Support Center > Search Results > SecureKnowledge Details
Mobile Access Portal Clients Release Updates Technical Level
Solution

Availability | Portal Agent | Compliance Scanner | Secure Workspace | Revision History

 

Introduction

The Check Point Mobile Access Portal offers a variety of on-demand client technologies, including Compliance Scan and Secure Workspace. Use the Mobile Access Portal Agent to download and invoke the technologies.
This article lists all released automatic updates for Mobile Access Portal Clients. If you allow automatic updates (see sk94508), the latest updates are installed automatically on all relevant Check Point machines.

Important: This article does not replace sk113410. The Portal Agent package support only R80.40 and higher Security gateways. For R80.10, R80.20 or R80.30 Security gateway, you should install the hotfix from sk113410 to work with the Mobile Access portal from the supported browser.

Availability

Client Update Release Date Package Download
Portal Agent Update 2 - Take 17 18 Oct 2021 (TAR)
Compliance Scanner Update 1 - Take 9 29 Sep 2020 (TAR)
Secure Workspace Update 1 - Take 14 29 Sep 2020 (TAR)

To check what Take is currently installed, run this command: # cpinfo -y cpupdates

Show / Hide Example

This output shows that the following Portal Clients updates are installed:
  • Compliance Scanner Take 9 (BUNDLE_ESOD_SCANNER_AUTOUPDATE)
  • Portal Agent Take 17 (BUNDLE_ESOD_CSHELL_AUTOUPDATE)
  • Secure Workspace Take 14 (BUNDLE_ESOD_SWS_AUTOUPDATE)


Portal Agent

Show / Hide section

The Mobile Access Portal Agent downloads and operates on-demand Mobile Access Portal clients, such as SSL Network Extender, Compliance Scan and Secure Workspace.


Pre-conditions

  • Install this package on Security Gateways running R80.20 and higher with the Mobile Access blade enabled.
  • Install the latest Take of AutoUpdater.
  • This package cannot be installed on Scalable Platforms.
  • This package cannot be installed together with MABDA hotfix (sk113410)


Manual installation

  1. Make sure that your environment meets the pre-conditions.
  2. To download the package, go to the Package Download link in the Availability section.
    Copy this package to the /home/admin directory on the Security Gateway.
  3. Connect to the Security Gateway via SSH and run this command:
    # autoupdatercli install /home/admin/<package file>
    Note: The installation does not require cpstop; cpstart or a reboot. Once installed, no further action is required, the update will be applied immediately.

     

Revert update

To revert update of the Portal Agent, connect to the Security Gateway via SSH and run this command:
# autoupdatercli revert esod_cshell


Disable update

To disable automatic Portal Agent update, connect to the Security Gateway via SSH and run the following command:
# autoupdatercli disable esod_cshell


List of Resolved Issues per Update for Mobile Access Portal Agent

ID Description
Update 2 - Take 17 (18 October 2021)
MACL-913 CShell sends request to the host before user confirms to trust it.
MACL-964 SNX runs Native Applications from arbitrary locations
Update 1 - Take 13 (29 September 2020)
MACL-900 In some scenarios, users cannot reconnect to SNX after active cluster member change.
PMTR-53528 In some scenarios, SNX tunnel may unexpectedly disconnect. 
MACL-882,
MACL-884
Fix issue with ESOD Scanner update.
PMTR-53112 Certificate installation on Firefox may fail.


Compliance Scanner

Show / Hide section

The Check Point Endpoint Security On Demand scanner scans the endpoint machine to see if it complies with the endpoint compliance policy. If the endpoint is compliant, the user can access the portal.

Pre-conditions

  • Install this package on Security Gateways running R80.10 and higher with the Mobile Access blade enabled.
  • Install the latest Take of AutoUpdater.
  • Package cannot be installed on Scalable platforms.


Manual installation

  1. Make sure that your environment meets the pre-conditions
  2. To download the package, go to the Package Download link in the Availability section.
    Copy this package to the /home/admin directory on the Security gateway.
  3. Connect to the Security Gateway via SSH and run the following command:
    # autoupdatercli install /home/admin/<package file>
    Note: The installation does not require cpstop; cpstart or a reboot. Once installed, no further action is required, the update will be applied immediately.

     

Revert update

To revert update of Compliance Scanner, connect to the Security Gateway via SSH and run this command:
# autoupdatercli revert esod_compliance_scanner


Disable update

To disable automatic Compliance Scanner update, connect to the Security Gateway via SSH and run this command:
# autoupdatercli disable esod_compliance_scanner


List of Resolved Issues per Update for Compliance Scaner

ID Description
Update 1 - Take 9 (29 September 2020)
PMTR-56705 NEW: Added support of New Mobile Access Portal UI.
MACL-854 NEW: Added support of Trend Micro Maximum Security.


Secure Workspace

Show / Hide section

Secure Workspace is the Check Point proprietary virtual desktop that enables data protection during user-sessions, and enables cache wiping after the sessions end. It protects all session-specific data accumulated on the client side.


Pre-conditions

  • Install this package on Security Gateways running R80.10 and higher with the Mobile Access blade enabled.
  • Install the latest Take of AutoUpdater.
  • Package cannot be installed on Scalable platforms.


Manual installation

  1. Make sure that your environment meets the pre-conditions
  2. To download the package, go to the Package Download link in the Availability section.
    Copy this package to the /home/admin directory on the Security gateway.
  3. Connect to the Security Gateway via SSH and run this command:
    # autoupdatercli install /home/admin/<package file>
    Note: The installation does not require cpstop; cpstart or a reboot. Once installed, no further action is required, the update will be applied immediately.

     


Revert update

To revert update of Secure Workspace, connect to the Security Gateway via SSH and run this command:
# autoupdatercli revert esod_secure_workspace


Disable update

To disable automatic Secure Workspace update, connect to the Security Gateway via SSH and run this command:
# autoupdatercli disable esod_secure_workspace


List of Resolved Issues per Update for Secure Workspace

ID Description
Update 1 - Take 14 - (29 September 2020)
PMTR-53429 NEW: Added R81 support in Secure Workspace (SWS) update script.
PRHF-1295 Allow Server-to-Client to work with external service.
MACL-880 Virtualize the #ISW.FS# folder.


Revision History

Show / Hide revision history

Date Description
18 Oct 2021 Released Update 2 - Take 17 of Mobile Access Portal Agent
25 Oct 2020 Added instructions for how to revert update or disable it (per client)
29 Sep 2020 First release of this document - Update 1

 

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment