Support Center > Search Results > SecureKnowledge Details
Enterprise Endpoint Security E86.40 Windows Clients Technical Level
Solution
  • New Features
  • In a Nutshell
  • Resolved Issues and Enhancements
  • Endpoint Security Clients Downloads
  • Standalone Clients Downloads
  • Endpoint Security Server Downloads
  • Management Console Downloads
  • Utilities/Services Downloads
  • Documentation and Related SecureKnowledge Articles

Notes:

  • See Endpoint Security Homepage.
  • To support SmartLog or SmartView Tracker reporting with Endpoint Security Clients for all supported servers (except R80.20 and higher), you must update the log schema. Follow instructions in sk106662.
  • Starting from E80.85, anonymized incident related data is sent to Check Point ThreatCloud, by default. See sk129753.
  • This release includes all limitations of earlier releases unless explicitly shown as resolved.

Click Here to Show the Entire Article

List of New Features in E86.40

Show / Hide this section

ID Description
General
EPS-39243 Endpoint Client now supports new Push Operations: creating and deleting a VPN site and registry key or value, collecting processes information from the client machine, and moving or deleting a file on the client machine.
EPS-39851 Endpoint Client now supports turning ON/OFF admin-enabled capabilities.
EPS-42902 Harmony Endpoint now supports multi-users in Windows environments. The solution includes Microsoft Terminal Servers (RDS), Citrix Virtual Apps (XenApp), and VMware Horizon Apps. See also sk176939 or the Harmony Endpoint Administration Guide.


In a Nutshell

Item Description Download Link
Managed Client E86.40 Endpoint Security Clients for Windows OS (ZIP)
E86.40 Endpoint Security Clients for Windows OS - Dynamic package (EXE)
VPN Standalone Client E86.40 Remote Access Clients for Windows (MSI)
Capsule Docs E86.40 Capsule Docs Standalone Client (EXE)
Documentation E86.40 Endpoint Security Client for Windows Release Notes
sk164896 - Video: How to deploy and upgrade Endpoint Security Client?

List of Resolved Issues and Enhancements in E86.40

Show / Hide this section

Enter the string to filter the below table:

ID Description
General
EPS-41202 Watchdog consumes high CPU resources on Windows server.
EPS-39475 The password generation algorithm for the super node is 128 characters, instead of the default 14 characters. 
DA
EPS-39435 In a rare scenario, when used for a long time without doing updates, Window 7 machines lose network connection after upgrading to Endpoint Security version E86.25.
Firewall and Application Control
EPS-37741 In a rare scenario, a machine gets BSOD caused by a Firewall driver during a high traffic condition.
EPS-35565 When using the "Shutdown Network Protection" feature, IPv6 traffic is not enabled.
EPS-32564 In a rare scenario, the Application Control process ("Vsmon") consumes overly high CPU resources.
Anti-Malware
EPS-39109 Anti-Malware signatures do not download to the Shared Signature folder if the folder already exists. This is relevant to only a VDI non-persistent environment.
EPS-39068 Enhancement: The Anti-Malware scheduled and initial scans are now only done when the machine is idle.
EPS-33277 Enhancement: Added a new log entry to show a failure to restore a quarantined file.
User Interface
EPS-40414 Enhancement: In the new user interface, the administrator can allow the user to enable and disable blades.
EPS-40210 Enhancement: A memory use reduction mechanism is now in place, which reduces RAM consumption when the user closes the user interface window.
EPS-39074 Enhancement: Push Operation Status Description looks unclear or similar to Chinese characters.
EPS-35458 After an upgrade, all blades fail to run in the user interface.
EPS-38221 Full Disk Encryption is displayed as OFF on the user interface if disabled by the administrator.
EPS-38809 When a user starts a scan, he can pause it and log out. Then a different user logs in, but the user interface is stuck on the first scan and cannot end it.
EPS-39192 In a rare scenario, an upgrade of Endpoint Security Client results in a missing tray icon.
EPS-42253 If allowed by the administrator, users are now able to permanently disable (turn off) network protection on their computers in the new UI.
VPN
EPS-41664 Endpoint Client repair initiated by local user fails to repair VPN.
Media Encryption and Port Protection
EPS-31805 The volume name and lock icon are missing on Media Encryption & Port Protection encrypted volume.
EPS-38962 Enhancement: Integration with SASA Gatescanner Desktop in the Media Encryption and Port Protection authorization scanning feature, see sk178766.
EPS-39788 In some scenarios, in Windows 7 and early versions of Windows 10, the peripheral device name is reported to the server with garbage characters.
Web Extension
AHTP-21711 An exclusion by Secure Hash Algorithm 1 (SHA1) now affects the browser extension's file download protection. When an excluded file is downloaded, the browser extension skips its inspection and downloads it immediately, without emulation or extraction.
File Reputation
AHTP-24387 Enhancement: Improved the Anti-Bot blade's reputation mechanism.
Host Threat Prevention
AHTP-24906 Fix for CVE-2022-23742: Check Point Endpoint Security Client for Windows versions earlier than  E86.40 copy files for forensics reports from a directory with low privileges. An attacker can replace those files with malicious or linked content, such as exploiting CVE-2020-0896 on unpatched systems or using symbolic links. See sk179132.


Endpoint Security Client Downloads

Show / Hide this section
  • Starting from E80.85, Harmony Endpoint improves coverage of malicious threats by sending anonymized Incident related data to the Check Point Threat Cloud. This feature is turned on by default. For more information, including how to disable this feature, refer to sk129753.
  • To support SmartLog or SmartView Tracker reporting with Endpoint Security Clients for all supported servers (except R80.20), you must update the log schema. Follow instructions in sk106662.

Endpoint Security E86.40 Clients

Platform Package Description Links
Windows
Endpoint Security Clients for Windows OS - Dynamic package (Recommended, with R80.40 and higher):
Complete Endpoint Security Client for any CPU (32bit or 64bit). This is a self-extracting executable EXE file with all components (Blades) to be used as Dynamic package with R80.40 and higher.
(EXE)
Initial client:
Initial client is a very thin client without any blade used for software deployment purposes.
(ZIP)
Package Description 32bit 64bit
A package that includes Endpoint Complete package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)  (ZIP)
A package that includes Endpoint Complete package with the exception of Anti-Malware:
  • Desktop FW and Application Control
  • Forensics and Anti-Ransomware
  • URL Filtering
  • Anti-Bot
  • Threat Emulation
  • Media Encryption and Port Protection
  • Full Disk Encryption
  • Compliance
  • Remote Access VPN
  • Capsule Docs 
(ZIP)  (ZIP)
Harmony Endpoint package:
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
(ZIP)  (ZIP)
Full Disk Encryption and Media Encryption and Port Protection package:
Full Disk Encryption and Media Encryption and Port Protection package.
 (ZIP)  (ZIP)
Threat Prevention package:
  • Desktop FW and Application Control
  • Anti-Malware
  • Forensics and Anti-Ransomware
  • Anti-Bot
  • Threat Emulation
  • Compliance
(ZIP) (ZIP)
Package Description Links
Endpoint Security Clients for Windows OS - Full:
A zip file that contains all package permutations listed above (excluding Dynamic package and Initial client)
(ZIP)

Standalone Clients Downloads

Show / Hide this section
Note: These Standalone clients do not require Endpoint Security Server installation as part of their deployment.

Endpoint Security E86.40 Clients

Platform Package Description Link
Windows Remote Access Clients for Windows Remote Access VPN Client for SmartDashboard-managed clients (MSI)
Remote Access VPN Clients - Automatic Upgrade file Remote Access VPN Client for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
Remote Access VPN Clients for ATM Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface. (MSI)
Remote Access VPN Clients for ATM - Automatic Upgrade file Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface for automatic upgrade through the gateway. For SmartDashboard-managed clients only. (CAB)
Capsule Docs Standalone Client Capsule Docs package for environments that are managed by Capsule Docs Cloud Service. (EXE)
Capsule Docs PC Viewer Check Point Capsule Docs Viewer is a stand-alone client that lets you view documents that were protected through Capsule Docs. Get from: Capsule Docs Portal

Endpoint Security Server Downloads 

Show / Hide this section
Endpoint Security Server Package Link
R81.10 Endpoint Security Server R81.10 sk170416
R81  Endpoint Security Server R81 sk166715
R80.40  Endpoint Security Server R80.40 sk160736
R80.30  Endpoint Security Server R80.30 sk144293

Management Console Downloads

Show / Hide this section

Management Console for Endpoint Security Server

The SmartConsole for Endpoint Security Server allows the Administrator to connect to the Endpoint Security Server and to manage the new Endpoint Security Software Blades.

Latest Versions

Endpoint Security Server Package Link
R81.10 SmartConsole for Endpoint Security Server R81.10  sk175188
R81  SmartConsole for Endpoint Security Server R81  sk170116
R80.40  SmartConsole for Endpoint Security Server R80.40  sk165473

Previous Versions

Endpoint Security Server Package Link
R80.30  SmartConsole for Endpoint Security Server R80.30 sk153153
R80.20  SmartConsole for Endpoint Security Server R80.20 sk137593
R77.30.03  SmartConsole for Endpoint Security Server R77.30.03 / E86.30 and higher (EXE)
R77.30  SmartConsole for Endpoint Security Server R77.30 / E86.30 and higher (EXE)
R80.10  SmartConsole for Endpoint Security Server R80.10 sk119612
R77.30 EP6.5  SmartConsole for Endpoint Security Server R77.30 EP6.5 / E86.30 and higher  (EXE)
R77.20 EP6.2 SmartConsole for Endpoint Security Server R77.20 EP6.2 / E86.30 and higher (EXE)
Note: The above packages include the Recovery Image of version 86.8.62.6

Utilities/Services Downloads

Show / Hide this section
Utilities

Platform Package Description Link
Windows Harmony Endpoint Remediation Manager for Administrators

The administrator utility contains the capabilities of the end-user utility plus these additional features:

  • Quarantine - Send files to quarantine. 
  • Delete - Use the Harmony Endpoint remediation service to delete a file. 
  • Import - Import a quarantined file from a different computer or location. Get the administrator utility from the release homepage
(EXE)
Capsule Docs Bulk Protection Services for Windows-based Servers and Workstations Capsule Docs Bulk Protection lets you manage file protection settings based on file locations and properties.  (EXE)
R77.30 DLP Gateway HF for Content-aware Capsule Docs protection (Mail attachments / Network locations)   (TGZ)

For more information about Capsule Docs Bulk Protection, refer to Capsule Docs Bulk Protection Services Reference Guide.

Full Disk Encryption Offline Management Tool

Platform Package Description Link
Windows Full Disk Encryption Offline Management Tool The Endpoint Offline Management Tool lets administrators manage offline mode users and give them password recovery and disk recovery. (TGZ)

Known Limitations

Show / Hide this section
Issue ID Description
EPS-42631 If you use a modern UI, then when you try to override the encryption policy, through the “User Check” and click “More Options”, the UI does not display the justification screen and the explorer window stops responding.
Show / Hide this section
Document
Endpoint Security Server
R81.10 Release Notes
Harmony Endpoint Server R81.10 Administration Guide
Harmony Endpoint Web Management R81.10 Administration Guide
R81 Release Notes
Harmony Endpoint Server R81 Administration Guide
Harmony Endpoint Web Management R81 Administration Guide
R80.40 Release Notes
Endpoint Security R80.40 Administration Guide
R80.30 Release Notes 
Endpoint Security R80.30 Administration Guide
Endpoint Security Clients
Endpoint Security Client for Windows User Guide
Endpoint Security Client for Windows E86.40 Release Notes
sk164896 - Video: How to deploy and upgrade Endpoint Security Client?
Remote Access VPN Clients
Remote Access Clients for Windows E86.40 Release Notes
Remote Access Clients for Windows Administration Guide
Capsule Docs Client
Capsule Docs Plugin E80.72 and Higher
Check Point Capsule Docs Viewer User Guide: Get from: Capsule Docs Portal

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment