Introduces the Anti-Malware blade for macOS. Currently, it is EA quality, with the blade’s main capabilities, such as:

• Displays current status in the client UI.
• Enables full system scan, manual and scheduled by policy.
• Quarantines malicious files and enables the user to restore by policy.
• Updates malware signatures from the Check Point Signature server in the cloud.
• Reports back about malicious files to the Endpoint Management server.

For more information, see the “Endpoint Security Client for Mac Online Help” pages in the "Anti-Malware" section.

Enhancements

• This release includes stability, quality and performance fixes.

Endpoint Security E82.50 Clients for macOS 

Platform	Package	Link
macOS	E82.50 Check Point Endpoint Security Client for macOS	(ZIP)
macOS	E82.50 Check Point Endpoint Security Client for macOS (without Capsule Docs and SandBlast Agent)	(ZIP)

Note: These Standalone clients do not require Endpoint Security Server installation as part of their deployment.

E82.50 Standalone Clients for macOS

Platform	Package	Link
macOS	E82.50 Endpoint Security VPN for macOS - Disc Image (DMG)	(DMG)
	E82.50 Endpoint Security VPN for macOS - Automatic Upgrade package (PKG)	(PKG)
	E82.50 Endpoint Security VPN for macOS - Signature for automatic upgrade	(signature)

Capsule Docs E82.50 Clients

Platform	Package	Link
macOS	E82.50 Capsule Docs Mac Editor

Media Encryption Offline Access Tool E82.xx for macOS

Platform	Package	Link
macOS	E82.xx Media Encryption Offline Access Tool

If you want to use the new Native Encryption Management, download the relevant hotfix.

Note: In order to download some of the packages you will need to have a Software Subscription or Active Support plan.

The packages provided below are Legacy CLI packages (not CPUSE packages). 

Endpoint Security Server	Package	Link
R77.30.03	R77.30.03 Server Hotfix for Native Encryption Management	(TGZ)
R77.20 EP6.2	R77.20 EP6.2 Server Hotfix for Native Encryption Management	(TGZ)

Important: The Native Encryption Management Hotfix is integrated into R80.20

Management Console for Endpoint Security Server

The SmartConsole for Endpoint Security Server allows the Administrator to connect to the Endpoint Security Server and to manage the new Endpoint Security Software Blades.

Endpoint Security Server	Package	Link
R77.30.03	SmartConsole for Endpoint Security Server R77.30.03 / E80.89	(EXE)
R77.20 EP6.2	SmartConsole for Endpoint Security Server R77.20 EP6.2 / E80.89	(EXE)
R80.20	SmartConsole for Endpoint Security Server R80.20	sk137593
R80.30	SmartConsole for Endpoint Security Server R80.30	sk153153
R80.40	SmartConsole for Endpoint Security Server R80.40	sk165473

Issue ID	Description
EPS-23363	On macOS 10.15 Catalina, Full Disk Access has to be approved for several blades to work properly, including Media Encryption, VPN, Threat Emulation, Anti-Ransomware and Forensics. macOS does not provide any notifications about this automatically, so Endpoint Security presents a UserCheck message, as a guide for which application to grant FDA access, and a button to open the System Preferences.
AHTP-15580	Post-upgrade from the E80.89 release, there are no historic AR/TE events shown in the UI.
AHTP-15310	If nodeJS is installed on the Mac, build directories should be excluded in SBA policy (AR/EFR and TE) to improve performance.
EPS-23361	If the default name of the compliance rule for checking if assigned blades are running is changed, i.e. cloned or edited, this rule will not be applied to the macOS compliance blade. Then, on the server side there will be no compliance reporting (inform, warn, restrict). Client will also not go into the assumed compliance state.
ESVPN-1920	In some rare cases during the upgrade of VPN client from previous version, user may experience temporary inability to connect to VPN site. Delay may be from seconds to several minutes. To address this issue user should perform reboot of operating system.
EPS-26022	Media Encryption blade: Media scan - not supported.

Anti-Malware Blade Limitations

Issue ID	Description
EPS-26010	Enable Web protection - not supported  (always off)
EPS-26011	Scan Mail messages - not supported  (always off)
EPS-26012	Signature source settings - not supported (only External Check Point Signature server setting is supported)
EPS- 26014	Push operations:  Scan for malware - not supported Update malware for signature database - not supported Operations restore file from quarantine - not supported
EPS-26015	Scan targets settings: Critical areas - not supported (always on) Optical drives  - not supported (always off) Mail messages  - not supported (always off) Unrecognized devices  - not supported (always off)
EPS-26016	Configure threat cloud knowledge sharing - not supported
EPS-26017	Process exclusion - MD5 not supported
EPS-26020	Contextual scan  - not supported (Finder does not have option for scan)
EPS-26059	Anti-Malware detections integration with Forensics report - not supported.