Table of Contents
-
What's New in Remote Access Clients E75.20
-
Remote Access Clients E75.20 Downloads
-
Licensing
-
Remote Access Clients E75.20 Documentation
What's New in Remote Access Clients E75.20
The release of Endpoint Security VPN R75 introduced the Next Generation of SecureClient, including 64-bit support. This release, E75.20 Remote Access Clients, adds new features.
This section covers what's new in this release.
Secondary Connect
This feature provides access to multiple VPN gateways at the same time, to transparently connect to distributed resources.
- Connections to Distributed Networks: End-users can connect once and get transparent access to resources, regardless of their location. Tunnels are created dynamically, as needed, based on the destination of actual traffic.
- Enhanced Network Performance: Traffic flows directly from the endpoint user to the gateway, without site-to-site communication.
- Network Simplification: VPN tunnels and routing parameters are automatically taken from the network topology and destination server IP address.
- Seamless Upgrade from SecureClient: This release is compatible with legacy SecureClient settings. This unique feature is available only with Check Point VPN.
In an environment with Secondary Connect, the gateway that the client first authenticates to, is the Primary gateway. A gateway that the client connects to, through a secondary VPN, is a Secondary gateway. The Primary gateway must have the Secondary Connect Hotfix installed. See sk65312 - Enabling Secondary Connect for Remote Access Clients E75.20.
Third Party SCV Checks
This release supports SCV checks created by third party vendors, using the Remote Access Clients E75.20 SCV SDK. After installation, you can use these SCV checks in your SCV policies.
Note: Before using the Remote Access Clients SCV SDK, we strongly recommend that you read the Remote Access Clients SCV SDK Documentation.
Customized Initial Firewall Policy
A predefined desktop firewall policy can be attached to a client installation package. This policy is enforced when the client is installed.
Endpoint Security VPN for Unattended Machines
Endpoint Security VPN can be installed and managed locally on unattended machines, such as ATMs. Unattended clients are managed with CLI and API and do not have a User Interface.
Improved Remote Access Clients E75.20 API
The Remote Access Clients E75.20 API was changed in this version. It includes many improvements and backward compatibility support for future releases. Before using the API, read the Readme.txt inside the zip file.
Note: Before using the Remote Access Clients E75.20 API, we strongly recommend that you read the Remote Access Clients E75.20 API Documentation.
For more information, refer to:
Remote Access Clients E75.20 Downloads
Note: In order to download the Security Gateway Hotfix you will need to have a Software Subscription or Active Support plan.
Management Server and Gateway Requirements
Remote Access Clients E75.20 requires a supported gateway version. These Check Point versions support Remote Access Clients E75.20:
Note: Remote Access Clients cannot be installed on the same device as Check Point Endpoint Security R73 or E80. If Zone Alarm is installed on a device, you can install Check Point Mobile for Windows and SecuRemote, but not Endpoint Security VPN.
Client Downloads
Security Gateway Downloads
Important: Endpoint Security VPN R75/Remote Access Clients E75.x will not work if connected to R65 and R70 Security Gateways that do not include the hotfixes listed below.
Hotfix for R65 HFA 70 - When not using SecuRemote E75.x
Hotfix for R65 HFA 70 - When using SecuRemote E75.x (or if you have not yet applied the above hotfix on R65 HFA 70) (Recommended)
Hotfix for R70.40
Licensing
- Endpoint Security VPN: On the Gateway, IPSec VPN Blade license. On the Management, Endpoint Container & Endpoint VPN Blade licenses for all installed endpoints.
- Check Point Mobile for Windows: On the Gateway, Mobile Access Blade license, IPSec VPN Blade license (IP Appliances also require the IPSec VPN Blade license.) Licenses are required per number of concurrent connections.
- SecuRemote: On the Gateway, IPSec VPN Blade license for an unlimited number of connections.
Which license is required to allow L2TP VPN tunnels
Question: In order to allow L2TP VPN tunnels, if the customer already has the Endpoint VPN Remote Access Blade - is this enough, or is there a Mobile Access Blade license required? Meaning, for L2TP, do we need a Endpoint VPN Client license or a Mobile Access License?
Answer: In order to allow L2TP VPN tunnels, you would just need the IPSec VPN license on the Security Gateway. There is no need for the Mobile Access License.
Remote Access Clients E75.20 Documentation
Related Solution: sk67820 - Check Point Remote Access Solutions
Table of Contents
-
What's New in Remote Access Clients E75.20
-
Remote Access Clients E75.20 Downloads
-
Licensing
-
Remote Access Clients E75.20 Documentation
What's New in Remote Access Clients E75.20
The release of Endpoint Security VPN R75 introduced the Next Generation of SecureClient, including 64-bit support. This release, E75.20 Remote Access Clients, adds new features.
This section covers what's new in this release.
Secondary Connect
This feature provides access to multiple VPN gateways at the same time, to transparently connect to distributed resources.
- Connections to Distributed Networks: End-users can connect once and get transparent access to resources, regardless of their location. Tunnels are created dynamically, as needed, based on the destination of actual traffic.
- Enhanced Network Performance: Traffic flows directly from the endpoint user to the gateway, without site-to-site communication.
- Network Simplification: VPN tunnels and routing parameters are automatically taken from the network topology and destination server IP address.
- Seamless Upgrade from SecureClient: This release is compatible with legacy SecureClient settings. This unique feature is available only with Check Point VPN.
In an environment with Secondary Connect, the gateway that the client first authenticates to, is the Primary gateway. A gateway that the client connects to, through a secondary VPN, is a Secondary gateway. The Primary gateway must have the Secondary Connect Hotfix installed. See sk65312 - Enabling Secondary Connect for Remote Access Clients E75.20.
Third Party SCV Checks
This release supports SCV checks created by third party vendors, using the Remote Access Clients E75.20 SCV SDK. After installation, you can use these SCV checks in your SCV policies.
Note: Before using the Remote Access Clients SCV SDK, we strongly recommend that you read the Remote Access Clients SCV SDK Documentation.
Customized Initial Firewall Policy
A predefined desktop firewall policy can be attached to a client installation package. This policy is enforced when the client is installed.
Endpoint Security VPN for Unattended Machines
Endpoint Security VPN can be installed and managed locally on unattended machines, such as ATMs. Unattended clients are managed with CLI and API and do not have a User Interface.
Improved Remote Access Clients E75.20 API
The Remote Access Clients E75.20 API was changed in this version. It includes many improvements and backward compatibility support for future releases. Before using the API, read the Readme.txt inside the zip file.
Note: Before using the Remote Access Clients E75.20 API, we strongly recommend that you read the Remote Access Clients E75.20 API Documentation.
For more information, refer to:
Click here to view details of Remote Access Clients E75.20 Downloads
Remote Access Clients E75.20 Downloads
Note: In order to download the Security Gateway Hotfix you will need to have a Software Subscription or Active Support plan.
Management Server and Gateway Requirements
Remote Access Clients E75.20 requires a supported gateway version. These Check Point versions support Remote Access Clients E75.20:
Note: Remote Access Clients cannot be installed on the same device as Check Point Endpoint Security R73 or R80. If Zone Alarm is installed on a device, you can install Check Point Mobile for Windows and SecuRemote, but not Endpoint Security VPN.
Client Downloads
Security Gateway Downloads
Important: Endpoint Security VPN R75/Remote Access Clients E75.x will not work if connected to R65 and R70 Security Gateways that do not include the hotfixes listed below.
Hotfix for R65 HFA 70 - When not using SecuRemote E75.x
Hotfix for R65 HFA 70 - When using SecuRemote E75.x (or if you have not yet applied the above hotfix on R65 HFA 70)(Recommended)
Hotfix for R70.40
Licensing
- Endpoint Security VPN: On the Gateway, IPSec VPN Blade license. On the Management, Endpoint Container & Endpoint VPN Blade licenses for all installed endpoints.
- Check Point Mobile for Windows: On the Gateway, Mobile Access Blade license, IPSec VPN Blade license (IP Appliances also require the IPSec VPN Blade license.) Licenses are required per number of concurrent connections.
- SecuRemote: On the Gateway, IPSec VPN Blade license for an unlimited number of connections.
Which license is required to allow L2TP VPN tunnels
Question: In order to allow L2TP VPN tunnels, if the customer already has the Endpoint VPN Remote Access Blade - is this enough, or is there a Mobile Access Blade license required? Meaning, for L2TP, do we need a Endpoint VPN Client license or a Mobile Access License?
Answer: In order to allow L2TP VPN tunnels, you would just need the IPSec VPN license on the Security Gateway. There is no need for the Mobile Access License.
Remote Access Clients E75.20 Documentation
Related Solution: sk67820 - Check Point Remote Access Solutions
|
This solution is about products that are no longer supported and it will not be updated
|