Support Center > Search Results > SecureKnowledge Details
Enterprise Endpoint Security E84.30 Windows Clients Technical Level
Solution

Table of Contents:

  • In a Nutshell
  • What's New in E84.30
  • Endpoint Security Clients Downloads
  • Standalone Clients Downloads
  • Endpoint Security Server Downloads
  • Management Console Downloads
  • Utilities/Services Downloads
  • Documentation and Related SecureKnowledge Articles
  • Revision History

 Endpoint Security Homepage is now available.

Notes:

Click Here to Show the Entire Article

In a Nutshell

Item Description Link
Managed Client E84.30 Endpoint Security Clients for Windows OS (ZIP)
E84.30 Endpoint Security Clients for Windows OS - Dynamic package (EXE)
VPN Standalone Client E84.30 Remote Access Clients for Windows (MSI)
Capsule Docs E84.30 Capsule Docs Standalone Client (EXE)
Documentation E84.30 Endpoint Security Client for Windows Release Notes  
sk164896 - Video: How to deploy and upgrade Endpoint Security Client?

What's New in E84.30

Show / Hide this section

New Features

  •  Threat Hunting, Forensics, Behavioral Guard and Anti-Ransomware 
    • Adds a new sensor to monitor WMI-Get requests. Behavioral Guard rules can use data from the sensor. The data can appear in Forensics reports and in Threat Hunting. 
    • The redesigned logon sensor for Forensics and Threat Hunting now shows all logon events in Threat Hunting, not just remote logons.
  • VPN
    • VPN can now display a warning message with custom text prior to a VPN connection. If the user accepts the conditions, VPN connects. If the user discards the conditions, VPN does not connect. Will be fully available in Q2 2021.
  • Infrastructure
    • This release adds the option to uninstall the Endpoint Security Client with a Push Operation from the Management Server. See sk170444 for more information.

Enhancements

  • Anti-Malware 
    •  Resolves a rare issue where the Anti-Malware blade downloads signatures from an external mirror instead of from the local Management Server.
    • Resolves a rare issue where the Anti-Malware Blade runs in "Disconnected Mode" with the "Disconnected" policy while the client still connects to the Management Server. 
    • Resolves a rare issue where the Anti-Malware blade does not function correctly after the Endpoint Security Client's Repair procedure. 
    • Resolves a rare issue where the Anti-Malware blade does not run correctly due to corrupted signatures. 
    • Anti-Virus Resolves installation issue when the Endpoint Security Client does not install due to an Anti-Malware driver error. 
  •  Threat Hunting, Forensics, Behavioral Guard and Anti-Ransomware 
    • Improves the performance of Forensics and lessens the time necessary for Windows Updates. 
    • When the DNS sensor is active, Forensics does not monitor raw DNS data. This improves Forensics performance. 
    • Forensics does not monitor specific instances of msiexec.exe related to installation and thus improves Forensics performance.
    • Fixes an issue that can lead to high CPU utilization during a maintenance purge of the Forensics database.
    • Improves performance by aggregating network events sent to Threat Hunting. 
    • Adds the option in policy to disable and to enable the API sensor that injects and monitors processes. 
    • Fixes an issue that can cause a crash in the Forensics service during an uninstallation. 
    • Fixes a Forensics crash that involves badly formed Registry data.
  • Full Disk Encryption
    •  BCDBOOT mode is now the default on upgrades. 
    •  Adds a new option to fdecontrol to set a custom message to display when UOL fails. 
  •  Media Encryption and Port Protection 
    • Resolves a very rare issue where a machine with the Media Encryption blade may not function after a sleep or a long idle time if users configure SearchIndexer to index removable drives. 
  • VPN
    • Fixes the issue where the VPN disconnects when the Windows desktop locks.
  • Installation  
    • Resolves a rare issue where Dynamic Package upgrades can fail due to a locked file on the client. 
    • Resolves a rare issue where the Watchdog does not start processes after an upgrade.
    • Resolves an issue where some leftovers remain in the registry after an Endpoint Security Client uninstall. 
    • Resolves an issue where an Endpoint Security Client upgrade fails when it happens after an installation with a renamed exported file other than eps.msi. 
    • Optimizes Endpoint Security Client Repair and Upgrade procedures with fewer and unnecessary file deletions.
    • Resolves an issue where the Repair procedure fails when it is unable to create a folder in %temp%. 
    • Resolves an issue where the Endpoint Security Client Repair procedure fails after an upgrade procedure fails.
  • Infrastructure 
    • Resolves a rare issue where the Endpoint Security Client upgrade downloads the dynamic package of files twice.
    • Optimizes Endpoint Security Client self-protection from intrusions by unwanted software programs.
    • Resolves a very rare memory allocation issue in the vsdatant driver. 
    • Resolves an issue where the "Remote Install" feature makes only one registration attempt to the Management Server. 
    • Resolves a rare issue where the Endpoint Security Client remains in an inconsistent state after an Operating System upgrade. 

Endpoint Security Clients Downloads

Show / Hide this section
Important:
    • Starting from E80.85, SandBlast Agent improves coverage of malicious threats by sending anonymized Incident related data to the Check Point Threat Cloud. This feature is turned on by default. For more information, including how to disable this feature, refer to sk129753.

  • To support SmartLog or SmartView Tracker reporting with Endpoint Security Clients for all supported servers (except R80.20), you must update the log schema. Follow instructions in sk106662.

Endpoint Security E84.30 Clients

Platform Package Description Link
Windows E84.30 Endpoint Security Clients for Windows OS - Dynamic package Complete Endpoint Security Client for any CPU (32bit or 64bit). This is a self-extracting executable EXE file with all components (Blades) to be used as Dynamic package with R80.40 and above. (EXE)
E84.30 Endpoint Security Clients for Windows OS (Recommended) A zip file that contains all package permutations listed below. (ZIP)
E84.30 Complete Endpoint Security Client for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E84.30 Complete Endpoint Security Client for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E84.30 Complete Endpoint Security Client without Anti-Malware for 32 bit systems
A package for 32bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)
E84.30 Complete Endpoint Security Client without Anti-Malware for 64 bit systems
A package for 64bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
 (ZIP)
E84.30 SandBlast Agent Client for 32 bit systems
SandBlast Agent package for 32bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
(ZIP)
E84.30 SandBlast Agent Client for 64 bit systems
SandBlast Agent package for 64bit devices:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
 (ZIP)
E84.30 Full Disk Encryption and Media Encryption and Port Protection client for 32 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 32 bit systems  (ZIP)
E84.30 Full Disk Encryption and Media Encryption and Port Protection client for 64 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 64 bit systems   (ZIP)
E84.30 Initial client Initial client is a very thin client without any blade used for software deployment purposes. (ZIP)
E84.30 Threat Prevention Client for 32 bit systems Threat Prevention package for 32bit devices: 
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
  • Compliance
(ZIP)
E84.30 Threat Prevention Client for 64 bit systems Threat Prevention package for 64bit devices:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
  • Compliance
(ZIP)

Standalone Clients Downloads

Show / Hide this section
Note: These Standalone clients do not require Endpoint Security Server installation as part of their deployment.

E84.30 Standalone Clients

Platform Package Description Link
Windows E84.30 Remote Access Clients for Windows Remote Access VPN Client for SmartConsole-managed clients (MSI)
E84.30 Remote Access VPN Clients - Automatic Upgrade file Remote Access VPN Client for automatic upgrade through the gateway. For SmartConsole-managed clients only. (CAB)
E84.30 Remote Access VPN Clients for ATM Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface. (MSI)
E84.30 Remote Access VPN Clients for ATM - Automatic Upgrade file Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface for automatic upgrade through the gateway. For SmartConsole-managed clients only. (CAB)
E84.30 Capsule Docs Standalone Client Capsule Docs package for environments that are managed by Capsule Docs Cloud Service. (EXE)
Capsule Docs PC Viewer Check Point Capsule Docs Viewer is a stand-alone client that lets you view documents that were protected through Capsule Docs. Get from: Capsule Docs Portal

Endpoint Security Server Downloads 

Show / Hide this section

Note: In order to download some of the packages you will need to have a Software Subscription or Active Support plan.

The packages provided below are Legacy CLI packages (not CPUSE packages).
 

R77.30.03

Clean installation and In-Place Upgrade

  • Before installing the hotfixes, you need R77.30 to be installed and to update CPUSE (sk92449) to the latest build.
  • You must install the R77.30 Jumbo Hotfix for Endpoint Security Server before you install the Endpoint Security Server Package for Gaia OS.
Order of Installation Package Link
1 R77.30 Jumbo Hotfix for Endpoint Security Server (TGZ)
2 R77.30.03 Endpoint Security Server Package for Gaia OS (TGZ)

R80.30


Endpoint Security Server Package Link
R80.30 Endpoint Security Server R80.30  (ISO)

R80.40


Endpoint Security Server Package Link
R80.40 Endpoint Security Server R80.40  (ISO)

Management Console Downloads

Show / Hide this section

Management Console for Endpoint Security Server

The SmartConsole for Endpoint Security Server allows the Administrator to connect to the Endpoint Security Server and to manage the new Endpoint Security Software Blades.

Latest Versions

Endpoint Security Server Package Link
R80.40 SmartConsole for Endpoint Security Server R80.40 / E83.20 and higher sk165473
R80.30 SmartConsole for Endpoint Security Server R80.30 / E83.20 and higher sk153153

Previous Versions

Endpoint Security Server Package Link
R80.20 SmartConsole for Endpoint Security Server R80.20 / E83.20 and higher sk137593
R77.30.03 SmartConsole for Endpoint Security Server R77.30.03 / E84.20 and higher (EXE)
R77.30 SmartConsole for Endpoint Security Server R77.30 / E84.20 and higher (EXE)
R80.10 SmartConsole for Endpoint Security Server R80.10 / E83.20 and higher sk119612
R77.30 EP6.5 SmartConsole for Endpoint Security Server R77.30 EP6.5 / E84.20 and higher  (EXE)
R77.20 EP6.2 SmartConsole for Endpoint Security Server R77.20 EP6.2 / E84.20 and higher (EXE)
Internal note - Above packages includes Recovery Image of version - 86.4.20.12

Utilities/Services Downloads

Show / Hide this section
Utilities

Platform Package Description Link
Windows SandBlast Agent Remediation Manager for Administrators

The administrator utility contains the capabilities of the end-user utility plus these additional features:

  • Quarantine - Send files to quarantine. 
  • Delete - Use the SandBlast Agent remediation service to delete a file. 
  • Import - Import a quarantined file from a different computer or location. Get the administrator utility from the release homepage
(EXE)
Capsule Docs Bulk Protection Services for Windows-based Servers and Workstations Capsule Docs Bulk Protection lets you manage file protection settings based on file locations and properties.  (EXE)
R77.30 DLP Gateway HF for Content-aware Capsule Docs protection (Mail attachments / Network locations)   (TGZ)

For more information about Capsule Docs Bulk Protection, refer to Capsule Docs Bulk Protection Services Reference Guide.

Full Disk Encryption Offline Management Tool

Platform Package Description Link
Windows Full Disk Encryption Offline Management Tool The Endpoint Offline Management Tool lets administrators manage offline mode users and give them password recovery and disk recovery. (TGZ)
Windows Full Disk Encryption Offline Management Tool (Japanese) The Endpoint Offline Management Tool lets administrators manage offline mode users and give them password recovery and disk recovery. (TGZ)
Show / Hide this section      
Document
Endpoint Security Server
R80.40 Release Notes
Endpoint Security R80.40 Administration Guide
R80.30 Release Notes 
Endpoint Security R80.30 Administration Guide
Endpoint Security Clients
E80.85 and higher Endpoint Security Client for Windows User Guide
E84.30 Endpoint Security Client for Windows Release Notes (English)
E84.30 Endpoint Security Client for Windows Release Notes (Japanese)
sk164896 - Video: How to deploy and upgrade Endpoint Security Client?
Remote Access VPN Clients
E84.30 Remote Access Clients for Windows Release Notes
E80.72 and higher Remote Access Clients for Windows Administration Guide
Capsule Docs Client
E80.72 and higher Capsule Docs Plugin User Guide
Check Point Capsule Docs Viewer User Guide: Get from: Capsule Docs Portal
Capsule Docs Bulk Protection Services
Capsule Docs Bulk Protection Guide

Revision History

Show / Hide this section
Date Description
21 Dec 2020 First release of this document.

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment