Support Center > Search Results > SecureKnowledge Details
Endpoint Security Client Legacy Releases (Detailed Information per Release) Technical Level
Solution
Note: For latest Endpoint Security Client Releases, refer to sk117536 - Endpoint Security Homepage

Detailed Endpoint Security Client Legacy Releases Information


Client version GA Date Latest Revision Date End of Support Supported OS Supported Upgrade Paths OS In-place upgrade Supported Blades Supported Management Servers Downloads Additional Information
E81.10 30-Jun-2019 30-Jun-2019 Support Life Cycle Policy
Show Supported OS
Win7

Win8.1.1

Win10 1703 Enterprise

Win10 1709

Win10 1803

Win10 1809

Win 10 1903
Show Upgrade Paths
E80.64

and higher
From Win7/Win 8.1.1/Win10 1703/Win10 1709/Win10 1803/Win10 1809 to Win10 1903
Show supported blades
Desktop Firewall and Application Control

Anti-Malware

Forensics and Anti-Ransomware

URL Filtering

Anti-Bot

Threat Emulation & Anti-Exploit

Media Encryption and Port Protection

Full Disk Encryption

Compliance

Remote Access VPN (SA/Managed)

Capsule Docs (SA/Managed)
Show Supported Management Servers

R80.30

R80.20

R80.20.M2

R77.30 EP 6.5

R77.30.03

R77.30

R80.10

R77.20 EP6.2

Important: This version is no longer supported and is expired as of 1-Jan-2021. Follow instructions in sk171213.
What's New in E81.10

New Features

  • E81.10 adds support for Endpoint on Windows 10 19H1 (v1903). Anti-Malware users are only supported with a required server hotfix as seen in sk141033
  • When a file is determined as malicious by Threat Emulation, the TE report is in a new format. The report is now available from the Client UI and the SmartLog entry. The new format requires server versions shown in the "Management Requirements" section of the E81.10 Endpoint Security Client for Windows Release Notes.
  • This release adds a new authentication capability for VPN clients: Authentication with a CNG certificate.
  • This release introduces 32-bit and 64-bit download packages for the Threat Prevention Client.
    Important: The Threat Prevention package includes an initial set of Anti-Malware signatures. The complete set updates right after the client connects to the update server.
  • Anti-Exploit now protects against the Windows Remote Desktop Protocol (RDP) vulnerability, as defined in CVE-2019-0708.

Enhancements 

  • Anti-Malware
    • Fixes an issue where using Anti-Malware in the "Windows Security Center" would suspend Anti-Malware.
    • Fixes an issue where an Anti-Malware scheduled scan does not start after waking the machine from sleep.
    • Fixes an issue where Endpoint upgrades from versions prior to 80.92 fail while the Anti-Malware scan is active. 
    • Fixes an issue where Microsoft VPN and Direct Access do not work when the Anti-Malware blade is installed. 
    • Improves security by using "protected process" support for Anti-Malware and firewall processes. This feature is the default when the client runs Windows 19H1, which requires a server hotfix for Anti-Malware users. For more information, see sk141033.
  • Threat Emulation and Anti-Exploit
    • Fixes a rare false positive with the Return Oriented Programming (ROP) detection in Anti-Exploit.
    • Anti-Exploit now protects against the Remote Desktop Protocol (RDP) vulnerability, as defined in CVE-2019-0708:
      • This represents a critical flaw found in the Remote Desktop Protocol of Windows allowing for either Remote Code Execution or Denial of Service attacks. Vulnerable systems protected by Anti-Exploit, include Windows 7 SP1 and Windows 2008R2. To learn more, see sk154232.
      • Note: Users who run SandBlast Agent with a third party Anti-Virus (AV) should be aware that Anti-Exploit is turned off in the presence of third party AVs. For this protection to be enabled, you must allow Anti-Exploit to work with third party AVs, as detailed in sk154454.
  • Anti-Ransomware, Behavioral Guard and Forensics
    • Anti-Ransomware Honeypots are now less likely to be skipped by certain ransomware families.
    • Reduces false positives in Anti-Ransomware, when using MS Office applications.
    • Fixes an issue so that the Backup and Restoration database does not grow beyond a certain limit.
    • Fixes an issue so that the Anti-Ransomware backup folder does not grow beyond a certain limit.
    • Anti-Ransomware now correctly backs up and restores for users who are explicitly named "temp".
    • Improves Forensics performance, when the system is waking up from hibernate and sleep. 
    • Improves Forensics performance during OS upgrades.
    • Fixes a rare Forensics crash that can occur during the analysis, if the Entry Point is unknown.
    • Fixes a very rare issue that can occur where the Forensic Analysis takes hours to complete.
    • Fixes an issue of terminating processes that may be spawned, while the Forensics analysis is ongoing. 
    • Fixes an incorrect remediation status in the Forensics report when copying a malicious file from a network share.
    • Improves Forensics to deal with command line parameters more effectively during an incident analysis.
    • If Reputation is unavailable, unsigned processes will no longer appear with incorrect details in the Reputation screen.
    • The IP Reputation is now calculated even when there are no http or https operations. 
    • The Forensics Report now correctly shows the World Map of unknown or malicious IP addresses even when there are no http or https connections.
  • Media Encryption and Port Protection
    • Fixes additional cases where the Offline Data Access tool does not always start in Read-Only mode, if write protection is configured in the system.
  • Firewall and Application Control
    • Fixes a rare issue where the Endpoint Security Client stalls during an upgrade and the network is lost.
    • Fixes an issue where 'disabling Wi-Fi connection upon Ethernet connection' does not work if both connect to the same router or network.
    • Adds support to Device Guard features based on Hypervisor Enforced Code Integrity (HVCI).
  • Updater
    • Enhances the signature update mechanism to be more resilient during failures, and to hold the most up-to-date signatures.
  • URL Filtering
    • Reduces end-user popups and notifications to the items that require user knowledge or intervention, similar to the behavior of the other Endpoint blades. 
  • General
    • Fixes a very rare issue where an installation from the "Initial Client" fails, when Windows 7 is missing KB2533623.
    • Fixes a rare issue when an Anti-Bot service uninstall may fail on the client with an unclear message.
    E80.97 27-May-2019 27-May-2019 Support Life Cycle Policy
    Show Supported OS
    Win7

    Win8.1.1
    Win10 1703 Enterprise

    Win10 1709

    Win10 1803

    Win10 1809
    Show Upgrade Paths
    E80.64

    and higher
    From Win7/Win 8.1.1/Win10 1703/Win10 1709/Win10 1803 to Win10 1809
    Show supported blades
    Desktop Firewall and Application Control

    Anti-Malware

    Forensics and Anti-Ransomware

    URL Filtering

    Anti-Bot

    Threat Emulation & Anti-Exploit

    Media Encryption and Port Protection

    Full Disk Encryption

    Compliance

    Remote Access VPN (SA/Managed)

    Capsule Docs (SA/Managed)
    Show Supported Management Servers

    R80.30

    R80.20

    R80.20.M2

    R77.30 EP 6.5

    R77.30.03

    R77.30

    R80.10

    R77.20 EP6.2

    Important: This version is no longer supported and is expired as of 1-Jan-2021. Follow instructions in sk171213.
    What's New in E80.97

    New Feature

    Anti-Exploit now protects against the Windows Remote Desktop Protocol (RDP) vulnerability, as defined in CVE-2019-0708.

    Enhancements

      • Anti-Exploit
        • CVE-2019-0708: This represents a critical flaw found in the Remote Desktop Protocol of Windows allowing for either Remote Code Execution or Denial of Service attacks. Vulnerable systems protected by Anti-Exploit include Windows 7 SP1 and Windows 2008R2. To learn more, see sk154232

          Note: Users who run SandBlast Agent with a third party Anti-Virus (AV) should be aware that Anti-Exploit is turned off in the presence of third party AVs. For this protection to be enabled, you must allow Anti-Exploit to work with third party AVs as detailed in sk154454.

    • Anti-Ransomware, Behavioral Guard and Forensics
      • Fixes an issue introduced in E80.96 that can lead to Forensic exclusions being ignored on reboot.
      • Fixes an issue so that the Backup and Restoration database does not grow beyond a certain limit.
      E81.00 22-May-2019 22-May-2019 Support Life Cycle Policy
      Show Supported OS
      Win7

      Win8.1.1
      Win10 1703 Enterprise

      Win10 1709

      Win10 1803

      Win10 1809
      Show Upgrade Paths
      E80.64

      and higher
      From Win7/Win 8.1.1/Win10 1703/Win10 1709/Win10 1803 to Win10 1809
      Show supported blades
      Desktop Firewall and Application Control

      Anti-Malware

      Forensics and Anti-Ransomware

      URL Filtering

      Anti-Bot

      Threat Emulation & Anti-Exploit

      Media Encryption and Port Protection

      Full Disk Encryption

      Compliance

      Remote Access VPN (SA/Managed)

      Capsule Docs (SA/Managed)
      Show Supported Management Servers

      R80.30

      R80.20

      R80.20.M2

      R77.30 EP 6.5

      R77.30.03

      R77.30

      R80.10

      R77.20 EP6.2

      Important: This version is no longer supported and is expired as of 1-Jan-2021. Follow instructions in sk171213.
      What's New in E81.00

      New Features

      • Two new features are now available in the Endpoint Security Client Early Availability (EA) program:
        • BitLocker Management
        • Virtual desktop infrastructure (VDI) Persistent Support for VMWare Horizon
        For more information, contact E81.00 Early Availability: E81_EA@checkpoint.com
      • The IP reputation and geo-location are now in the Forensics report.
        Changes in the Overview, Reputation and Network Screens highlight IP reputations and geo-locations.

      Enhancements 

      • Anti-Ransomware, Behavioral Guard and Forensics
        • Improves performance by moving Anti-Ransomware honeypot creation and deletion from logon/logoff to the product install/uninstall.
        • The manual restoration of files is now possible for any detected attack with Forensics, as well as Anti-Ransomware. Previously, this was limited to Anti-Ransomware attacks only.
        • Fixes an issue introduced in E80.96 which can lead to Forensic exclusions being ignored on reboot.
        • Fixes a rare issue where Forensics fails to accept a new policy from Management.
        • Fixes a rare crash in Forensics, when the service is shut down before the initialization is complete.
        • Improves Forensics Analysis to follow attacks that involve scheduled tasks, or WMI calls, when the associated processes are invoked.
        • Improves the Entry Point in Forensics to determine if an incident originates from a zip file.
        • Improves the Entry Point in Forensics to identify where certain incidents start from an lnk/shortcut file.
        • Fixes a rare issue with Forensic's Entry Point, where if Anti-Exploit triggers on a browser, more than one browser may appear in the report.
        • Fixes an issue with McAfee's Endpoint not triggering Forensics on a detection if the language is Portuguese. 
        • Fixes an issue in the Forensics report where Business Impact icons use the same tooltip in the Overview section.
        • Fixes a missing icon, when Microsoft Edge is part of a Forensics incident.
        • Fixes a client UI issue where the Forensics analysis animation occurs without an analysis.
        • Fixes an issue to make the Additional Intelligence arrow in the Reputation screen in the Forensics Report function correctly for Edge and Internet Explorer. 
        • Fixes incorrect capitalization in the Reputation screen of the Forensics report.
        • Fixes an issue where Edge and Internet Explorer incorrectly identify certain IPs as phone number links in the Forensics Report. 
        • Increases the size of the reputation drop down in the Network Activity screen of the Forensics Report to accommodate the length of the largest value in the list.
        • Adds the ability for the Forensics CLI to accept the rule name, the third-party product name, and the hash value as parameters.     
      • Threat Emulation and Anti-Exploit
        • Improves the performance of the SandBlast Agent Threat Emulation to minimize the effect on the Endpoint resources.
        • Import-Export Table Parsing in Anti-Exploit is now disabled by default. Disabling this greatly reduces the number of products incompatible with Anti-Exploit.

          To enable this protection, follow the instructions in sk121793.
      • Anti-Malware
        • Hardens the security of the client against DLL injection.
          CVE-2019-8458: Check Point Endpoint Security Client for Windows, with Anti-Malware blade installed, before version E81.00, tries to load a non-existent DLL during an update initiated by the UI. An attacker with administrator privileges can leverage this to gain code execution within a Check Point Software Technologies signed binary, where under certain circumstances may cause the client to terminate.
        • Fixes an issue with Anti-Malware, when it sometimes rejects updates from the OfflineUpdater tool.
        • Fixes an issue where sometimes adding the Anti-Malware blade to a current SandBlast Agent (only) Endpoint results in an Anti-Malware error state. 
      • Full Disk Encryption
        • Full Disk Encryption now tries to wrap known third party credential providers.

          The list of known credential providers that we support is in sk152915
      • Firewall and Application Control
        • Fixes an issue where the Application Control blade may randomly terminate a process due to an uninitialized local variable.
        • Fixes a rare case where the firewall blade may crash.
        • Fixes a crash in the Firewall blade when a LAN cable is connected, while "Disable Wireless on LAN" is enabled. 
      • Media Encryption and Port Protection
        • Fixes issues with CD encryption to show the correct file sizes and correct occupied percentage in the CD. 
        • Fixes the disknet.exe high CPU usage because of continuous file signature checks, when MEPP is configured to block all access to removable media. 
        • Fixes a crash when a device is unexpectedly removed and has an empty friendly name. 
        • Fixes an issue with the MEPP blade, where Windows freezes when the USB key is not removed safely. 
        • Fixes a cosmetic issue in Enhanced Protected Mode (EPM) Explorer to show the status as read-only, if a read-only password is used and the file system is NTFS.
      • Infrastructure
        • Fixes an issue where the installer cannot run from a shared folder and fails with error 1720.
        • Fixes an issue where an operating system reboot is sometimes not enforced after a client removal.
        • Fixes a minor issue where an initial client always shows a connected status, even if it is disconnected.
        • Adds the ability to upload cpinfo to password-protected FTP servers after collecting it. 
        • Fixes an issue where sometimes, after restart, the client will be in a disconnected state for 10 minutes. 
        • Fixes a rare race condition where one of the blades crashes while trying to update the UI.
      • SandBlast Browser Extension
        • Improves Internet Explorer browser extension performance for web pages with many frames.
      • Updater
        • Enhances the mechanism that allows sending security updates to SandBlast agent.
      • Remote Access VPN
        • Performance improvements to the VPN throughput.
      • General
        • Adds an option to acknowledge and close multiple UserCheck messages when they appear.      
        E80.96 16-Apr-2019 16-Apr-2019 Support Life Cycle Policy
        Show Supported OS
        Win7

        Win8.1.1
        Win10 1703 Enterprise

        Win10 1709

        Win10 1803

        Win10 1809
        Show Upgrade Paths
        E80.64

        and higher
        From Win7/Win 8.1.1/Win10 1703/Win10 1709/Win10 1803 to Win10 1809
        Show supported blades
        Desktop Firewall and Application Control

        Anti-Malware

        Forensics and Anti-Ransomware

        URL Filtering

        Anti-Bot

        Threat Emulation & Anti-Exploit

        Media Encryption and Port Protection

        Full Disk Encryption

        Compliance

        Remote Access VPN (SA/Managed)

        Capsule Docs (SA/Managed)
        Show Supported Management Servers

        R80.20

        R80.20.M2

        R77.30 EP 6.5

        R77.30.03

        R77.30

        R80.10

        R77.20 EP6.2

        Important: This version is no longer supported and is expired as of 1-Jan-2021. Follow instructions in sk171213.
        What's New in E80.96

        Enhancements

        • Anti-Malware
          • Resolves a rare issue where Anti-Malware protection does not run after an upgrade.
          • Fixes an issue where Anti-Malware shows an incorrect status in UI, in some cases. (This is only relevant to the E2 package.)
          • Fixes an issue where sometimes the OfflineUpdater tool fails to update the signatures database on the client side. 
        • Capsule Docs 
          • Fixes an issue that may cause a failure in an upgrade, or in an uninstall process. 
        • Anti-Ransomware, Behavioral Guard and Forensics
          • The latest version of the Anti-Ransomware Honey Pots are now correctly installed when upgrading from previous versions.
          • Anti-Ransomware Honey Pots no longer stop working if they receive a second Anti-Ransomware policy update.
          • Disabling Forensics now correctly disables Anti-Ransomware completely, including removing all Anti-Ransomware Honey Pot files.
          • Fixes an issue where Process information is corrupted before being inserted into the Forensics Database. With the fix, the number of instances of unknown processes in a Forensics report is dramatically reduced.
          • Fixes a rare case where the last received Forensics, Anti-Ransomware and Behavioral Guard policies are not saved and used, when the client cannot connect to the Management Server.
          • Fixes a rare crash in Forensics, when receiving policy before the full Forensics initialization is complete.
          • Fixes an issue where certain exclusions for Anti-Ransomware are not enforced, if the user logs in before the full service initialization is complete. 
        • Threat Emulation and Anti-Exploit
          • Resolves an issue where, in some cases, Threat Emulation may not deploy the SBA4B Chrome extension if a user has other (non-Check Point) extensions.
          • Makes sure that Threat Emulation avoids a crash when the database is very large.
          • Anti-Exploit now turns off completely when used with a third party Anti-Virus. Check Point's Anti-Malware will not cause Anti-Exploit to disable.
          • Fixes a very rare issue where Anti-Exploit does not completely parse the policy from the Management.
        • Install / Uninstall
          • Fixes a rare case where an unrequired reboot occurs after upgrade.
          • Resolves a rare issue where a crash happens on an uninstall and upgrade.
          • Changes the upgrade retry frequency and removes unnecessary user interface popups.
          • Removes a "Validation failed" message that is displayed in error, during an upgrade from an old version.
          • Updates the list of supported Windows 10 versions in Compliance blade to include versions 1809 and 1803.  
        •    Infrastructure
          • Fixes an issue where the Full Disk Encryption policy is sometimes not updated. 
          • Improves the security of the client when using hard linked files. 
        • General
          • Reduces end-user popups and notifications to the items that require user knowledge or intervention.      
        E80.95 31-Mar-2019 31-Mar-2019 Support Life Cycle Policy
        Show Supported OS
        Win7

        Win8.1.1
        Win10 1703 Enterprise

        Win10 1709

        Win10 1803

        Win10 1809
        Show Upgrade Paths
        E80.64

        and higher
        From Win7/Win 8.1.1/Win10 1703/Win10 1709/Win10 1803 to Win10 1809
        Show supported blades
        Desktop Firewall and Application Control

        Anti-Malware

        Forensics and Anti-Ransomware

        URL Filtering

        Anti-Bot

        Threat Emulation & Anti-Exploit

        Media Encryption and Port Protection

        Full Disk Encryption

        Compliance

        Remote Access VPN (SA/Managed)

        Capsule Docs (SA/Managed)
        Show Supported Management Servers

        R80.20

        R80.20.M2

        R77.30 EP 6.5

        R77.30.03

        R77.30

        R80.10

        R77.20 EP6.2

        Important: This version is no longer supported and is expired as of 1-Jan-2021. Follow instructions in sk171213.
        What's New in E80.95
        Anti-Malware - Fixes an issue where the signatures database sometimes fails to update.
        E80.94 12-Mar-2019 12-Mar-2019 Support Life Cycle Policy
        Show Supported OS
        Win7

        Win8.1.1
        Win10 1703 Enterprise

        Win10 1709

        Win10 1803

        Win10 1809
        Show Upgrade Paths
        E80.64

        and higher
        From Win7/Win 8.1.1/Win10 1703/Win10 1709/Win10 1803 to Win10 1809
        Show supported blades
        Desktop Firewall and Application Control

        Anti-Malware

        Forensics and Anti-Ransomware

        URL Filtering

        Anti-Bot

        Threat Emulation & Anti-Exploit

        Media Encryption and Port Protection

        Full Disk Encryption

        Compliance

        Remote Access VPN (SA/Managed)

        Capsule Docs (SA/Managed)
        Show Supported Management Servers

        R80.20

        R80.20.M2

        R77.30 EP 6.5

        R77.30.03

        R77.30

        R80.10

        R77.20 EP6.2

        Important: This version is no longer supported and is expired as of 1-Jan-2021. Follow instructions in sk171213.
        What's New in E80.94
        This release includes stability and quality fixes. It supports all features of previous releases.

        Enhancements

        • Anti-Malware
          • Resolves a rare case where Anti-Malware has errors when updating signatures.
        • Capsule Docs
          • Resolves an issue so that processes do not stay suspended after an unexpected termination. 
        • Anti-Ransomware, Behavioral Guard and Forensics
          • Fixes an issue where OneDrive synchronization fails on Anti-Ransomware Honeypot files.
          • Adds the ability to exclude individual Anti-Ransomware rules. Behavioral Guard has a similar ability.
          • Changes the Forensics analysis to issue a more accurate Forensic Attack Tree on Dell machines. 
          • Recognizes Google's new signature correctly, and no longer treats Chrome as an unknown process when Reputation is unavailable.
          • The updated trusted certificate file includes the latest trusted signers for use in Forensic Analyses.
          • Forensic Report files always upgrade correctly now, regardless of the previous Endpoint Security Client version present on the system. This prevents the issue of broken reports on machines that went through a specific upgrade path.          
        • Threat Emulation and Anti-Exploit
          • Anti-Exploit now disables itself if Trend Micro or Mcafee security products are present.
          • Adds the ability to exclude Anti-Exploit detection technologies individually. 
        • Install / Uninstall 
          • Resolves an issue where blue screens can occur after Endpoint Security Clients upgrade without reboot. 
          • Fixes an issue so that a required reboot is now enforced when uninstalling the client.
          • Fixes an issue to execute a required reboot during an upgrade.
        • Localization
          • Fixes missing translations. 
        E80.92 14-Feb-2019 14-Feb-2019 Support Life Cycle Policy
        Show Supported OS
        Win7

        Win8.1.1
        Win10 1703 Enterprise

        Win10 1709

        Win10 1803

        Win10 1809
        Show Upgrade Paths
        E80.64

        and higher
        From Win7/Win 8.1.1/Win10 1703/Win10 1709/Win10 1803 to Win10 1809
        Show supported blades
        Desktop Firewall and Application Control

        Anti-Malware

        Forensics and Anti-Ransomware

        URL Filtering

        Anti-Bot

        Threat Emulation & Anti-Exploit

        Media Encryption and Port Protection

        Full Disk Encryption

        Compliance

        Remote Access VPN (SA/Managed)

        Capsule Docs (SA/Managed)
        Show Supported Management Servers

        R80.20

        R80.20.M2

        R77.30 EP 6.5

        R77.30.03

        R77.30

        R80.10

        R77.20 EP6.2

        Important: This version is no longer supported and is expired as of 1-Jan-2021. Follow instructions in sk171213.
        What's New in E80.92
        This release includes stability and quality fixes. It supports all features of previous releases.

        New Features

        • New consolidated Reputation View in Forensics.
          This view now contains reputation, where available from Threat Cloud for all non-trusted URLs, Domains and Hashes found in the Forensics Analysis.
        • Improved and faster remediation flow in Forensics.
          We have improvements in the performance of remediation when done through a Forensics Report. This includes fixes that report the remediation status at the time of report generation more accurately.
        • Support for multiple logged-in users in Anti-Ransomware.
          We are now able to generate and monitor our honeypot detections if multiple users are logged in simultaneously.
        • Further enhancements to PowerShell obfuscation detection in Behavioral Guard.
          This results in improved detection capabilities.
        • Boot time improvements in Forensics.
          Forensic data storage now occurs well after boot. This improves the time for boot, especially on older drives and on drives with a great deal of file activity during boot.

        Enhancements

        • Anti-Ransomware, Behavioral Guard and Forensics
          • Fixes an issue in Anti-Ransomware honeypot creations during a login for a new user.
          • Fixes an issue where honeypot files were not created for all users in a multi-user system.
          • Fixes an issue on Windows Server editions, where some honeypots were not created when multiple users logged in simultaneously.
          • Improves PowerShell obfuscation detection support in Behavioral Guard.
          • A new consolidated Reputation view is available in the Forensics Report that combines intelligence for all non-trusted URLs, Domains and Files in the report.
          • Improves boot performance by introducing a delay in Forensics data storage during the boot cycle.
          • Hashes for files calculated by Threat Emulation are available for visualization and reputation in the Forensics Report.
          • Extends the Forensics API with hash information so that Threat Emulation and other products always get Reputation, if available in the Forensics Report.
          • Forensics Report Tree views have a new section in Network Operations for processes that are listening on a port for a connection.
          • Processes with invalid signatures now show as suspicious events with invalid signer names available in the Forensics Report. Behavioral Guard also supports rules for invalid signatures.
          • Fixes an issue where the reputation for files that are not processes are updated correctly in the Forensics Report.
          • Fixes a very rare infinite loop that may occur, when the data in the Forensics database is corrupted.
          • Fixes the Virus Total (VT) First Seen date to be the same format as other dates in the Forensics Report.
          • Suspicious Events of a process in the Tree and Tree Time-line views of the Forensics Report now show in the order of severity.
          • Fixes a missing icon for unsigned processes in the Overview and General views of the Forensics Report.
          • Fixes an issue to make triggers on files, with IPs in their path, appear correctly in the Overview view of the Forensics Report.
          • Fixes a visualization issue, where the reputation file size appeared as zero for files with no reputation in the Forensics Report.       
        • Threat Emulation and Anti-Exploit
          • Fixes an issue in Anti-Exploit, where the protection name was not consistently displayed in the client UI and Forensics Reports.
          • Fixes an issue in Anti-Exploit with a specific build version of Internet Explorer not having VBScript God Mode protection enabled correctly.
          • Fixes a slow performance problem in Threat Emulation, when accessing files on a non-local disk.
          • Resolves an issue, where Internet Explorer can freeze when navigating to trusted sites.  
        • Full Disk Encryption 
          • Resolves an issue, where connections through Remote Desktop Protocol (RDP) to a machine with Full Disk Encryption can fail intermittently.
          • Resolves an issue, where Full Disk Encryption, enabled for UEFI BCDBOOT, sometimes experiences a boot loop. 
        • Media Encryption & Port Protection
          • Fixes an issue where Explorer flickers every second, when inserting an encrypted media.
          • Resolves an issue where the "copy" file operation is not logged in some conditions.
          E80.90 31-Dec-2018 31-Dec-2018 Support Life Cycle Policy
          Show Supported OS
          Win7

          Win8.1.1

          Win10 1703

          Win10 1709

          Win10 1803

          Win10 1809
          Show Upgrade Paths
          E80.64

          and higher
          From Win7/Win 8.1.1/Win10 1703/Win10 1709/Win10 1803 to Win10 1809
          Show supported blades
          Desktop Firewall and Application Control

          Anti-Malware

          Forensics and Anti-Ransomware

          URL Filtering

          Anti-Bot

          Threat Emulation & Anti-Exploit

          Media Encryption and Port Protection

          Full Disk Encryption

          Compliance

          Remote Access VPN (SA/Managed)

          Capsule Docs (SA/Managed)
          Show Supported Management Servers

          R80.20

          R80.20.M2

          R77.30 EP 6.5

          R77.30.03

          R77.30

          R80.10

          R77.20 EP6.2

          Important: This version is no longer supported and is expired as of 1-Jan-2021. Follow instructions in sk171213.
          What's New in E80.90
          This release includes stability and quality fixes. It supports all features of previous releases.

          New Features

          • Windows 10 October 2018 Update Support.
          • Windows Server 2019 Support.
          • Enhanced Fileless and Malicious Powershell Detections engine extending Behavioral Guard capabilities.
            • This new engine provides a multi-phase ability to detect malicious PowerShell usage that is unique.
            • Includes full AMSI (Advanced Malware Scan Interface) integration to get, analyze and report decoded scripts.
          • Forensic report overhaul with a new style and enhanced reputation integration.
            • Completely redesigned Overview and General screens.
            • Many small usability and visual enhancements throughout the report.
            • View decoded script content as part of the report itself.
            • See the Enhancements section below for additional information.
          • Forensics now has major performance improvements.
              • There is a major reduction (roughly 50% fewer events) in the amount of data stored. This results in lower IO usage and better performance. 
              • See the enhancements below for the full list of performance enhancements.
            • Forensics Analysis takes on average 20% less time to complete.
              For larger reports the time taken will be further reduced.
              • Stack Pivoting detection was turned on as a new exploit detection technique for Anti-Exploit.
                Stack Pivoting involves trying to create a fake stack from attacker controlled memory.
              • Anti-Exploit now default protects the Equation Editor process.
                This helps to cover the following CVEs:
                • CVE-2017-11882
                • CVE-2018-0802
                • CVE-2018-0812

              Enhancements

              • Anti-Ransomware, Behavioral Guard and Forensics
                • Enhances Behavioral Guard with the ability to perform deep inspections of both behavior and script content of PowerShell and Fileless attacks.
                • Improves Forensic reports with decoded PowerShell scripts from AMSI integration.
                  This feature is only available in Windows 10.
                • Adds many new suspicious events for the Forensic report, including new PowerShell related suspicious events.
                • Fixes a crash occurring when Forensics, Anti-Ransomware and Behavior Guard are processing an existing policy while receiving a new policy.
                • Fixes a rare issue with large continuous CPU utilization when the Forensics service is unable to communicate with the driver.
                • Improves Forensic performance by adding static exclusions for well known file operations.
                  This addition alone can reduce the number of file operations stored by up to 80% on some machines.
                • Improves Forensics performance by adding dynamic exclusions for file operations based on a new heuristic.
                  This can reduce the number of file operations stored by up to 30%.
                • Improves Forensic performance by dynamically excluding registry operations based on a new heuristic.
                  On average, 10% of registry operations are now excluded.
                • Fixes an issue which caused duplication of log events in Forensics.
                • Improves Entry Point calculations across multiple scenarios to be more accurate in the Forensic Report.
                • Fixes a majority of issues where the Entry Point of an attack could be empty.
                  Now there should almost always be an Entry Point.
                • Improves the Forensics report so that Command Prompts (cmd.exe) opened for typing no longer appear in the Forensic report, but may appear in the Entry Point instead.
                • Improves the Forensic Analysis to consider following files in the argument of processes already included as part of the incident.
                • The Forensics report now shows the termination status for every process present in the report.
                • Fixes an issue that could lead to incomplete termination of processes involved in a Ransomware incident.
                • Processes, showing in a report, that are closed at the time of the generation of the report will now correctly show as terminated, even if the remediation policy for termination is disabled.
                • Fixes an issue where some Forensic report icons may be missing when upgrading to E80.89.
                  The icons are now present when upgrading to E80.90.
                • Fixes an issue with the scroll bar not appearing correctly if there are multiple nodes in the Entry Point view of the Forensics Report. 
                • Fixes a Forensics Analysis issue where script processes like PowerShell do not appear in the report when Cmd is involved and the script process is not the trigger.
                • Process arguments and script contents are now encoded in the Forensic reports.
                  This prevents the deletion of the reports by Anti-Viruses looking for specific signatures found in the argument or script content. 
                • Adds support to include the Malware Family from URL reputation if present in the Forensic report.
                • Fixes an issue which could result in the User Name appearing empty in the Forensic Report. 
                • Fixes a visual issue in the Forensic report where the distance between processes could be very large if a process has a lot of lines of text.
                • Updates the default exclusions for Anti-Ransomware.
              • Threat Emulation and Anti-Exploit
                • Anti-Exploit now has an additional exploit prevention technology called stack pivoting.
                • Anti-Exploit now protects Equation Editor from known and unknown exploit attempts.
              • Anti-Bot
                • Fixes a crash when the Anti-Bot database is held by another process in the system.
              • SandBlast Agent Updater
                • Adds support for Static Analysis updates running in parallel to other updates using the Updater.
                  Fixes an issue where the wrong service is restarted when updating two products together.
                E80.89 for Mac 30-Dec-2018 30-Dec-2018 Support Life Cycle Policy
                Show Supported OS
                macOS Mojave (10.14)
                macOS High Sierra (10.13)
                Show Upgrade Paths
                E80.64

                E80.71

                E80.85
                From macOS High Sierra (10.13)/macOS Sierra (10.12)
                Show supported blades
                VPN

                Firewall for desktop security

                Compliance

                Media Encryption

                Native Encryption Management

                Threat Emulation

                Anti-Ransomware

                Capsule Docs
                Show Supported Management Servers

                R80.20

                R77.30.03

                R77.20 EP6.2

                Show Downloads

                Endpoint Security E80.89 Clients


                Platform Package Link
                macOS E80.89 Check Point Endpoint Security Client for macOS (ZIP)
                macOS E80.89 Check Point Endpoint Security Client for macOS (without Capsule Docs and SandBlast Agent) (ZIP)

                Standalone Clients Downloads

                Show / Hide this section
                Note: These Standalone clients do not require Endpoint Security Server installation as part of their deployment.

                E80.89 Standalone Clients

                Platform Package Link
                macOS E80.89 Endpoint Security VPN for macOS - Disc Image (DMG) (DMG)
                E80.89 Endpoint Security VPN for macOS - Automatic Upgrade package (PKG) (PKG)
                E80.89 Endpoint Security VPN for macOS - Signature for automatic upgrade (signature)

                Capsule Docs E80.89 Clients

                Platform Package Link
                macOS E80.89 Capsule Docs Mac Editor (DMG)
                What's New in E80.89 for Mac
                This release adds these new features:

                New Features

                • Support for the Endpoint Security Clients on macOS Mojave (10.14)
                • Support for SandBlast Agent previously only available on the Windows platform:
                  • Threat Emulation - Evasion resistant sandbox technology detects malicious behavior and prevents any imminent attack.
                    As in Windows, the protection is available in 2 levels:
                    • Protection from files written to the file system.
                    • Inspection of files downloaded by Chrome using the Chrome browser extension to prevent malicious files from getting to the file system.
                  • Anti-Ransomware - Detects and quarantines the most evasive Ransomware variants.
                  • Google Chrome Extension with:
                    • Threat Extraction - Reconstructs downloaded file, delivering sanitized risk-free files to users in real time.
                    • Zero Phishing - Blocks deceptive phishing sites and alerts on password reuse in real-time.
                • Full support for macOS 64-bit.
                  • Adds the ability for Remote Access to verify the integrity of the Endpoint Security Management where the Endpoint Security VPN clients connect.
                    This ability exists in the Endpoint Security VPN client for Windows, and is now available for the Endpoint Security client for macOS. See sk108892.

                    Enhancements

                    • Native Encryption Management now supports mobile network users.
                    • Remote Access - Opens the default browser of the machine to register to hotspot.
                    E80.89 09-Dec-2018 09-Dec-2018 Support Life Cycle Policy
                    Show Supported OS
                    Win7

                    Win8.1.1

                    Win10 1703

                    Win10 1709

                    Win10 1803
                    Show Upgrade Paths
                    E80.64

                    E80.65

                    E80.70

                    E80.71

                    E80.72

                    E80.80

                    E80.81

                    E80.82

                    E80.83

                    E80.84

                    E80.85

                    E80.86

                    E80.87

                    E80.88
                    From Win7/Win 8.1.1/Win10 1607/Win10 1703/Win10 1709 to Win10 1803
                    Show supported blades
                    Desktop Firewall and Application Control

                    Anti-Malware

                    Forensics and Anti-Ransomware

                    URL Filtering

                    Anti-Bot

                    Threat Emulation & Anti-Exploit

                    Media Encryption and Port Protection

                    Full Disk Encryption

                    Compliance

                    Remote Access VPN (SA/Managed)

                    Capsule Docs (SA/Managed)
                    Show Supported Management Servers

                    R80.20

                    R80.20.M1

                    R77.30 EP 6.5

                    R77.30.03

                    R77.30

                    R80.10

                    R77.20 EP6.2

                    Important: This version is no longer supported and is expired as of 1-Jan-2021. Follow instructions in sk171213.
                    What's New in E80.89
                    This release includes stability and quality fixes. It supports all features of previous releases.

                    New Features

                    • No Reboot Deployment
                      • Endpoint Security client deployment is now available, without reboots, for the following:
                        • Compliance
                        • Anti-Malware
                        • Firewall and Application Control
                        • Remote Access VPN
                        • URL Filtering
                        • SandBlast Agent Blades
                      • Upgrades from E80.89 to later releases are supported, without reboots, for the following:
                          • Compliance
                          • Firewall and Application Control
                          • Remote Access VPN
                          • URL Filtering
                          • SandBlast Agent Blades
                            Note: Upgrades of some Full Disk Encryption, Media Encryption and Port Protection, Capsule Docs and Anti-Malware versions might require reboot.
                      • Forensics Report
                        • The report has updates and improvements in the overview and general screens. The overview screen now includes additional information such as malware family, attack types and other details. The general screen contains more information about incidents. 
                        • The Tree and Tree Time Line screens also have updated navigational toolbars.
                      • Remote Access Client
                          • Support for Windows 10 October 2018 Update (1809).

                        Enhancements

                        • Anti-Ransomware, Behavioral Guard and Forensics
                          • Forensics reports no longer show Anti-Bot in "Detect" mode as having a "Blocked" status.
                          • Resolves a Forensics Analysis issue when incidents that include the Task Scheduler may add unrelated processes to the Forensics report.
                          • Resolves a Forensics Analysis issue where some "riskware" processes are not properly followed and terminated.
                          • Forensics reports now include the Malware Family Name when available to the reputation section of a process.
                          • Resolves a rare Forensics Analysis issue when an entry point jumps between different browsers incorrectly.
                          • The Forensic report's network view now shows entry point URLs and associated Domains.
                          • Enforces exclusions of Check Point signed process related file activity in the driver to improve Forensics performance.
                        • Threat Emulation and Anti-Exploit
                          • Resolves several cases where Threat Emulation file monitoring locks the file, interfering with other application uses.
                          • Resolves an issue where benign zero phishing logs appear as malicious. 
                        • SandBlast Agent Infrastructure
                          • Resolves an issue of Remediation request ID collisions and the interference in remediation, if multiple requests appear together.
                        • Client Infrastructure
                          • Improves Software Development Status reporting.
                          E80.88 08-Nov-2018 08-Nov-2018 Support Life Cycle Policy
                          Show Supported OS
                          Win7

                          Win8.1.1

                          Win10 1703

                          Win10 1709

                          Win10 1803
                          Show Upgrade Paths
                          E80.64

                          E80.65

                          E80.70

                          E80.71

                          E80.72

                          E80.80

                          E80.81

                          E80.82

                          E80.83

                          E80.84
                          E80.85
                          E80.86
                          E80.87
                          From Win7/Win 8.1.1/Win10 1607/Win10 1703/Win10 1709 to Win10 1803
                          Show supported blades
                          Desktop Firewall and Application Control

                          Anti-Malware

                          Forensics and Anti-Ransomware

                          URL Filtering

                          Anti-Bot

                          Threat Emulation & Anti-Exploit

                          Media Encryption and Port Protection

                          Full Disk Encryption

                          Compliance

                          Remote Access VPN (SA/Managed)

                          Capsule Docs (SA/Managed)
                          Show Supported Management Servers

                          R80.20

                          R80.20.M1

                          R77.30 EP 6.5

                          R77.30.03

                          R77.30

                          R80.10

                          R77.20 EP6.2

                          Important: This version is no longer supported and is expired as of 1-Jan-2021. Follow instructions in sk171213.
                          What's New in E80.88
                          This release includes stability and quality fixes. It supports all features of previous releases.

                          New Feature

                          • Forensic Reports now include URL and domain reputation analyses from Network Operations. A new view for Network Operations is available with this information. Click on Network Events under the Suspicious Activity menu option to access this view.

                          Enhancements

                          • Anti-Ransomware, Behavioral Guard and Forensics
                            • Resolves an issue related to missing buttons on the Remediation Manager User Interface.
                            • Anti-Ransomware, Behavioral Guard and Forensics now default to the most recently used policy, if they have not received a new policy from Management.
                            • Resolves apparent hang in the Forensics report when there is no execution tree to display.
                            • Full Path exclusions now work in Anti-Ransomware. When Anti-Ransomware excludes a process by its full path, it does not exclude other processes with the same name in different paths.
                            • Improves the exclusion of Check Point, Trend Micro and McAfee process activities from Forensics monitoring for better blade performance. 
                            • Resolves the issue of continuous high CPU utilization when a very large Forensics report transmission fails.
                            • Fixes a rare crash in Forensics when resources are scarce during maintenance tasks. 
                          • Threat Emulation and Anti-Exploit
                            • Resolves a file system performance issue in the Threat Emulation blade to prevent delays in file creation or copy on local disks.
                            • Resolves a non-local file access monitoring issue. Threat Emulation now monitors file creation and access on non-local disks, and emulates them, if necessary. 
                            • Fixes a crash in Anti-Exploit protected applications when Control Guard is on in Windows 10.
                          • Full Disk Encryption
                            • Resolves an issue in which Full Disk Encryption failed to synchronize a hostname change.
                            • Resolves an issue for Pre-Boot keyboard functionality on Epson NA512E.
                            • Resolves an issue in which Pre-Boot went into a reboot loop, on some UEFI machines, during disk cache issues. 
                            • Resolves an instability issue of Full Disk Encryption Single-Sign-On functionality on Microsoft Windows 10 1803.
                          • Installation
                            • Resolves upgrade issues when two product lines were shown for Check Point Endpoint Security in Add\Remove Programs, after previously failed upgrades. 
                          E80.87 27-Sep-2018 27-Sep-2018 Support Life Cycle Policy
                          Show Supported OS
                          Win7

                          Win8.1.1

                          Win10 1703

                          Win10 1709

                          Win10 1803
                          Show Upgrade Paths
                          E80.64

                          E80.65

                          E80.70

                          E80.71

                          E80.72

                          E80.80

                          E80.81

                          E80.82

                          E80.83

                          E80.84
                          E80.85
                          E80.86
                          From Win7/Win 8.1.1/Win10 1607/Win10 1703/Win10 1709 to Win10 1803
                          Show supported blades
                          Desktop Firewall and Application Control

                          Anti-Malware

                          Forensics and Anti-Ransomware

                          URL Filtering

                          Anti-Bot

                          Threat Emulation & Anti-Exploit

                          Media Encryption and Port Protection

                          Full Disk Encryption

                          Compliance

                          Remote Access VPN (SA/Managed)

                          Capsule Docs (SA/Managed)
                          Show Supported Management Servers

                          R80.20

                          R80.20.M1

                          R77.30 EP 6.5

                          R77.30.03

                          R77.30

                          R80.10

                          R77.20 EP6.2

                          Important: This version is no longer supported and is expired as of 1-Jan-2021. Follow instructions in sk171213.
                          What's New in E80.87
                              Check Point
                          Endpoint Security E80.87 Windows Clients
                              is now available. It introduces a new unified Threat Prevention log structure. For more information, see
                          sk135432
                              . E80.87 also includes new enhancements.
                          E80.86 22-Aug-2018 22-Aug-2018 Support Life Cycle Policy
                          Show Supported OS
                          Win7

                          Win8.1.1

                          Win10 1703

                          Win10 1709

                          Win10 1803
                          Show Upgrade Paths
                          E80.64

                          E80.65

                          E80.70

                          E80.71

                          E80.72

                          E80.80

                          E80.81

                          E80.82

                          E80.83

                          E80.84
                          E80.85
                          From Win7/Win 8.1.1/Win10 1607/Win10 1703/Win10 1709 to Win10 1803
                          Show supported blades
                          Desktop Firewall and Application Control

                          Anti-Malware

                          Forensics and Anti-Ransomware

                          URL Filtering

                          Anti-Bot

                          Threat Emulation & Anti-Exploit

                          Media Encryption and Port Protection

                          Full Disk Encryption

                          Compliance

                          Remote Access VPN (SA/Managed)

                          Capsule Docs (SA/Managed)
                          Show Supported Management Servers

                          R80.20.M1

                          R77.30 EP 6.5

                          R77.30.03

                          R77.30

                          R80.10

                          R77.20 EP6.2

                          Important: This version is no longer supported and is expired as of 1-Jan-2021. Follow instructions in sk171213.
                          What's New in E80.86
                              Check Point
                          Endpoint Security E80.86 Windows Clients
                              is now available. It introduces a new client for ATMs, For more information, see
                          sk133174
                              . E80.86 also includes new enhancements.
                          E80.85 11-July-2018 11-July-2018 Support Life Cycle Policy
                          Show Supported OS
                          Win7

                          Win8.1.1

                          Win10 1703

                          Win10 1709

                          Win10 1803
                          Show Upgrade Paths
                          E80.65

                          E80.64

                          E80.70

                          E80.71

                          E80.72

                          E80.80

                          E80.81

                          E80.82

                          E80.83

                          E80.84
                          From Win7/Win 8.1.1/Win10 1607/Win10 1703/Win10 1709 to Win10 1803
                          Show supported blades
                          Desktop Firewall and Application Control

                          Anti-Malware

                          Forensics and Anti-Ransomware

                          URL Filtering

                          Anti-Bot

                          Threat Emulation & Anti-Exploit

                          Media Encryption and Port Protection

                          Full Disk Encryption

                          Compliance

                          Remote Access VPN (SA/Managed)

                          Capsule Docs (SA/Managed)
                          Show Supported Management Servers

                          R80.20.M1

                          R77.30 EP 6.5

                          R77.30.03

                          R77.30

                          R80.10

                          R77.20 EP6.2

                          Important: This version is no longer supported and is expired as of 1-Jan-2021. Follow instructions in sk171213.
                          What's New in E80.85

                          This release includes stability and quality fixes. It supports all features of previous releases.

                          New Features

                          • Anti-Malware - A DHS-compliant Anti-Malware engine is available for download, as specified in DHS Binding Operational Directive 17-01. To learn more, and to download the packages, contact Check Point Support.
                          • Behavioral Guard - SandBlast Agent Behavioral Guard is a behavioral detection engine that detects and remediates all forms of malicious behavior. If malicious behavior is detected, a forensics report is generated of the entire attack. The attack can be automatically or manually remediated based on the forensics report. To learn how to configure Behavioral Guard, see sk129892.
                          • Data Collection - SandBlast Agent improves the detection of malicious threats by sending anonymized incident-related data to the Check Point ThreatCloud. It is enabled by default. To learn more about data collection and to find out how to disable it, see sk129753.
                          • Remote Access VPN - Support for Key Storage Providers (KSP) for machine certificates. Support for KSP is enabled by default for machine authentication. If machine authentication is configured on the client and on the Security Gateway, clients can authenticate with machine certificates that use a Key Storage Provider.

                          Enhancements

                          • Full Disk Encryption - Improved logging when enabling or disabling Pre-boot using the fdecontrol.exe utility.
                          E80.84 20-June-2018 20-June-2018 Support Life Cycle Policy
                          Show Supported OS
                          Win7

                          Win8.1.1

                          Win10 1703

                          Win10 1709

                          Win10 1803
                          Show Upgrade Paths
                          E80.65

                          E80.64

                          E80.70

                          E80.71

                          E80.72

                          E80.80

                          E80.81

                          E80.82

                          E80.83
                          From Win7/Win 8.1.1/Win10 1607/Win10 1703/Win10 1709 to Win10 1803
                          Show supported blades
                          Desktop Firewall and Application Control

                          Anti-Malware

                          Forensics and Anti-Ransomware

                          URL Filtering

                          Anti-Bot

                          Threat Emulation & Anti-Exploit

                          Media Encryption and Port Protection

                          Full Disk Encryption

                          Compliance

                          Remote Access VPN (SA/Managed)

                          Capsule Docs (SA/Managed)
                          Show Supported Management Servers

                          R77.30 EP 6.5

                          R77.30.03

                          R77.30

                          R80.10

                          R77.20 EP6.2

                          Important: This version is no longer supported and is expired as of 1-Jan-2021. Follow instructions in sk171213.
                          What's New in E80.84

                          This release supports all Software Blades and features of previous releases.  

                          Enhancements

                          • Full Disk Encryption - It is now possible to uninstall the Endpoint Security Client when it is in one of the following states:
                            • User Acquisition
                            • Waiting for Policy
                            • Deliver Recovery File
                            • Waiting for Restart
                          • Media Encryption - The Add Files window for CDs/DVDs has been redesigned to support high-resolution monitors.


                          E80.83 15-May-2018 15-May-2018 Support Life Cycle Policy
                          Show Supported OS
                          Win7

                          Win8.1.1

                          Win10 1703

                          Win10 1709

                          Win10 1803
                          Show Upgrade Paths
                          E80.65

                          E80.64

                          E80.70

                          E80.71

                          E80.72

                          E80.80

                          E80.81

                          E80.82
                          From Win7/Win 8.1.1/Win10 1607/Win10 1703/Win10 1709 to Win10 1803
                          Show supported blades
                          Desktop Firewall and Application Control

                          Anti-Malware

                          Forensics and Anti-Ransomware

                          URL Filtering

                          Anti-Bot

                          Threat Emulation & Anti-Exploit

                          Media Encryption and Port Protection

                          Full Disk Encryption

                          Compliance

                          Remote Access VPN (SA/Managed)

                          Capsule Docs (SA/Managed)
                          Show Supported Management Servers

                          R77.30 EP 6.5

                          R77.30.03

                          R77.30

                          R80.10

                          R77.20 EP6.2

                          Important: This version is no longer supported and is expired as of 1-Jan-2021. Follow instructions in sk171213.
                          What's New in E80.83

                          This release supports all Software Blades and features of previous releases.  

                          New Features

                          • Support for Windows 10 April 2018 Update (version 1803). 

                          Enhancements

                          • Remote Access VPN - When Secure Domain Logon (SDL) is configured, the Connect window in implicit mode SDL is displayed only when the client has network connectivity.  


                          E80.82 12-Apr-2018 12-Apr-2018 Support Life Cycle Policy
                          Show Supported OS
                          Win7

                          Win8.1.1

                          Win10 1703

                          Win10 1709
                          Show Upgrade Paths
                          E80.65

                          E80.64

                          E80.70

                          E80.71

                          E80.72

                          E80.80

                          E80.81
                          From Win7/Win 8.1.1/Win10 1607/Win10 1703 to Win10 1709
                          Show supported blades
                          Desktop Firewall and Application Control

                          Anti-Malware

                          Forensics and Anti-Ransomware

                          URL Filtering

                          Anti-Bot

                          Threat Emulation & Anti-Exploit

                          Media Encryption and Port Protection

                          Full Disk Encryption

                          Compliance

                          Remote Access VPN (SA/Managed)

                          Capsule Docs (SA/Managed)
                          Show Supported Management Servers

                          R77.30 EP 6.5

                          R77.30.03

                          R77.30

                          R80.10

                          R77.20 EP6.2

                          Important: This version is no longer supported and is expired as of 1-Jan-2021. Follow instructions in sk171213.
                          What's New in E80.82

                          This release supports all Software Blades and features of previous releases.  

                          New Features

                          • Remote Access VPN - Ability to create a VPN site automatically without user interaction using a hyperlink. 
                          • Capsule Docs StandAlone Client - Reboot is not required after the client is upgraded.

                          Enhancements

                          • SandBlast Agent for Browsers - Improved inspection during a simultaneous download of multiple ZIP files.  
                          • Threat Emulation - Improved synchronization of the policy state (Disconnected / Connected).
                          • Anti-Exploit - Improved stability of the Anti-Exploit Blade. It does not attempt to protect browsers that are already protected by third-party Kaspersky Anti-Virus products.


                          E80.81 07-Mar-2018 18-Mar-2018 Support Life Cycle Policy
                          Show Supported OS
                          Win7

                          Win8.1.1

                          Win10 1607

                          Win10 1703
                          Win10 1709
                          Show Upgrade Paths
                          E80.65

                          E80.64

                          E80.70

                          E80.71

                          E80.72

                          E80.80
                          From Win7/Win 8.1.1/Win10 1607/Win10 1703 to Win10 1709
                          Show supported blades
                          Desktop Firewall and Application Control

                          Anti-Malware

                          Forensics and Anti-Ransomware

                          URL Filtering

                          Anti-Bot

                          Threat Emulation & Anti-Exploit

                          Media Encryption and Port Protection

                          Full Disk Encryption

                          Compliance

                          Remote Access VPN (SA/Managed)

                          Capsule Docs (SA/Managed)
                          Show Supported Management Servers

                          R77.30 EP 6.5

                          R77.30.03

                          R77.30

                          R80.10

                          R77.20 EP6.2

                          Important: This version is no longer supported and is expired as of 1-Jan-2021. Follow instructions in sk171213.
                          What's New in E80.81

                          This release supports all Software Blades and features of previous releases.  

                          New Features

                          • Full Disk Encryption - Support for NVMe-based Opal Self Encrypting Drives.
                          • Anti-Exploit - ROP exploit protection for the Firefox browser.

                          Enhancements

                          • Anti-Bot
                            • Improved triggering of the forensics report when the URL contains specific characters.
                          • Anti-Ransomware
                            • Optimization of the size of the backup database.
                            • Reduced the number of false positives by improving the handling of the exclusions policy.
                            • Invalid paths are removed from the exclusions policy.
                            • Honeypot files are deleted after the client is upgraded.
                          • Anti-Exploit
                            • Improved interoperability with Capsule Docs.
                            • Improved compatibility with third-party Microsoft Office add-ins.
                          • SandBlast Agent for Browsers - Web Extension
                            • Improved handling of policy settings that are updated through the Windows registry.


                          E80.80 01-Feb-2018 01-Feb-2018 Support Life Cycle Policy
                          Show Supported OS
                          Win7

                          Win8.1.1

                          Win10 1607

                          Win10 1703
                          Win10 1709
                          Show Upgrade Paths
                          E80.65

                          E80.64

                          E80.70

                          E80.71

                          E80.72
                          From Win7/Win 8.1.1/Win10 1607/Win10 1703 to Win10 1709
                          Show supported blades
                          Desktop Firewall and Application Control

                          Anti-Malware

                          Forensics and Anti-Ransomware

                          URL Filtering

                          Anti-Bot

                          Threat Emulation & Anti-Exploit

                          Media Encryption and Port Protection

                          Full Disk Encryption

                          Compliance

                          Remote Access VPN (SA/Managed)

                          Capsule Docs (SA/Managed)
                          Show Supported Management Servers

                          R77.30 EP 6.5

                          R77.30.03

                          R77.30

                          R80.10

                          R77.20 EP6.2

                          Important: This version is no longer supported and is expired as of 1-Jan-2021. Follow instructions in sk171213.
                          What's New in E80.80

                          This release supports all Software Blades and features of previous releases.  

                          General Client Improvements

                          • Resolved an issue when some third-party products are unable to create or delete network adapters.

                          Firewall and Application Control

                          • Performance improvements when IPv6 traffic is logged.

                          SandBlast Agent

                          • Anti-Ransomware
                            • Exclusions - Improved handling of folder exclusions when an excluded folder does not exist when the policy is applied.
                            • Remediation - Improved handling of quarantine and termination in CloudShare environments.
                          • SandBlast Agent for Browsers - Web Extension
                            • Disabling the Web Extension in Internet Explorer configures the browser to use the Microsoft Download Manager.
                            • Disabling the Web Extension in Chrome does not disable it for all browsers.
                          • Anti-Exploit
                            • Improved handling of Entry Points in the forensics report when there is an Anti-Exploit detection.
                            • Edge and Internet Explorer are prevented from reopening malicious URLs.
                          • Threat Emulation
                            • Improved handling of fallback to ThreatCloud when using a Threat Emulation local appliance.

                          Media Encryption & Port Protection

                          • New design of the windows for encryption and decryption of removable devices that support a high resolution display.
                          • Fixed an issue with encrypting media from a UserCheck pop-up window when a network share is mounted.

                          Capsule Docs

                          • Classification without encryption for PDF files.


                          E80.72 02-Jan-2018 02-Jan-2018 Support Life Cycle Policy
                          Show Supported OS
                          Win7

                          Win8.1.1

                          Win10 1607

                          Win10 1703
                          Win10 1709
                          macOS High Sierra (10.13)*
                          *See sk121595
                          Show Upgrade Paths
                          E80.65

                          E80.64

                          E80.70

                          E80.71
                          From Win7/Win 8.1.1/Win10 1607/Win10 1703 to Win10 1709
                          Show supported blades
                          Desktop Firewall and Application Control

                          Anti-Malware

                          Forensics and Anti-Ransomware

                          URL Filtering

                          Anti-Bot

                          Threat Emulation & Anti-Exploit

                          Media Encryption and Port Protection

                          Full Disk Encryption

                          Compliance

                          Remote Access VPN (SA/Managed)

                          Capsule Docs (SA/Managed)
                          Show Supported Management Servers

                          R77.30 EP 6.5

                          R77.30.03

                          R77.30

                          R80.10

                          R77.20 EP6.2

                          Important: This version is no longer supported and is expired as of 1-Jan-2021. Follow instructions in sk171213.
                          What's New in E80.72

                          This release supports all Software Blades and features of previous releases. There are many quality improvements that add to the stability and resilience of the product.

                          General Endpoint Security Client Enhancements

                          • Client is compatible with the Microsoft January 2018 Patch Tuesday update.
                          • Localization improvements in the client.

                          SandBlast Agent

                          • Anti-Ransomware
                            • Backup - Optimizations of the backup database size for performance improvements.
                            • Restoration - Improved file deletion in the presence of symbolic links.
                            • Restoration - Security strengthening to address the AVGater vulnerability.
                            • Remediation - Improved handling of reputation when the service is offline.
                          • SandBlast Agent for Browsers
                            • Web Extension - Improved handling of file downloads from Dropbox in Internet Explorer.
                            • Zero Phishing - Improved resilience for networking issues that may cause the site to not respond in the first scan.
                          • Anti-Exploit
                            • Improved handling of Edge browser protection when upgrading from Windows 7 to 10.
                            • Forensics reports are now correctly displayed when there is an Anti-Exploit detection.
                          • Threat Emulation - Improved handling of large backup files.
                          • Anti-Bot - Improved handling of disabled policy configuration – Anti-Bot can be enabled even ifit is disabled in the policy.

                          Media Encryption & Port Protection

                          • File delete audit logging works on Windows 10 Build 1703 and higher

                          Remote Access VPN

                          • Ability to add a notification when a user certificate expires.


                          E80.71 30-Nov-2017 30-Nov-2017 Support Life Cycle Policy
                          Show Supported OS
                          Win7

                          Win8.1.1

                          Win10 1607

                          Win10 1703
                          Win10 1709
                          macOS High Sierra (10.13)*
                          *See sk121595
                          Show Upgrade Paths
                          E80.65

                          E80.64

                          E80.70

                          E80.51
                          EP 6.0
                          From Win7/Win 8.1.1/Win10 1607/Win10 1703 to Win10 1709
                          Show supported blades
                          Desktop Firewall and Application Control

                          Anti-Malware

                          Forensics and Anti-Ransomware

                          URL Filtering

                          Anti-Bot

                          Threat Emulation & Anti-Exploit

                          Media Encryption and Port Protection

                          Full Disk Encryption

                          Compliance

                          Remote Access VPN (SA/Managed)

                          Capsule Docs (SA/Managed)
                          Show Supported Management Servers

                          R77.30 EP 6.5

                          R77.30.03

                          R77.30.02

                          R77.30

                          R80.10

                          R77.20 EP6.2

                          Important: This version is no longer supported and is expired as of 1-Jan-2021. Follow instructions in sk171213.
                          What's New in E80.71

                          This release supports all Software Blades and features of previous releases.
                          It adds support for Windows 10 Fall Creators Update (version 1709) and support for new and improved features.

                          In-place OS Upgrade Support

                          For in-place upgrades with the Full Disk Encryption Blade, refer to sk120667

                          General Client Enhancements

                          • UserCheck Ultra HD Screens Support

                          Full Disk Encryption

                          • XTS-AES 128/256-bit encryption for BIOS systems
                          • Allow encryption algorithm change from AES-CBC to XTS-AES with seamless re-encryption, on UEFI-based computers.
                          Note: The XTS-AES encryption options require a management backend that supports them.

                          SandBlast Agent

                          • Anti-Exploit - Detects and prevents exploit based attacks. By default, Anti-Exploit protects web browsers, MS Office applications, Adobe Acrobat Reader and Adobe Flash Player. Anti-Exploit is able to detect and prevent the exploit attempt, before the attack downloads the malware and executes the malicious payload. If configured to prevent mode, on detection, Anti-Exploit will shut down the process being exploited and then will generate a forensics report. Please refer to sk121793.
                          • SandBlast Agent Browser extension was upgraded to a new version and is now also supported on Internet Explorer 11. Please refer to sk108695.

                          Media Encryption & Port Protection

                          • CryptoCore 4.0 support - Improved encryption speed, and a new password protection scheme.
                            Note: Previous Media Encryption versions cannot authenticate with a password on media that is encrypted with the new version. However, Remote Help and Automatic Access do work. The new Media Encryption version opens old and new versions.

                          Remote Access VPN

                          • Machine authentication - Authentication capability for Remote Access clients to authenticate with a machine certificate from the Windows System Store. This requires a Security Gateway version that supports this feature. See sk121173
                          • Device Guard support - the Remote Access clients can be installed on a Microsoft Windows computer with Device Guard enabled.
                          • High DPI support - Support for devices with High-dots-per-inch (DPI) display.
                          See the E80.71 Remote Access Clients Release Notes for more details.


                          Known Limitations

                          E80.70

                          11-May-2017 11-May-2017 Support Life Cycle Policy
                          Show Supported OS
                          Win7

                          Win8.1.1

                          Win10 1511

                          Win10 1607

                          Win10 1703
                          Show Upgrade Paths
                          E80.65

                          E80.64

                          E80.62 HFA1

                          E80.51 EP 6.0
                          From Win7/Win 8.1.1/Win 10 1511/Win 10 1607 to Win10 1703
                          Show supported blades
                          Desktop Firewall and Application Control

                          Anti-Malware

                          Forensics and Anti-Ransomware

                          URL Filtering

                          Anti-Bot

                          Threat Emulation

                          Media Encryption and Port Protection

                          Full Disk Encryption

                          Compliance

                          Remote Access VPN (SA/Managed)

                          Capsule Docs (SA/Managed)
                          Show Supported Management Servers
                          R77.30 EP 6.5

                          R77.30.03

                          R77.30.02

                          R77.30
                          Important: This version is no longer supported and is expired as of 1-Jan-2021. Follow instructions in sk171213.
                          What's New in E80.70

                          This release supports all Software Blades and features of previous releases. It adds support for Windows 10 Creators Update (version 1703) and support for new VPN and improved features.

                          Remote Access VPN

                          New VPN Features
                          • Option to exclude local network traffic when Hub mode (Route all traffic) is configured.
                          • Register to hotspots with the computer's default browser instead of the client?s embedded browser.
                          • Support for Multiple Login Options (from E80.65).
                          For more information about E80.70 Remote Access VPN, see the E80.70 Remote Access VPN Clients for Windows Release Notes.

                          Third Generation OneCheck

                          The Full Disk Encryption OneCheck Logon features are improved to continue to work transparently with new versions of operating systems.

                          SandBlast Agent

                          The SandBlast Web Extension is supported on Internet Explorer 11. While the Web Extension is enabled automatically for Google Chrome, for Internet Explorer it is disabled by default.


                          Known Limitations

                          Documentation
                          Platform Document
                          Endpoint Security Clients
                          Windows E80.70 Endpoint Security Client for Windows User Guide
                          Windows E80.70 Endpoint Security Client for Windows Release Notes
                          Remote Access VPN Clients
                          Windows E80.70 Remote Access Clients for Windows Release Notes
                          Windows E80.70 Remote Access Clients for Windows Administration Guide
                          Capsule Docs Client
                          Windows E80.70 Capsule Docs Plugin User Guide
                          Windows E80.70 Check Point Capsule Docs Viewer User Guide: Get from: Capsule Docs Portal
                          Capsule Docs Bulk Protection Services
                          Windows Capsule Docs Bulk Protection Guide
                          E80.65 19-Feb-2017 19-Feb-2017 Support Life Cycle Policy
                          Show Supported OS
                          Win7

                          Win8.1.1

                          Win10 1511

                          Win10 1607

                          Show Upgrade Paths

                          E80.64

                          E80.62 HFA1

                          E80.61

                          E80.51

                          R73

                          From Win7/Win 8.1.1/Win 10 1511 to Win10 1607
                          Show supported blades
                          Desktop Firewall and Application Control

                          Anti-Malware

                          Forensics and Anti-Ransomware

                          URL Filtering

                          Anti-Bot

                          Threat Emulation

                          Media Encryption and Port Protection

                          Full Disk Encryption

                          Compliance

                          Remote Access VPN (SA/Managed)

                          Capsule Docs (SA/Managed)
                          Show Supported Management Servers

                          R77.30 EP 6.5

                          R77.30.03

                          R77.30.02

                          R77.30

                          Important: This version is no longer supported and is expired as of 1-Jan-2021. Follow instructions in sk171213.
                          What's New in E80.65

                          This release supports all Software Blades and features of previous releases. It includes new SandBlast Agent features and enhancements and support for new VPN features.

                          SandBlast Agent

                          Anti-Ransomware As part of the Forensics blade, Anti-Ransomware constantly monitors files and processes for unusual activity. Before a ransomware attack can encrypt files, Anti-Ransomware backs up files to a safe location. After the attack is stopped, it deletes files involved in the attack and restores the original files from the backup location.
                          Improved Browser Extension The SandBlast Agent Browser Extension protects against malicious files that come from Internet sources. It supports Google Chrome for Threat Emulation, Threat Extraction, and Zero Phishing. The new Zero Phishing feature provides:
                          • Phishing Prevention - Checks different characteristics of a website to make sure that a site does not pretend to be a different site and use personal information maliciously.
                          • Password Reuse Prevention - Alerts users not to use their corporate password in non-corporate domains.
                          Simple Integration with Third Party Anti-Virus Vendors

                          Refer to sk116024 - SandBlast Integration with Third Party Anti-Virus Vendors.

                          Forensics can use information from the Windows Event Log to monitor and analyze malware events from third party anti-virus vendors.
                          • Works with most common vendors without manual configuration.
                          • Events are detected when the client is online or offline.
                          SandBlast Agent Dynamic Updates

                          SandBlast Agent dynamic updates enable stronger security for endpoints, with regular updates to SandBlast Agent files. This keeps clients protected from the latest threats.

                          Remote Access VPN

                          Support for Multiple Login Options and Dynamic ID

                          E80.65 Remote Access VPN clients have the ability to connect to an IPsec VPN gateway that is configured with Multiple Login Options.

                          One of the authentication factors can be Dynamic ID - Users who successfully complete the first-phase authentication can be challenged to provide an additional credential: a Dynamic ID One Time Password (OTP). The OTP is sent by text message or email.

                          The new support requires an R80.10 or higher IPsec VPN gateway.

                          For more information about E80.65 Remote Access VPN, see the E80.65 Remote Access VPN Clients for Windows Release Notes.


                          Known Limitations

                          E80.64 22-Aug-2016 9-May-2017 Support Life Cycle Policy
                          Show Supported OS
                          Win7

                          Win8.1.1

                          Win10 1511

                          Win10 1607

                          macOS Sierra (10.12)
                          Show Upgrade Paths

                          E80.62 HFA1

                          E80.61

                          E80.51

                          R73

                          E80.62 Mac

                          E80.61 Mac

                          FDE 3.4.4 Mac

                          From Win7/Win 8.1.1/Win 10 1511 to Win10 1607
                          Show supported blades
                          Desktop Firewall and Application Control

                          Anti-Malware

                          Forensics and Anti-Ransomware

                          URL Filtering

                          Anti-Bot

                          Threat Emulation

                          Media Encryption and Port Protection

                          Full Disk Encryption

                          Compliance

                          Remote Access VPN (SA/Managed)

                          Capsule Docs (SA/Managed)
                          Show Supported Management Servers

                          R77.30.02

                          R77.30.01

                          R77.30

                          Important: This version is no longer supported and is expired as of 1-Jan-2021. Follow instructions in sk171213.
                          What's New in E80.64

                          This release supports all Software Blades and features of previous releases. It includes new platform support, technologies, and features.

                          SandBlast Agent

                          Show / Hide this section
                          Check Point SandBlast Agent delivers advanced Threat Extraction and Threat Emulation, Forensics, and Anti-Bot to endpoint devices. Refer to SandBlast Agent Product Page.
                          Key Benefits
                          • Defends against multiple attack vectors, including web downloads, external storage devices, lateral movement, or encrypted content.
                          • Quickly delivers safe, sanitized versions of documents without business interruption.
                          • Identifies and contains infected hosts to limit damage and spread of malware.
                          • Continuously collects data about user systems for later forensics use.
                          • Automatically builds actionable forensics reports with important attack information.
                          • Integrates monitoring and investigation of security events through SmartEvent and SmartLog.
                          Key Features
                          • Check Point SandBlast Agent delivers advanced Threat Extraction and Threat Emulation, Forensics, and Anti-Bot to endpoint devices.
                          • Threat Emulation for web downloads and for files copied to the file-system.
                          • Automated Forensic analysis of security events.
                          • Quarantine of infected hosts.
                          • Malware removal based on Forensic analysis.
                          • Threat Extraction for web downloads.

                          Endpoint Core

                          Show / Hide this section
                          • Platforms and Alignment to R77.30 Jumbo Hotfix

                            • Windows 10 Anniversary Update (version 1607) support for Endpoint Security clients.
                            • Endpoint Security Server installation on R77.30 with a dedicated Jumbo Hotfix for Endpoint Security. (This Jumbo hotfix is aligned to Take 143 of the Jumbo Hotfix Accumulator for R77.30.)
                          • Management

                            • New Policies & Reports.
                            • Offline Management Tool for Full Disk Encryption Offline Mode.
                            • Faster synchronization between Endpoint Security Management and Policy Servers.
                            • General performance improvements.
                            • New Client UI look and feel.
                          • Full Disk Encryption

                            • Offline Mode - Provides Endpoint Security client support for computers that are not connected to an Endpoint Security Management Server, with the same level of security as regular deployments. Features include:
                              • Policy management.
                              • Data recovery and Emergency Access.
                              • Logs, Statistics, and Reporting.
                              • New Deployment User type for creating Offline Mode users at preboot.
                            • XTS-AES Encryption on UEFI Systems - Supports new AES algorithms for optimal performance and security:
                              • XTS-AES 128 (2x128) encryption.
                              • XTS-AES 256 (2x256) encryption.
                            • Performance optimizations for disk I/O.
                            • Pre-boot usability improvements.
                          • Media Encryption

                            • Media Encryption Default container size configuration.
                            • Optical Media Scan support.
                          • Capsule Docs

                            • Support for new File Types.
                            • Support for Adobe Acrobat Reader DC.
                            • New Document Expiration feature- Set an expiration date for protected files. After the expiration date, only the author can access the document.
                            • Ability to set, change, and remove protection from Microsoft Office and PDF files with a right-click context menu.
                          • Remote Access VPN

                            • VPN performance enhancements in upload and download paths.
                            • Support for ATM client.
                          • Endpoint Security Clients for macOS

                            • macOS Sierra (10.12) support for the Endpoint Security clients.
                            • VPN support for SHA-256 and Diffie-Helman group 14.
                            • Support for Smart Card authentication in Full Disk Encryption Pre-boot.
                            • New compliance checks for the Endpoint Security Compliance blade:
                              • Check if a computer is in an Active Directory Domain
                              • Check for a Mac OS build number and hotfix number


                          Known Limitations

                          Resolved Issues

                          E80.62

                          E80.62 HFA

                          7-Dec-2015 27-Jun-2016 Support Life Cycle Policy
                          Show Supported OS
                          Win10 10586

                          Win10 10240

                          Win8.1.1

                          Win7

                          Mac OS X 10.11 (El Capitan)
                          Show Upgrade Paths

                          E80.61

                          E80.60

                          E80.51

                          E80.50

                          R73

                          FDE EW 6.3.1

                          VPN E75 and higher

                          FDE 3.4.4 Mac

                          E80.61 Mac

                          E80.60 Mac

                          E80.50.03 Mac

                          From Win7 or Win8.1.1 to Win10 10240, 10586  
                          Show Supported Management Servers

                          R77.30.03

                          R77.30.02

                          R77.30.01 HFA

                          R77.30.01

                          R77.30

                          R77.20.01

                          R77.20

                          Important: This version is no longer supported and is expired as of 1-Jan-2021. Follow instructions in sk171213.
                          What's New in E80.62/R77.30.01 HFA1

                            • Bulk Protection Services

                              Capsule Docs Bulk Protection Services applies protection to documents based on location and properties. The protection is based on your configuration.

                              There are two options to manage Bulk Protection Services:
                              • Content-Aware File Protection for CIFS and NFS-compatible Network Locations - Protection is applied through a network gateway with the DLP Software Blade to files that match specified data types.
                              • File Protection for Windows-based Servers and Workstations - Protection is applied locally and runs on the Windows computer. Continuous monitoring on specific targets is also available to protect new files as soon as they are created. Refer to the Capsule Docs Bulk Protection Guide
                            • Content-Aware Protection for Mail Attachments

                              This feature enables DLP Gateway administrators to set protect action for E-mails:
                              • Seamless experience - Automatic protection based on administrator configuration.
                              • Flexibility - The administrator can allow sending protected documents, and allow or block attachments.
                              • Content Awareness - Different protection settings for different types of data.
                              • Access Control - The authorized user list can include defined users and groups and/or e-mail sender/recipients.
                              • End User Education - UserCheck alerts the user to the organization security policy.
                            • Capsule Docs Development Tools

                              Note: Refer to sk108950 - Capsule Docs Development Tools and SDK
                            • Enhanced Remote Access VPN Client Verification

                              • Verifies the identity of the Endpoint Server that manages the client through the Endpoint Server?s certificate.
                              • Verifies the client?s minimum version.*
                                *For SmartEndpoint-managed Remote Access VPN clients only

                          • Performance improvements and bugs fixes


                          Known Limitations

                          E80.62 / R77.30.01 HFA1 Resolved Issues

                          Documentation
                          E80.61 14-May-2015 14-May-2015 Support Life Cycle Policy
                          Show Supported OS
                          Win8.1

                          Win8

                          Win7

                          WinXP
                          Show Upgrade Paths

                          E80.60

                          E80.60 Mac

                          E80.51

                          E80.50.03 Mac

                          E80.50

                          E80.50 Mac

                          E80.42

                          E80.42 Mac

                          E80.41

                          E80.41 Mac

                          E80.40

                          R73

                          FDE EW 6.3.1

                          VPN E75 and higher

                          FDE 3.4.4

                             
                          Show Supported Management Servers
                          R77.30.03

                          R77.30.02

                          R77.30.01 HFA

                          R77.30.01

                          R77.20.01

                          Important: This version is no longer supported and is expired as of 1-Jan-2021. Follow instructions in sk171213.
                          What's New in E80.61

                          User and Device Management (UDM)

                          UDM is a web based application that manages a range of user and device related tasks in an organization. A typical user accesses organizational resources from multiple devices: computers, laptops, smartphones, and tablets. UDM provides a unified environment for managing various user and device related tasks, such as provisioning, transparency of access via SmartLog logs, viewing user and device details, certificate management, AD user management, and FDE password recovery (for Endpoint Security clients).

                          With UDM, security administrators can delegate user and device management tasks to Help Desk administrators. This delegation of responsibilities lets the network security team handle security policy issues and the Help Desk team manage some user access tasks.

                          UDM includes:

                          • Remote Access certificate management
                            • Manage, create, and revoke user certificates for remote access.
                            • Use email templates to send information to users on how to connect remotely from their devices.
                          • Integration with Active Directory
                            • See all users in the organization and the devices they are using to connect to organizational resources.
                            • Change the status of Active Directory users when necessary (expired, disabled, or locked).
                            • Manage Active Directory user groups.
                          • Integration with SmartLog
                            • See user login and activity logs.
                            • Search and filter logs for a specified user.
                            • See if a device is connected or disconnected.
                          • Integration with Endpoint Security Server
                            • See activity of users and devices.
                            • Use Full Disk Encryption password recovery.
                            • Active Directory integration.
                          • Integration with Capsule Cloud
                            • See logs of Capsule Cloud users.
                            • Send new registration codes to users.
                          • Full Disk Encryption

                            • TPM support for version 1.2 and 2.0.
                            • Support for Active Directory groups in Pre-boot.
                          • Mobile Access Blade

                            • Simple and comprehensive mobile/remote access solution that delivers exceptional operational efficiency.
                            • Allows mobile and remote workers to connect easily and securely from any location, with any Internet device to critical resources while protecting networks and endpoint computers from threats.
                            • Data transmitted by remote access is decrypted and then filtered and inspected in real time by Check Point?s award-winning gateway security services such as Anti-Virus, Intrusion Prevention and Web Security.
                            • Includes in-depth authentications, and the ability to check the security posture of the remote device. This further strengthens the security for remote access.

                            The Mobile Access Blade is available in its latest versions in R77.20 (sk101208).

                          • Endpoint Security Client for Mac

                            This release adds these new features:
                            • Support for the Endpoint Security client on Mac OS X 10.10 Yosemite.
                            • Support for the Media Encryption Offline Access utility on Mac OS X 10.10 Yosemite.
                            Features:
                            • From E80.60: New Capsule Docs Software Blade (alpha) for Mac
                              • Compatibility with both Check Point On-Premises deployment and Cloud Deployment
                              • Enhanced rendering capabilities
                              • Support unprotecting a document based on user permissions
                            • From R77.20 (and higher): Full Disk Encryption Software Blade new features
                              • Dynamic Tokens
                              • Remote Help Response Length

                            Full Disk Encryption support for In-place major OS upgrade (until September, 2015, this is available only as EA, see sk106668.)

                          • Remote Access VPN

                            • Remote Access Clients for Windows
                              • Improved stability, and bug fixes.
                              • Configure password complexity requirements in the VPN Configuration Utility.
                            • Endpoint Security VPN for Mac
                              • Improved stability, and bug fixes.


                          Known Limitations

                          Documentation
                          E80.60 28-Oct-2014 28-Oct-2014 Support Life Cycle Policy
                          Show Supported OS
                          Win8.1

                          Win8

                          Win7

                          WinXP
                          Show Upgrade Paths

                          E80.51

                          E80.50

                          E80.50 Mac

                          E80.42

                          E80.42 Mac

                          E80.41

                          E80.41 Mac

                          E80.40

                          R73

                          FDE EW 6.3.1

                          VPN E75 and higher

                          FDE 3.4.4

                             
                          Show Supported Management Servers

                          R77.30.01 HFA

                          R77.30.01

                          R77.20.01

                          R77 with E80.60

                          Show Downloads

                          Endpoint Security E80.60 Clients

                          Platform Description Download Link
                          Windows Endpoint Security E80.60 Clients (ZIP)
                          Mac E80.60 Endpoint Security Client on Mac (ZIP)

                          Remote Access VPN E80.60 Clients Downloads

                          Note: In order to download some of the packages you will need to have a Software Subscription or Active Support plan.

                          Platform Description Download Link
                          Windows Remote Access Clients E80.60 msi file (MSI)
                          Remote Access Clients E80.60 Automatic Upgrade file (CAB)
                          Remote Access Clients E80.60 for ATM msi file (MSI)
                          Remote Access Clients E80.60 Automatic Upgrade file for ATM (CAB) (CAB)
                          Mac Endpoint Security VPN for Mac E80.60 - Disc Image (DMG) (DMG)
                          Endpoint Security VPN for Mac E80.60 - Installation package (PKG) (PKG)
                          Endpoint Security VPN for Mac E80.60 - Signature for automatic upgrade (signature) (signature)

                          Check Point Capsule Docs

                          Description Download Link
                          Endpoint Security E80.60 Clients (ZIP)
                          Capsule Docs Standalone Client (EXE)
                          Capsule Docs PC Viewer (EXE)
                          Capsule Docs Proxy (R77.10) (TGZ)
                          Capsule Docs Proxy (R77.20) (TGZ)
                          What?s New in E80.60

                          What's New in Endpoint Security Clients

                          Check Point Capsule Docs

                          The Check Point Capsule Docs Software Blade, managed by an on-premise Security Management Server, lets organizations protect and share documents safely within the organization and with business partners, and manage the organizational Check Point Capsule Docs policy, monitoring, and deployment through SmartEndpoint.

                          The Check Point Capsule Docs Software Blade comes integrated with the Endpoint Security on Microsoft Windows computers. There is also a non-managed Check Point Capsule Docs plugin for supported applications, and the Check Point Capsule Docs Viewer. The Viewer does not require administrative privileges or the installation of Microsoft Office or Adobe Acrobat Reader, and gives read-only access to protected documents. The Check Point Capsule Docs plugin, which is mainly for the external users, and the Check Point Capsule Docs Software Blade give full editing capabilities and these benefits:

                          Control the parties that can access the data

                          • Restrict access to individuals, groups or entire organizations
                          • Use granular Classification model to assign different permissions for internal and external users
                          • Control data distribution (Forward, Copy/Paste, Print)
                          • Choose contacts from your Outlook address book with whom you usually communicate
                          • Prevent unintentional data loss with the help of UserCheck

                          Protect data stored on untrusted servers and shared via untrusted channels

                          • Each protected document remains protected even on untrusted servers
                          • Prevent forwarding to unauthorized parties
                          • Secure all created documents automatically

                          See full audit trail for data access

                          • All actions on protected documents are logged and are available through SmartView Tracker and SmartLog
                          • Follow paper trail for a single document
                          • Audit distribution patterns for documents in an organization
                          • Monitor access by external parties

                          Access protected documents easily from your platform of choice

                          • Seamless integration with Microsoft Office and Adobe Acrobat on Windows platforms
                          • Lightweight Windows Viewer that does not require administrative privileges or Microsoft Office or Adobe Acrobat clients installed
                          • Lightweight flexible viewer for Mac OS X
                          • Access protected documents from proprietary Apps on Android, and iOS mobile devices

                          Full Integration with Organizational Active Directory

                          • Users that are defined in the Active Directory are automatically provisioned to use Check Point Capsule Docs
                          • User's Active Directory account authentication is sufficient to access relevant protected documents
                          • Customize Document Security policy for different Users, Organizational Units and Groups

                          Capsule Docs Proxy

                          • Allows accessing protected documents managed with the on-premise Security Management Server for users outside of the organizational network.
                          • Provides secured connectivity, leveraging HTTP security and IPS inspection on a hardened Gaia operating system.
                          • Built on top of Check Point Mobile Access Blade.
                          • Delivered as a Hotfix on top of R77.10 and on top of R77.20.

                          Check Point Capsule Docs encrypts documents to protect them from unauthorized access. It protects users from unintentional data leaks. It is not possible to prevent all intentional violations made by malicious authorized users and this is not the goal of Check Point Capsule Docs.

                          URL Filtering

                          The Check Point Endpoint URL Filtering Software Blade lets an organization control access to web sites by category, user or group. This way it improves network security and enhances user productivity.

                          User Check technology empowers and educates Endpoint users on web usage policy in real time.

                          The Endpoint URL Filtering Software Blade has these benefits:

                          • Lets you utilize a database of over 200 million websites, updated in real-time
                          • Lets you choose from 64 predefined content categories or create custom categories and URL families
                          • Works inside and outside of the organization - policy is enforced on the client
                          • Does unified management - lets the administrator configure one Rule Base in SmartDashboard for an Endpoint and a Gateway policy
                          • Does unified log reporting through SmartLog
                          • Uses Identity Awareness - lets the administrator grant, limit, or block user access, group access, or access from specific machines to individual web sites or categories of web sites
                          • Fully integrates the organization's Active Directory
                          • Utilizes SSL Inspection

                          Supported Features for Endpoint Security URL Filtering

                          URL Filtering in Endpoint Security supports most features of URL Filtering from SmartDashboard. See the R77 Application Control and URL Filtering Administration Guide.

                          Anti-Bot

                          The Anti-Bot Software Blade:

                          • Uses the ThreatCloud repository to receive updates, and queries it for classification of unidentified IP, URL, and DNS resources.
                          • Prevents damage by blocking bot communication to C&C sites and makes sure that no sensitive information is stolen or sent out of the organization.
                          The Endpoint Anti-Bot blade uses these procedures to identify bot infected computers:
                          • Identify the C&C addresses used by criminals to control bots.
                          • These web sites are constantly changing and new sites are added on an hourly basis. Bots can attempt to connect to thousands of potentially dangerous sites. It is a challenge to know which sites are legitimate and which are not.
                          Check Point uses the ThreatCloud repository to find bots based on these procedures.

                          The ThreatCloud repository contains more than 250 million addresses that were analyzed for bot discovery and more than 2,000 different botnet communication patterns. The ThreatSpect engine uses this information to classify bots and viruses.

                          The Endpoint Anti-Bot blade gets reputation updates from the ThreatCloud repository. It can query the cloud for new, unclassified URL/DNS resources that it finds.

                          Media Encryption & Port Protection

                          This release adds NTFS file system support for encrypted storage devices. NTFS file system lets you encrypt files over 4GB.

                          Notes:

                          • Check Point Media Encryption Offline Utility lets you access NTFS encrypted storage devices on non-managed MS Windows computers in admin mode.
                          • Apple Mac computers do not by default support the NTFS file system. To make an encrypted storage device accessible on a Mac computer, format it as a FAT32.
                          • To create encrypted NTFS storage on a Windows 7 computer, you must first install SP1 on it.

                          Forensics

                          The Check Point Endpoint Forensics Software Blade monitors files and the registry for suspicious processes and network activity. When the Anti-Malware or the Anti-Bot Client Software Blade, or the Check Point Gateway Software Blade detects an attack, the Check Point Endpoint Forensics Software Blade analyzes the attack, and uploads the complete attack report to the Endpoint Security Management Server.

                          Note: The Check Point Endpoint Forensics Software Blade is not supported on Microsoft Windows XP operating system.

                          Full Disk Encryption Features

                          This release adds support for these features:

                          • Use of TPM to measure integrity of Pre-boot components.
                          • Password synchronization between the OS and Pre-boot after Remote Help.

                          Remote Access VPN

                          For new features in the Remote Access VPN blade and standalone Remote Access Clients see
                          What's New in Remote Access VPN E80.60 Clients

                          For more information about E80.60, refer to Endpoint Security Client E80.60 Known Limitations.

                          Supplemental Software

                          Mobile Access Blade

                          • Simple and comprehensive mobile/remote access solution that delivers exceptional operational efficiency.
                          • Allows mobile and remote workers to connect easily and securely from any location, with any Internet device to critical resources while protecting networks and endpoint computers from threats.
                          • Data transmitted by remote access is decrypted and then filtered and inspected in real time by Check Point?s award-winning gateway security services such as antivirus, intrusion prevention and web security.
                          • Includes in-depth authentications, and the ability to check the security posture of the remote device. This further strengthens the security for remote access.
                          The Mobile Access Blade is available in its latest versions in R77.10 (sk97617) and R77.20 (sk101208)

                          User and Device Management

                          • Helps organizations roll out Check Point Capsule to users.
                          • Provides Remote Access certificate management for organizational Active Directory users.
                          • Provides visibility of organizational Active Directory users and the devices they use to connect.
                          • Leveraging SmartLog for user login and activity logs, including filtering capabilities.
                          • Provides Integration with Endpoint Security Server for Full Disk Encryption password recovery.
                          User and Device Management is available via sk101672.

                          What's New in Remote Access VPN E80.60 Clients

                          • SHA-256 (SHA-2) IPSEC support for Remote Access (Windows) Clients Data Integrity encryption
                          • Certificate Enhancements:

                            • Display the Friendly Name for a certificate
                            • Filter certificates according to the Enhanced Key Usage attribute (certificates without client authentication are not shown)
                            • Choose not to show expired certificates in the certificate selection list
                          • Automatic upgrades from the gateway with a customized package
                          • Support for the visually impaired with MSAA (Microsoft active accessibility component) integration
                          • Ability to close open session before you make configuration changes
                          • Improved server certificate verification for less browser warnings
                          • Added support for Certificate Subject Alternative Name (DNS entries only) as part of certificate verification (previously only based on CN)
                          • Policy Compression for gateways that support it, to enable policy compression for faster topology download
                          • UTF-8 support in all user input fields (user names, passwords, CN). P12 certificate paths still must have only ASCII characters.
                          • Dual hotspot detection mechanism.
                          • Hotspot registration and mini-browser in Endpoint Security Suite (was previously in Standalone client only).
                          • Improved stability, and bug fixes.


                          Known Limitations

                          Documentation

                          Endpoint Security E80.60 Clients

                          Platform Description Documentation
                          Windows Endpoint Security E80.60 Clients (Release Notes)
                            E80.60 Endpoint Security Client on Windows User Guide (User Guide)
                            E80.60 Endpoint Security Administration Guide (Administration Guide)
                          Mac E80.60 Endpoint Security Client on Mac

                          (User Guide)


                          Remote Access VPN E80.60 Clients Documentation

                          Platform Description Documentation
                          Windows Remote Access Clients E80.60 msi file (Release Notes)
                          Remote Access Clients E80.60 Automatic Upgrade file (Release Notes)
                          Remote Access Clients E80.60 for ATM msi file (Release Notes)
                          Remote Access Clients E80.60 Automatic Upgrade file for ATM (CAB) (Release Notes)
                          E80.60 Remote Access Clients for Windows Administration Guide (Admin Guide)
                          Mac Endpoint Security VPN for Mac E80.60 - Disc Image (DMG) (Release Notes)
                          Endpoint Security VPN for Mac E80.60 - Installation package (PKG) (Release Notes)
                          Endpoint Security VPN for Mac E80.60 - Signature for automatic upgrade (signature) (Release Notes)
                          E80.60 Endpoint Security VPN for Mac Administration Guide (Admin Guide)

                          Check Point Capsule Docs

                          Description Documentation
                          Endpoint Security E80.60 Clients (Release Notes)
                          E80.60 Check Point Capsule Docs Plugin User Guide (User Guide)
                          E80.60 Check Point Capsule Docs Viewer User Guide (User Guide)
                          E80.51 23-Jul-2014 23-Jul-2014 Support Life Cycle Policy
                          Show Supported OS
                          Win8.1

                          Win8

                          Win7

                          Win Vista

                          WinXP
                          Show Upgrade Paths

                          E80.50

                          E80.42

                          E80.42 Mac

                          E80.41

                          E80.41 Mac

                          E80.40

                          E80.32

                          E80.3x

                          R73

                          FDE EW 6.3.1

                          VPN E75 and higher

                          FDE 3.4.4

                          From Win8 to Win8.1  
                          Show Supported Management Servers

                          R80

                          R77.30.03

                          R77.30.02

                          R77.30.01 HFA

                          R77.30.01

                          R77.30

                          R77.20.01

                          R77.20

                          R77.10

                          R77 with E80.60

                          R77

                             
                          This solution is about products that are no longer supported and it will not be updated

                          Give us Feedback
                          Please rate this document
                          [1=Worst,5=Best]
                          Comment