Support Center > Search Results > SecureKnowledge Details
Check Point Remote Access Solutions
Solution

Table of Contents

  1. Providing Secure Remote Access
  2. Types of Remote Access Solutions
    1. SSL VPN Portal for published business application
    2. Layer-3 VPN Tunnel
    3. Layer-3 VPN Tunnel integrated with Endpoint Security
    4. Additional Remote Access Solutions
  3. Summary of Remote Access Options
  4. Remote Access VPN Blade and Supported OS
  5. VPN Client Version and supported Gateway Version
    1. Gateways R71, R75, R76 and above, VSX R67/R68
    2. Gateways R65, R70, VSX R65 and Edge
  6. Security Management Server versions and supported Remote Access Client versions
  7. Endpoint Security Server versions and supported Endpoint Security Client versions
  8. Related Solutions

 

(I) Providing Secure Remote Access

In today's business environment, it is clear that workers require remote access to sensitive information from a variety of locations and a variety of devices. Organizations must also make sure that their corporate network remains safe and that remote access does not become a weak point in their IT security.

This article will:

  • Help you decide which remote access client or clients best match your organization's requirements.
  • Give you information about Check Point's secure remote access options.

 

(II) Types of Remote Access Solutions

All of Check Point's Remote Access solutions provide:

  • Enterprise-grade, secure connectivity to corporate resources.
  • Strong user authentication.
  • Granular access control.

Factors to consider when choosing remote access solutions for your organization:

  • L3 VPN tunnel vs. Secure Business portal: Do you need a full VPN tunnel to protect the access from any installed application to the business, or do you need a simpler business portal that provides simple and secure access for published business applications?
  • Client-Based vs. Clientless: Does the solution require an agent to be installed on the endpoint computer, or is it clientless, for which only a web browser is required?
  • Secure Connectivity vs. Endpoint Security: Does the solution provide only secure connectivity, or also additional endpoint security functionalities, when the device is not connected via a VPN tunnel to the business?

 

(II-1) Types of Remote Access Solutions - SSL VPN Portal for published business application

  • Allows simple and secure usage of business resources from any PC, Mac, Smartphones and tablets.
  • Access business resources such as web-applications
  • Two factor user authentication
  • Secure access to published apps via any supported Internet Browser or a dedicated Smartphone/tablet app
  • Best fit for unmanaged-devices and "BYOD"
  • License required: Check Point Mobile on the Security Gateway. License count per concurrent connected devices.
Name Supported Operating Systems Client or Clientless Encryption Protocol Latest Version & Relevant Link for downloads Security Verification for Endpoint Devices Desktop Firewall on Endpoint Devices IPv6 Support

 

Mobile Access Web Portal

 

  • Windows
  • Linux
  • Mac OS X
  • iOS
  • Android

Clientless

SSL

R77

sk92965

Yes

No

Yes

R77.10 and higher

 

SSL Network Extender for Mobile Access Blade

 

  • Windows
  • Linux
  • Mac OS X

On-demand Client through Mobile Access Portal

SSL

E75

sk65210

Yes

No

 

Check Point Mobile for iPhone and iPad
iOS Client SSL

1.3

sk59120

No No

 

Capsule Workspace for iOS (previously Mobile Enterprise)
iOS Client SSL sk92552

Yes

Jailbreak & Root Detection

MDM Cooperative Enforcement (sk98201)

No

Yes

R77.10 and higher

Check Point Mobile for Android
Android Client SSL

1.0.85

sk65314
No No

 

Capsule Workspace for Android (previously Mobile Enterprise)
Android Client SSL sk93775 Yes

Jailbreak & Root Detection

MDM Cooperative Enforcement (sk98201)

No

Yes

R77.10 and higher

 

(II-2) Types of Remote Access Solutions - Layer-3 VPN Tunnel

  • Secure access to the business from any installed application via a Layer-3 VPN tunnel
  • Check Point Mobile for Windows, Check Point VPN Plugin for Windows 8.1 and Check Point Capsule VPN for Windows 10 do not support "two factor user authentication".
  • Requires a VPN agent/app installation
  • Best fit for both managed or unmanaged-devices
  • License required: Check Point Mobile on the Security Gateway. License count per concurrent connected devices.
Name Supported Operating Systems Client or Clientless Encryption Protocol Latest Version & Relevant Link for downloads Security Verification for Endpoint Devices Desktop Firewall on Endpoint Devices IPv6 Support
Check Point Mobile for Windows
Windows
Endpoint Security 
Client IPsec E80.64 (sk112793) Yes No No
Capsule Connect (for iOS) (previously Mobile VPN)
iOS Client IPsec / SSL sk69540 MDM Cooperative Enforcement (sk98201) No No
Capsule VPN (for Android) (previously Mobile VPN)
Android 4+ Client IPsec / SSL sk84141 MDM Cooperative Enforcement (sk98201) No No
Check Point VPN Plugin for Windows 8.1
Windows 8.1, Windows Phone Preinstalled client SSL

sk96006

No No No
Check Point Capsule VPN for Windows 10
Windows 10, Windows Phone Download app from Windows store. SSL

sk107536

No No No

 

(II-3) Types of Remote Access Solutions - Layer-3 VPN Tunnel integrated with Endpoint Security

  • A full Layer-3 VPN tunnel integrated with enterprise grade endpoint security software blades.
  • Two factor user authentication.
  • Additional Endpoint Security functionalities - from desktop firewall and till full endpoint security software blades - such as Disk Encryption, Media Encryption, Anti Malware, and more.
  • Requires a VPN agent/app installation.
  • Best fit for managed devices.
  • License required: Endpoint Security Container and Endpoint Security VPN software blades. License count per installed devices.
Name Supported Operating Systems Client or Clientless Encryption Protocol Latest Version & Relevant Link for downloads Security Verification for Endpoint Devices Desktop Firewall on Endpoint Devices IPv6 Support
Endpoint Security VPN for Windows
Windows
Endpoint Security 
Client IPsec E80.64 (sk112793) Yes Yes No
Endpoint Security VPN for Mac
Mac OS X Client IPsec E80.64 (sk112793) No Yes No
Endpoint Security Suite Remote Access VPN Blade

Windows
Endpoint Security 

Client IPsec E80.64 (sk112793)

Yes

Yes No
Endpoint Security Suite Remote Access VPN Blade
Mac OS X   Client  IPsec E80.64 (sk112793)

No

Yes   No

 

(II-4) Types of Remote Access Solutions - Additional Remote Access Solutions

  • SecuRemote is a secure, but limited-function IPsec VPN client.
  • Two factor user authentication
Name Supported Operating Systems Client or Clientless Encryption Protocol Latest Version & Relevant Link for downloads Security Verification for Endpoint Devices Desktop Firewall on Endpoint Devices IPv6 Support
SecuRemote
Windows
Endpoint Security 
Client IPsec E80.64 (sk112793) No No No

 

(III) Summary of Remote Access Options

Below is a summary of each Remote Access option that Check Point offers. All supply secure remote access to corporate resources, but each has different features and meets different organizational requirements.

Note: Refer to "Support Life Cycle Policy".

Remote Access Option Topic Description
Mobile Access Web Portal Introduction

The Mobile Access Portal is a clientless SSL VPN solution. It is recommended for users who require access to corporate resources from home, an internet kiosk, or another unmanaged computer. The Mobile Access Portal can also be used with managed devices.

It provides:

  • Secure Connectivity
  • Security Verification

The Mobile Access Portal supplies access to web-based corporate resources. You can use the on-demand client, SSL Network Extender (SNX), via the Portal to access all types of corporate resources.

Required Licenses Mobile Access Software Blade on the Security Gateway.
Supported Platforms Windows, Mac OS X, Linux, iOS and Android
Where to get the Client Included with the Security Gateway
SSL Network Extender (SNX) Introduction

SSL Network Extender (SNX) is a thin SSL VPN on-demand client installed automatically on the user's machine via a web browser. It supplies access to all types of corporate resources. SSL Network Extender (SNX) has two modes:

  • Network Mode: Users can access all application types (Native-IP-based and Web-based) in the internal network. To install the Network Mode client, users must have administrator privileges on the client computer.
  • Application Mode: Users can access most application types (Native-IP-based and Web-based) in the internal network, including most TCP applications. The user does not require administrator privileges on the endpoint machine.
Required Licenses Mobile Access Software Blade and IPSec VPN Blade on the Security Gateway
Supported Platforms
  • Network Mode: Windows, Mac OS X, Linux
  • Application Mode: Windows
Where to get the Client Included with the Security Gateway
Check Point VPN Plugin for Windows 8.1 Introduction Check Point VPN Plugin for Windows 8.1 is an L3 VPN client. It supplies secure connectivity and access to corporate resources using L3 SSL VPN Tunnel.
Required Licenses Mobile Access Software Blade on the Security Gateway
Supported Platforms Windows 8.1, Windows Phone
Where to get the Client Preinstalled with Windows 8.1
Check Point Capsule VPN for Windows 10 Introduction Check Point Capsule VPN uses SSL. It is now available for Windows 10.
Required Licenses Mobile Access Software Blade on the Security Gateway
Supported Platforms Windows 10, Windows Phone
Where to get the Client You have to first download an app from Windows store
Check Point Mobile for Windows Introduction

Check Point Mobile for Windows is an IPsec VPN client. It is best for medium to large enterprises that do not require an Endpoint Security policy.

It provides:

  • Secure Connectivity
  • Security Verification
Required Licenses IPsec VPN and Mobile Access Software Blades on the Security Gateway.
Supported Platforms Windows
Where to get the Client Check Point Support Center
Check Point Mobile for iPhone and iPad Introduction Check Point Mobile for iPhone and iPad is an SSL VPN client. It supplies secure connectivity and access to web-based corporate resources and Exchange ActiveSync. Check Point Mobile for iPhone and iPad is ideal for mobile workers who have iPhone or iPad devices.
Required Licenses Mobile Access Software Blade on the Security Gateway
Supported Platforms iOS
Where to get the Client Apple App Store
SecuRemote Introduction SecuRemote is a secure, but limited-function IPsec VPN client. It provides secure connectivity.
Required Licenses IPsec VPN Software Blade on the Security Gateway. It is a free client and does not require additional licenses.
Supported Platforms Windows
Where to get the Client Check Point Support Center
Endpoint Security VPN Introduction

Endpoint Security VPN is an IPsec VPN client that replaces SecureClient. It is best for medium to large enterprises.

It provides:

  • Secure Connectivity
  • Security Verification
  • Endpoint Security that includes an integrated Desktop Firewall, centrally managed from the Security Management Server

Note: Endpoint Security VPN for Mac OS X includes a Desktop Firewall, but not Security Verification.

Required Licenses The IPsec VPN Software Blade on the Security Gateway, an Endpoint Container license, and an Endpoint VPN Software Blade license on the Security Management Server.
Supported Platforms Windows, Mac OS X
Where to get the Client Check Point Support Center
Endpoint Security Suite Introduction

The Endpoint Security Suite simplifies endpoint security management by unifying all endpoint security capabilities in a single console and a single client. Endpoint Security Software Blades include: Desktop Firewall and Security Verification, Full Disk Encryption, Media Encryption and Port Protection, Anti-Malware and Program Control, WebCheck browser virtualization and Remote Access VPN.

Starting from Endpoint Security E80.41, Remote Access VPN Clients are part of the Endpoint Security offering, providing the next release of E75.30, including all flavors. The E75 Remote Access Clients series was previously known as Endpoint Security VPN R75.

(Remote Access Clients E75.30 (Endpoint Security VPN) replaced SecureClient, including 64-bit support. It replaced both SecureClient and Endpoint Connect.)

Required Licenses
  • Management: Endpoint Policy Management Software Blade.
  • Client: Endpoint Security Container and Endpoint Security Software Blades - for any protected endpoint.
Supported Platforms Windows, Mac OS X
Where to get the Client Check Point Support Center
Capsule Workspace for iOS Introduction

Capsule Workspace for iOS is an SSL VPN client. It supplies secure connectivity and access to web-based corporate resources and Microsoft Exchange services. It also gives secure access to Capsule Docs protected documents.
It was previously called Mobile Enterprise.

Capsule Workspace is ideal for mobile workers who have privately-owned smart phones or tablets. It protects only the business data inside the App and does not require device-level security measures, such as device-lock or device-wipe.

Required Licenses Capsule license on the Security Gateway
Supported Platforms iOS
Where to get the Client Apple App Store
Capsule Workspace for Android Introduction

Capsule Workspace for Android is an SSL VPN client. It supplies secure connectivity and access to web-based corporate resources and Microsoft Exchange services. It also gives secure access to Capsule Docs protected documents.
It was previously called Mobile Enterprise.

Capsule Workspace for Android is ideal for mobile workers who have privately-owned smart phones or tablets. It protects only the business data inside the App and does not require device-level security measures, such as device-lock or device-wipe.

Required Licenses Capsule license on the Security Gateway
Supported Platforms Android
Where to get the Client Google Play Store
Capsule Connect (for iOS) Introduction

Capsule Connect is a full L3 tunnel App that gives users network access to all mobile applications. It supplies secure connectivity and access to all types of corporate resources.
It was previously called Mobile VPN.

Required Licenses Mobile Access Software Blade on the Security Gateway
Supported Platforms iOS 6.0 +
Where to get the Client Apple App Store
Check Point Mobile for Android Introduction Check Point Mobile for Android is an SSL VPN client. It supplies secure connectivity and access to web-based corporate resources and Exchange ActiveSync. Check Point Mobile for Android is ideal for mobile workers who have Android devices.
Required Licenses Mobile Access Software Blade on the Security Gateway
Supported Platforms Android
Where to get the Client Google Play Store
Capsule VPN (for Android) Introduction Capsule VPN for Android devices is an L3 VPN client. It supplies secure connectivity and access to corporate resources using L3 IPSec/SSL VPN Tunnel.
It was previously called Mobile VPN.
Required Licenses Mobile Access Software Blade on the Security Gateway
Supported Platforms Android 4 + (ICS+)
Where to get the Client Google Play Store
Check Point GO Introduction

Check Point GO is a portable workspace with virtualized Windows applications, on a secure and encrypted USB Flash Drive. Users insert the USB device into a host PC and securely access their workspace and corporate resources via SSL VPN technology. Check Point GO is ideal for mobile workers, contractors, and disaster recovery. The virtual workspace is segregated from the host PC and controls the applications and data that can run in Check Point GO.

It provides:

  • Secure Connectivity
  • Security Verification
Required Licenses IPsec VPN Software Blade on the Security Gateway and Check Point GO devices.
Supported Platforms Windows
Where to get the Client Check Point Support Center

 

Which license is required to allow L2TP VPN tunnels

  • Question: In order to allow L2TP VPN tunnels, if the customer already has the Endpoint VPN Remote Access Blade - is this enough, or is there a Mobile Access Blade license required? Meaning, for L2TP, do we need a Endpoint VPN Client license or a Mobile Access License?
  • Answer: In order to allow L2TP VPN tunnels, you would just need the IPSec VPN license on the Security Gateway. There is no need for the Mobile Access License.

 

Check Point products support for Windows 7, 8 and 10:

 

(IV) Remote Access VPN Blade and Supported OS

 

Notes:

Remote Access VPN Blade and Supported OS
Client Version and Flavor Client OS Client OS Version and Flavor
E80.64 Endpoint Security Client and Remote Access Clients (Endpoint Security VPN, Check Point Mobile for Windows, SecuRemote)

Windows

  • Windows 7 Enterprise 32/64-bit (with or without SP1)
  • Windows 7 Professional 32/64-bit (with or without SP1)
  • Windows 8.1 32/64-bit (with or without Update 1)
  • Windows 10 Pro 32/64-bit
  • Windows 10 Enterprise 32/64-bit
E80.62 Endpoint Security Client and Remote Access Clients (Endpoint Security VPN, Check Point Mobile for Windows, SecuRemote)

Windows

  • Windows 7 Enterprise 32/64-bit (with or without SP1)
  • Windows 7 Ultimate 32/64-bit (with or without SP1)
  • Windows 7 Professional 32/64-bit (with or without SP1)
  • Windows 8.1 32/64-bit (with or without Update 1)
  • Windows 10 Pro 32/64-bit
  • Windows 10 Enterprise 32/64-bit
Mac OS X
  • Mac OS X 10.9 Mavericks (32/64-bit)
  • Mac OS X 10.10 Yosemite (32/64-bit)
  • Mac OS X 10.11 El Capitan (32/64-bit)
E80.61 Endpoint Security Client and Remote Access Clients (Endpoint Security VPN, Check Point Mobile for Windows, SecuRemote)

Windows

  • Windows XP Professional 32-bit (with SP3)
  • Windows Vista Enterprise 32/64-bit (with SP1,SP2)
  • Windows Vista Business 32/64-bit (with SP1,SP2)
  • Windows 7 Professional 32/64-bit (with or without SP1)
  • Windows 7 Enterprise 32/64-bit (with or without SP1)
  • Windows 7 Ultimate 32/64-bit (with or without SP1)
  • Windows 8 Pro 32/64-bit
  • Windows 8 Enterprise 32/64-bit
  • Windows 8.1 32/64-bit (with or without Update 1)
Mac OS X
  • Mac OS X 10.7 Lion (32/64-bit)
  • Mac OS X 10.8 Mountain Lion (32/64-bit)
  • Mac OS X 10.9 Mavericks (32/64-bit)
  • Mac OS X 10.10 Yosemite (32/64-bit)
E80.60 Endpoint Security Client and Remote Access Clients (Endpoint Security VPN, Check Point Mobile for Windows, SecuRemote)

Windows

  • Windows XP Professional 32-bit (with SP3)
  • Windows Vista Enterprise 32/64-bit (with SP1,SP2)
  • Windows Vista Business 32/64-bit (with SP1,SP2)
  • Windows 7 Professional 32/64-bit (with or without SP1)
  • Windows 7 Enterprise 32/64-bit (with or without SP1)
  • Windows 7 Ultimate 32/64-bit (with or without SP1)
  • Windows 8 Pro 32/64-bit
  • Windows 8 Enterprise 32/64-bit
  • Windows 8.1 32/64-bit (with or without Update 1)
Mac OS X
  • Mac OS X 10.7 Lion (32/64-bit)
  • Mac OS X 10.8 Mountain Lion (32/64-bit)
  • Mac OS X 10.9 Mavericks (32/64-bit)
  • Mac OS X 10.10 Yosemite (32/64-bit)
E80.51 Endpoint Security Client and Remote Access Clients (Endpoint Security VPN, Check Point Mobile for Windows, SecuRemote) Windows
  • Windows XP Professional 32-bit (with SP3)
  • Windows Vista Enterprise 32/64-bit (with SP2)
  • Windows Vista Business 32/64-bit (with SP2)
  • Windows 7 Professional 32/64-bit (with or without SP1)
  • Windows 7 Enterprise 32/64-bit (with or without SP1)
  • Windows 7 Ultimate 32/64-bit (with or without SP1)
  • Windows 8 Pro 32/64-bit
  • Windows 8 Enterprise 32/64-bit
  • Windows 8.1 32/64-bit (with or without Update 1)
E80.50.03 Endpoint Security Client for Mac OS X Mac OS X
  • Mac OS X 10.7 Lion (32/64-bit)
  • Mac OS X 10.8 Mountain Lion (32/64-bit)
  • Mac OS X 10.9 Mavericks (32/64-bit)
E80.50 Endpoint Security Client and Remote Access Clients (Endpoint Security VPN, Check Point Mobile for Windows, SecuRemote)

Windows

  • Windows XP Home 32-bit (with SP3)
  • Windows XP Professional 32-bit (with SP3)
  • Windows Vista Enterprise 32/64-bit (with SP1,SP2)
  • Windows Vista Business 32/64-bit (with SP1,SP2)
  • Windows 7 Professional 32/64-bit (with or without SP1)
  • Windows 7 Enterprise 32/64-bit (with or without SP1)
  • Windows 7 Ultimate 32/64-bit (with or without SP1)
  • Windows 8 Pro 32/64-bit (For new client installations only)
  • Windows 8 Enterprise 32/64-bit (For new client installations only)
  • Windows 8.1 32/64-bit (For new client installations only)
Mac OS X
  • Mac OS X 10.6 Snow Leopard (32/64-bit)
  • Mac OS X 10.7 Lion (32/64-bit)
  • Mac OS X 10.8 Mountain Lion (32/64-bit)
E80.42 Endpoint Security Client and Remote Access Clients (Endpoint Security VPN, Check Point Mobile for Windows, SecuRemote)

Windows

  • Windows XP Professional 32-bit (with SP3)
  • Windows Vista Enterprise 32/64-bit (with SP1,SP2)
  • Windows 7 Professional 32/64-bit (with or without SP1)
  • Windows 7 Enterprise 32/64-bit (with or without SP1)
  • Windows 7 Ultimate 32/64-bit (with or without SP1)
  • Windows 8 Pro 32/64-bit
  • Windows 8 Enterprise 32/64-bit
  • Windows 8.1 32/64-bit (For new client installations only)
Mac OS X
  • Mac OS X 10.6 Snow Leopard (32/64-bit)
  • Mac OS X 10.7 Lion (32/64-bit)
  • Mac OS X 10.8 Mountain Lion (32/64-bit)
  • Mac OS X 10.9 Mavericks (32/64-bit)
E80.41 Endpoint Security Client and Remote Access Clients (Endpoint Security VPN, Check Point Mobile for Windows, SecuRemote)

Windows

  • Windows XP Professional 32-bit (with SP3)
  • Windows Vista 32/64-bit (with SP1,SP2)
  • Windows 7 Professional 32/64-bit (with or without SP1)
  • Windows 7 Enterprise 32/64-bit (with or without SP1)
  • Windows 7 Ultimate 32/64-bit (with or without SP1)
  • Windows 8 Pro 32/64-bit (For new client installations only)
  • Windows 8 Enterprise 32/64-bit (For new client installations only)
Mac OS X
  • Mac OS X 10.6 Snow Leopard (32/64-bit)
  • Mac OS X 10.7 Lion (32/64-bit)
  • Mac OS X 10.8 Mountain Lion (32/64-bit)
E80.40 Endpoint Security Client Windows
  • Windows XP Professional 32-bit (with SP3)
  • Windows Vista 32/64-bit (with SP1,SP2)
  • Windows 7 Professional 32/64-bit (with or without SP1)
  • Windows 7 Enterprise 32/64-bit (with or without SP1)
  • Windows 7 Ultimate 32/64-bit (with or without SP1)
Mac OS X
  • Mac OS X 10.6 Snow Leopard (32/64-bit)
  • Mac OS X 10.7 Lion (32/64-bit)
  • Mac OS X 10.8 Mountain Lion (32/64-bit)
E80.30 / E80.32 Endpoint Security Client Windows
  • Windows XP Professional 32-bit (with SP3)
  • Windows Vista 32/64-bit (with or without SP1,SP2)
  • Windows 7 Professional 32/64-bit (with SP1)
  • Windows 7 Enterprise 32/64-bit (with SP1)
  • Windows 7 Ultimate 32/64-bit (with SP1)
E80.20 Endpoint Security Client Windows
  • Windows XP Professional 32-bit (with SP3)
  • Windows Vista 32/64-bit (with or without SP1,SP2)
  • Windows 7 Professional 32/64-bit (with SP1)
  • Windows 7 Enterprise 32/64-bit (with SP1)
  • Windows 7 Ultimate 32/64-bit (with SP1)
E80 / E80.10 Endpoint Security Client Windows
  • Windows XP Professional 32-bit (with SP3)
  • Windows 7 Professional 32/64-bit (with SP1)
  • Windows 7 Enterprise 32/64-bit (with SP1)
  • Windows 7 Ultimate 32/64-bit (with SP1)
R75 / E75.10 / E75.20 / E75.30 Endpoint Security VPN Windows
  • Windows XP Professional 32-bit (with SP2,SP3)
  • Windows Vista 32/64-bit (with SP1,SP2)
  • Windows 7 Home 32/64-bit (with or without SP1)
  • Windows 7 Professional 32/64-bit (with or without SP1)
  • Windows 7 Enterprise 32/64-bit (with or without SP1)
  • Windows 7 Ultimate 32/64-bit (with or without SP1)
  • Windows 8 Pro 32/64-bit (E75.30 only)
  • Windows 8 Enterprise 32/64-bit (E75.30 only)
E75.10 / E75.20 / E75.30 Check Point Mobile for Windows Windows
  • Windows XP Professional 32-bit (with SP2,SP3)
  • Windows Vista 32/64-bit (with SP1,SP2)
  • Windows 7 Home 32/64-bit (with or without SP1)
  • Windows 7 Professional 32/64-bit (with or without SP1)
  • Windows 7 Enterprise 32/64-bit (with or without SP1)
  • Windows 7 Ultimate 32/64-bit (with or without SP1)
  • Windows 8 Pro 32/64-bit (E75.30 only)
  • Windows 8 Enterprise 32/64-bit (E75.30 only)
E75.10 / E75.20 / E75.30 SecuRemote Windows
  • Windows XP Professional 32-bit (with SP2,SP3)
  • Windows Vista 32/64-bit (with SP1,SP2)
  • Windows 7 Home 32/64-bit (with or without SP1)
  • Windows 7 Professional 32/64-bit (with or without SP1)
  • Windows 7 Enterprise 32/64-bit (with or without SP1)
  • Windows 7 Ultimate 32/64-bit (with or without SP1)
  • Windows 8 Pro 32/64-bit (E75.30 only)
  • Windows 8 Enterprise 32/64-bit (E75.30 only)
E75.01 Endpoint Security VPN Mac OS X
  • Mac OS X 10.6 Snow Leopard (32/64-bit)
  • Mac OS X 10.7 Lion (32/64-bit)
  • Mac OS X 10.8 Mountain Lion (32/64-bit)
E75 Endpoint Security VPN Mac OS X
  • Mac OS X 10.6 Snow Leopard (32/64-bit)
  • Mac OS X 10.7 Lion (32/64-bit)
SSL Network Extender (SNX) for Mobile Access Blade

Windows

Linux

Mac OS X

Windows OS:

  • Windows XP Professional 32/64-bit (with SP2, SP3)
  • Windows Vista Enterprise 32/64-bit (with SP1,SP2)
  • Windows Vista Business 32/64-bit (with SP1,SP2)
  • Windows 7 Professional 32/64-bit (with SP1)
  • Windows 7 Enterprise 32/64-bit (with SP1)
  • Windows 7 Ultimate 32/64-bit (with SP1)
  • Windows 8 Pro 32/64-bit
  • Windows 8 Enterprise 32/64-bit (not including Windows RT)

Note: SSL Network Extender is not supported in 64-bit browsers on Windows OS prior to Windows 8. SSL Network Extender is supported in 64-bit Internet Explorer 10 in Windows 8.

Macintosh OS:

  • Mac OS X 10.6.8 (32/64-bit)
  • Mac OS X 10.7, 10.7.1, 10.7.2, 10.7.3, 10.7.4, 10.7.5 (Lion) (32/64-bit)
  • Mac OS X 10.8, 10.8.1, 10.8.2 (Mountain Lion) (64-bit), 10.8.4, 10.8.5 (32/64-bit)
  • Mac OS X 10.9.5
  • Mac OS X 10.10 (Yosemite), 10.10.2 (32/64-bit)

Linux OS:

  • Ubuntu 11.10, 12.04, 12.04 LTS, 12.10 (32/64-bit), 14.04 LTS, 14.10
  • openSUSE 11.4 (32/64-bit)
  • openSUSE 12.2 (32/64-bit)
  • openSUSE 13.1, 13.2 (32/64-bit)
  • Fedora 15, 16, 18, 20, 21 (Requires xterm (standard terminal emulator) for deployment) (32/64-bit)
  • RHEL 4.9, 5.7, 5.11, 6.1, 6.6, 7 (32/64-bit)
SSL Network Extender (SNX) for IPSec VPN Portal

Windows

Linux

Mac OS X

Windows OS:

  • Windows XP Professional 32/64-bit (with SP2, SP3)
  • Windows Vista Enterprise 32/64-bit (with SP1,SP2)
  • Windows Vista Business 32/64-bit (with SP1,SP2)
  • Windows 7 Professional 32/64-bit (with SP1)
  • Windows 7 Enterprise 32/64-bit (with SP1)
  • Windows 7 Ultimate 32/64-bit (with SP1)
  • Windows 8 Pro 32/64-bit
  • Windows 8 Enterprise 32/64-bit (not including Windows RT)

Note: SSL Network Extender is not supported on 64-bit browsers in Windows prior to Windows 8. SSL Network Extender is supported on 64-bit IE 10 in Windows 8.

Macintosh OS:

  • Mac OS X 10.6.8 (32/64-bit)
  • Mac OS X 10.7, 10.7.1, 10.7.2, 10.7.3, 10.7.4, 10.7.5 (Lion) (32/64-bit)
  • Mac OS X 10.8, 10.8.1, 10.8.2 (Mountain Lion) (64-bit), 10.8.4, 10.8.5
  • Mac OS X 10.9.5
  • Mac OS X 10.10.2

Linux OS:

  • Ubuntu 11.10, 12.04, 12.04 LTS, 12.10 (32/64-bit), 14.04 LTS, 14.10
  • openSUSE 11.4 (32/64-bit)
  • openSUSE 12.2 (32/64-bit)
  • openSUSE 13.1, 13.2
  • Fedora 15, 16, 18, 20, 21 (Requires xterm (standard terminal emulator) for deployment) (32/64-bit)
  • RHEL 4.9, 5.7, 5.11, 6.1, 6.6, 7 (32/64-bit)
Check Point Mobile for iPhone and iPad iOS

iOS 6.0 +

See AppStore

Check Point Mobile Enterprise for iPhone and iPad iOS

iOS 6.0 +

See AppStore

Check Point Mobile VPN for iOS iOS

iOS 6+

See AppStore

Check Point Mobile for Android Android

Android 4.0 +

See Google Play

Check Point Mobile Enterprise for Android Android

Android 4.0 +

See Google Play

Check Point Mobile VPN for Android Android

Android 4.0 + (Android ICS+)

See Google Play

Check Point GO R75 with HFAs Windows
  • Windows XP Home 32-bit (with SP3)
  • Windows XP Professional 32-bit (with SP3)
  • Windows Vista Enterprise 32/64-bit (with SP1,SP2)
  • Windows Vista Business 32/64-bit (with SP1,SP2)
  • Windows 7 Professional 32/64-bit (with or without SP1)
  • Windows 7 Enterprise 32/64-bit (with or without SP1)
  • Windows 7 Ultimate 32/64-bit (with or without SP1)
Check Point VPN Plugin for Windows 8.1 Windows 8.1 Preinstalled with Windows 8.1.
Legacy Clients
Secure Client / SecuRemote NGX R60 HFA3 Windows
  • Windows XP Home 32-bit (with SP3)
  • Windows XP Professional 32-bit (with SP3)
  • Windows Vista Enterprise 32/64-bit (with SP1)
  • Windows Vista Business 32/64-bit (with SP1)
  • Windows 7 Enterprise 32/64-bit (with or without SP1)
  • Windows 7 Ultimate 32/64-bit (with or without SP1)
Endpoint Connect R73 and above Windows
  • Windows 2000 Professional 32-bit (with SP1,SP2,SP3,SP4)
  • Windows XP Home 32-bit (with or without SP1,SP2,SP3)
  • Windows XP Professional 32-bit (with or without SP1,SP2,SP3)
  • Windows Vista Enterprise 32/64-bit (with or without SP1)
  • Windows Vista Business 32/64-bit (with or without SP1)
  • Windows 7 Professional 32/64-bit (with or without SP1)
  • Windows 7 Enterprise 32/64-bit (with or without SP1)
  • Windows 7 Ultimate 32/64-bit (with or without SP1)
Endpoint Security R73 and above Windows
  • Windows XP Professional 32-bit (with SP2,SP3)
  • Windows Vista Enterprise 32/64-bit (with SP1,SP2)
  • Windows Vista Business 32/64-bit (with SP1,SP2)
  • Windows 7 Professional 32/64-bit (with or without SP1; SP1 is supported starting from R73 HFA 3)
  • Windows 7 Enterprise 32/64-bit (with or without SP1; SP1 is supported starting from R73 HFA 3)
  • Windows 7 Ultimate 32/64-bit (with or without SP1; SP1 is supported starting from R73 HFA 3)

 

(V) VPN Client Version and supported Gateway Version

Below there are two tables:

  • For Gateways R71, R75, R76 and above, VSX R67/R68
  • For Gateways R65, R70, VSX R65 and Edge

(V-1) VPN Client Version and supported Gateway Version - Gateways R71, R75, R76 and above, VSX R67/R68

Note: Refer to "Support Life Cycle Policy".

VPN Client Version and supported Gateway Version
Client Name + Version Client OS R71 / SG80 R71 R75 R76 and above VSX R67 / R68
Endpoint Security Client E80.40 and above Windows

R71.30 and above

R71.50 and above (Including Secondary Connect for E75.20/E80.40 and above)
R75 and above

Secondary Connect is supported in:

  • R75.20 + HF (sk65312)
  • R75.40 and above (includes R75.40VS)
Supported VSX R67.10 and above
Mac OS X R71.30 and above R75 and above Supported VSX R67.10 and above
Endpoint Security Client E80 / E80.10 / E80.20 / E80.30 / E80.32 Windows R71 and above R75 and above Supported VSX R67 and above
Remote Access Client - Endpoint Security VPN R75 / E75.10 / E75.20 / E75.30 / E80.41 and above Windows

R71.30 and above

R71.50 and above (Including Secondary Connect for E75.20 and above)
R75 and above

Secondary Connect is supported in:

  • R75.20 + HF (sk65312)
  • R75.40 and above (includes R75.40VS)
Supported VSX R67.10 and above
Mac OS X R71.30 and above R75 and above Supported VSX R67.10 and above
Remote Access Client - Check Point Mobile for Windows E75.10 / E75.20 / E75.30 / E80.41 and above Windows R71.50 and above (Including Secondary Connect for E75.20 and above) R75 and above

Secondary Connect is supported in:

  • R75.20 + HF (sk65312)
  • R75.40 and above (includes R75.40VS)
Supported Mobile Access license is required. On IPSO, Windows and VSX gateways there is no need to turn on Mobile Access in SmartDashboard.
Remote Access Client - SecuRemote E75.10 / E75.20 / E75.30 / E80.41 and above Windows R71.50 and above (Including Secondary Connect for E75.20+) R75.10 and above

Secondary Connect is supported in:

  • R75.20 + HF (sk65312)
  • R75.40 and above (includes R75.40VS)
Supported VSX R67.10 and above
SSL Network Extender (SNX) for Mobile Access Blade

Windows

Linux

Mac OS X
R71 and above R75 and above Supported  
SSL Network Extender (SNX) for IPSec VPN Portal Windows

Linux

Mac OS X

R71 and above

SG80 R71 and above

R75 and above Supported VSX R67 and above
Check Point Mobile for iPhone and iPad iOS R71.30 and above R75.20 and above Replaced by Check Point Mobile Enterprise for iPhone and iPad  
Check Point Mobile Enterprise for iPhone and iPad iOS     R77.10 and above  
Check Point Mobile VPN for iOS iOS R71.50 and above R75.40 and above (includes R75.40VS) Supported Mobile Access license is required. On IPSO, Windows and VSX gateways there is no need to turn on Mobile Access in SmartDashboard.
Check Point Mobile VPN for Android Android R71.50 and above R75.40 and above (includes R75.40VS) Supported Mobile Access license is required. On IPSO, Windows and VSX gateways there is no need to turn on Mobile Access in SmartDashboard.
Check Point Mobile for Android Android

R71.30 + HF

R71.50 and above

R75.20 + HF

R75.40 and above

Supported  
Check Point Mobile Enterprise for Android Android     R77.10 and above  
Check Point GO R75 with HFAs Windows R71 and above R75 and above (includes R75.40VS) Supported

On R71 to R71.30, GO does not work if the Mobile Access Software Blade is enabled.

On R71.40, GO does work with the Mobile Access Software Blade, but certificate authentication for VPN is not supported.
Check Point VPN Plugin for Windows 8.1 Windows 8.1 R71.50 and above R75.40 and above (includes R75.40VS) Supported Mobile Access license is required. On IPSO, Windows and VSX gateways there is no need to turn on Mobile Access in SmartDashboard.
Mobile Access Portal

Any

R71 and above R75 and above Supported  
Legacy Clients
Secure Client / SecuRemote NGX R60 HFA3 Windows

R71 and above

SG80 R71 and above

R75 and above Supported VSX R65 and above
Endpoint Connect R73 Windows

R71 and above

SG80 R71 and above

R75 and above   VSX R67 and above
Endpoint Security R73 and above Windows

R71 and above

SG80 R71 and above

R75 and above   VSX R67 and above

 

(V-2) VPN Client Version and supported Gateway Version - Gateways R65, R70, VSX R65 and Edge

Note: Refer to "Support Life Cycle Policy".

VPN Client Version and supported Gateway Version
Client Name + Version Client OS R65 R70 VSX R65 Edge Comments
Endpoint Security Client E80.40 and above Windows R65.70 + HF (sk61286) R70.40 + HF (sk61286)

R70.50 and above (Including Secondary Connect for E75.20/E80.40 and above).

 

8.2.48

Contact Check Point Support for hotfix required for E80.60, E80.61 and E80.62

 
Mac OS X R65.70 + HF (sk61286) R70.40 + HF (sk61286)   8.2.48
 
Endpoint Security Client E80 / E80.10 / E80.20 / E80.30 / E80.32 Windows R65.40 and above R70.20 and above   8.2.33  
Remote Access Client - Endpoint Security VPN R75 / E75.10 / E75.20 / E75.30 / E80.41 and above Windows R65.70 + HF (sk61286) R70.40 + HF (sk61286)

R70.50 and above (Including Secondary Connect for E75.20 and above).

  8.2.33

8.2.48 - for E75.20, E75.30, E80.41 and above

 
Mac OS X R65.70 + HF (sk61286) R70.40 + HF (sk61286)  

8.2.33

8.2.48 - for E75.20, E75.30, E80.41 and above

 
Remote Access Client - Check Point Mobile for Windows E75.10 / E75.20 / E75.30 / E80.41 and above Windows R65.70 + HF (sk61286) R70.40 + HF (sk61286)

R70.50 and above (Including Secondary Connect for E75.20 and above).

  8.2.33

8.2.48 - for E75.20, E75.30, E80.41 and above

Mobile Access license is required. On IPSO and Windows gateways there is no need to turn on Mobile Access in SmartDashboard.
Remote Access Client - SecuRemote E75.10 / E75.20 / E75.30 / E80.41 and above Windows R65.70 + HF (sk61286) R70.40 + HF (sk61286)

R70.50 and above (Including Secondary Connect for E75.20 and above).

     
SSL Network Extender (SNX) for IPSec VPN Portal Windows

Linux

Mac OS X

R65 and above R70 and above R65 and above    
Check Point GO R75 with HFAs Windows   R70.20 and above      
Legacy Clients
Secure Client / SecuRemote NGX R60 HFA3 Windows R65 and above R70 and above R65 and above Supported  
Endpoint Connect R73 Windows R65.40 and above R70.20 and above   8.2.33  
Endpoint Security R73 and above Windows R65.40 and above R70.20 and above   8.2.33  

 

(VI) Security Management Server versions and supported Remote Access Client versions

Following is the matrix of Remote Access Clients (Endpoint Security VPN, SecuRemote, Check Point Mobile for Windows) vs Security Management Servers (without the Endpoint Policy Management blade):

Client \ Server R75.40
(sk67581)
R75.40VS
(sk76540)
R75.45
(sk82740)
R75.46
(sk90960)
R75.47
(sk93448)
R76
(sk91140)
R77
(sk92965)
R77.10
(sk97617)
R77.20
(sk101208)
R77.20.01
(sk105123)
R77.30
(sk104859)
R77.30.01
(sk108375
E80.41
(sk91181)
V V V V V V V V V V V V
E80.42
(sk95766)
V V V V V V V V V V V V
E80.50
(sk92971)
x x x x x x V V V V V V
E80.51
(sk101313)
x x x x x x V V V V V V
E80.60
(sk102651)
x x x x x x V x x V x V
E80.61
(sk105123)
x x x x x x x x x V x V
E80.62
(sk108375)
 x  x  x  x V V

 

(VII) Endpoint Security Server versions and supported Endpoint Security Client versions

Refer to sk107255 - Endpoint Security Server versions and supported Endpoint Security Client versions.

 

Applies To:
  • This SK replaces sk79361, sk36681, sk107983 (information was integrated).

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment