 and higher (EXE)
R80.20
SmartConsole for Endpoint Security Server R80.20 / E82.20 and higher (EXE)
R80.30 SmartConsole for Endpoint Security Server R80.30 / E82.20 and higher
(EXE)
R80.30  SmartConsole for Endpoint Security Server R80.30 for BitLocker / E82.20 and higher (EXE)

Previous Versions

Endpoint Security Server Package Link
R77.30 SmartConsole for Endpoint Security Server R77.30 / E82.20 and higher (EXE)
R80.10 SmartConsole for Endpoint Security Server R80.10 / E82.20 and higher (EXE)
R77.30 EP6.5 SmartConsole for Endpoint Security Server R77.30 EP6.5 / E82.20 and higher  (EXE)
R77.20 EP6.2 SmartConsole for Endpoint Security Server R77.20 EP6.2 / E82.20 and higher
(EXE)
Internal note - Above packages includes Recovery Image of version 86.2.20.14

Utilities/Services Downloads

Show / Hide this section
Utilities

Platform Package Description Link
Windows SandBlast Agent Remediation Manager for Administrators

The administrator utility contains the capabilities of the end-user utility plus these additional features:

  • Quarantine - Send files to quarantine. 
  • Delete - Use the SandBlast Agent remediation service to delete a file. 
  • Import - Import a quarantined file from a different computer or location. Get the administrator utility from the release homepage
(EXE)
Capsule Docs Bulk Protection Services for Windows-based Servers and Workstations Capsule Docs Bulk Protection lets you manage file protection settings based on file locations and properties.  (EXE)
R77.30 DLP Gateway HF for Content-aware Capsule Docs protection (Mail attachments / Network locations)   (TGZ)

For more information about Capsule Docs Bulk Protection, refer to Capsule Docs Bulk Protection Services Reference Guide.

Full Disk Encryption Offline Management Tool

Platform Package Description Link
Windows
Full Disk Encryption Offline Management Tool The Endpoint Offline Management Tool lets administrators manage offline mode users and give them password recovery and disk recovery. (TGZ)
Windows Full Disk Encryption Offline Management Tool (Japanese) The Endpoint Offline Management Tool lets administrators manage offline mode users and give them password recovery and disk recovery.
(TGZ)

Known Limitations

Show / Hide this section
Issue ID Description
AHTP-15821

The new detection engine 'File Reputation' is not available offline.

The engine is "On" by default, without a policy UI to turn it off.

The engine can only be switched on and off via GuiDBEdit:

  • In the BrowserExtensionsAdditionalData setting in the TE policy, add the value "fr_mode= Off;"
  • To turn it "On" again, remove this value, or change it to “fr_mode=On;”
Show / Hide this section      
Document
Endpoint Security Server
R80.30 Release Notes 
Endpoint Security R80.30 Administration Guide
Endpoint Security Clients
E80.85 and higher Endpoint Security Client for Windows User Guide
E82.20 Endpoint Security Client for Windows Release Notes
Remote Access VPN Clients
E82.20 Remote Access Clients for Windows Release Notes
E80.72 and higher Remote Access Clients for Windows Administration Guide
Capsule Docs Client
E80.72 and higher Capsule Docs Plugin User Guide
Check Point Capsule Docs Viewer User Guide: Get from: Capsule Docs Portal
Capsule Docs Bulk Protection Services
Capsule Docs Bulk Protection Guide

Revision History

Show / Hide this section
Date Description
19 Dec 2019 First release of this document.

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment