Support Center > Search Results > SecureKnowledge Details
Endpoint Security Client E80.41 Known Limitations
Solution

This article lists all of the known limitations of Endpoint Security Clients E80.41.

This is a live document that may be updated without special notice. We recommend registering to our weekly updates in order to stay up to date. To register go to UserCenter > My Profile > My Subscriptions.

Important notes:

For more information on Endpoint Security Clients E80.41, refer to sk91181 (Endpoint Security Clients E80.41) and sk91184 (Endpoint Security Client E80.41 for Mac Resolved Issues).

Visit our discussion forums to ask questions and get answers from technical peers and Support experts.
Popular forums:

 

Table of Contents

  • Endpoint Security E80.41 Clients for Windows
    • Windows 8
    • Installation
    • Full Disk Encryption and User Authentication
    • WebCheck
    • Media Encryption
    • Anti-Malware
  • Remote Access VPN E80.41 Clients for Windows
  • Endpoint Security E80.41 Clients for Mac OS X
  • Remote Access VPN E80.41 Clients for Mac OS X
    • Open Directory
    • Proxy configuration file (PAC)
    • Check Point Password complexity rules
    • Single Sign-On
    • Full Disk Encryption

 

Endpoint Security E80.41 Clients for Windows

ID Symptoms
Windows 8
- The Check Point Endpoint Security Client UI cannot run as a Windows 8 "Windows Store application" due to limitations of the Operating System. Users working in the Windows 8 UI, will be directed to the Desktop UI when action is required for Endpoint Security enforcement.
01077197 Toast notification messages do not always show the correct status of the Software Blades.
01072546

Proxy replacement for Windows Store Apps might not work properly. Updates using Desktop applications do not affect Windows Store Apps.

A possible workaround is:

1. Press Win + X and select the Command Prompt,as Administrator.

2. Enter  Netsh winhttp import proxy source=ie.

3. Close the Command prompt and restart your computer.

Check Point is working with Microsoft to resolve this.
Installation
01052379 When installing the client package on a Windows 8 computer, run the package from an elevated command prompt (Run as administrator), and not by double-clicking.
Full Disk Encryption and User Authentication
00671767 The Smart Card authentication method is not supported on UEFI enabled computers. This is because the server cannot deploy UEFI Smart Card Drivers to clients.
00672066 On Dell E6530 with UEFI mode enabled, an external USB mouse does not work correctly. Onboard touchpad and external/onboard keyboard work correctly.
00671887 When you use a USB device for Full Disk Encryption recovery media, it uses multiple partitions on the USB device, which is not supported in Windows Disk Manager. If you want to use the USB device for another purpose after recovery, you can:
  • Reformat the single Full Disk Encryption partition (approximately 1.4 MB).
  • Use the Windows command line utility, DiskPart, and run the "clean" command to erase the entire USB drive. Then you can create new partitions.
- MultiMediaCard (MMC) memory cards are not supported by Endpoint Full Disk Encryption. Refer to sk92708.
01156316 No warning message is displayed for approaching client certificate expiration. Upon expiration, client certificate is renewed automatically. Refer to sk93004.
00672626,
00672910,
00672741,
00672655
Keyboard locks up on PC with E80.41 FDE, when user tries to access Windows OS Advanced Boot Options menu by pressing F8. Refer to sk93370.
WebCheck
01074916 WebCheck cannot work with browsers running in the Windows 8 Start Screen. This is a limitation of the Operating System itself.
01077695 The WebCheck Blade is not compatible with Norton Internet Security.
00926048 In Windows 7 and Windows 8, if a user opens PDF files directly in the browser with the Adobe plugin, an error shows and the PDF does not open.
01097570 In Windows 8, the View Downloads window does not open in Internet Explorer 10.
00926020 In Windows 8, all cookies are deleted when a user closes a webpage. As a result, users are logged out of websites they were logged in to.
00925611 In Windows 8, if users are in the WebCheck protected browser (they are browsing in untrusted locations), they cannot download files.
Media Encryption
00933214 If a Media Encryption rule is set to Force encryption on business related data, a maximum of 1000 objects per directory can be copied to non-encrypted storage. Each file, or subdirectory, is counted as an object.
01072549 Encryption of Business Related data is enforced for file operations generated by Windows Explorer only. File operations generated by other applications, including Windows Store Apps such as MyExplorer and Bing Wallpaper, are blocked, regardless of the file type. Users might get different error messages, depending on the application in use.
01090372 Media Encryption enforcement considers mobile devices, such as SmartPhones and Tablets, whose device class is different than DiskDrive, as peripheral devices. Therefore, you must configure enforcement for such devices from the Peripheral Device Access action in the Media Encryption policy. The Storage Devices Read Access action and Storage Devices Write Access action do not apply to these devices.
Anti-Malware
01074694 Riskware applications tagged by Anti-Malware engine as "not-a-virus" are not detected as threats by the Anti-Malware Blade. If you want to detect riskware applications, open a support ticket and you will get a special hotfix (based on a similar hotfix for E80.40 described in sk89760).

 

Remote Access VPN E80.41 Clients for Windows

ID Symptoms
Remote Access VPN
01072555 Compliance and SCV (the ProcessMonitor plugin) cannot enforce required or restricted applications rules on Windows 8 apps.
01066439 Some Windows 8 store applications do not work correctly with the "Route all traffic" feature, also known as Hub Mode. These applications do not recognize the Internet connection and appear off-line. The applications include: Bing, Store, Weather, and Finance.

The "Route all traffic" feature works as expected for desktop applications and some Windows Store applications, like Internet Explorer.

Check Point is working with Microsoft to resolve this.
01072546 Proxy replacement for Windows Store Apps might not work properly. Updates using Desktop applications do not affect Windows Store Apps. A possible workaround is to import WinHTTP proxy settings from Internet Explorer:
  1. Press Win + X keys and select the Command Prompt, as Administrator.
  2. Type this command and press Enter: netsh winhttp import proxy source=ie
  3. Close the Command prompt and restart your computer.
Check Point is working with Microsoft to resolve this.
01165788 Memory leak in TrDownloadClSettingStep::Run

 

Endpoint Security E80.41 Client for Mac OS X

There are no new limitations. For known limitations of previous releases, see sk82101 (Endpoint Security E80.40 Known Limitations) - Mac Clients Only

 

Remote Access VPN E80.41 Client for Mac OS X

ID Symptoms
Open Directory
00671876 User acquisition of Open Directory users is not supported.
Proxy configuration file (PAC)
01072199 Automatic Proxy configuration file (PAC) is not supported (CPDA does not support detection of a PAC file with Proxy setting).
Check Point Password complexity rules
01066793 Check Point Password complexity rules (e.g., "must contain uppercase characters") are not enforced when changing passwords in Mac OS X (during password sync from Mac OS X to Pre-boot).
Single Sign-On
00671993 Single Sign-On has these limitations on Mac clients:
  • Password change in the Preboot breaks the SSO chain.
Therefore, these policy settings are recommended for rules that apply to Mac clients:
  • One Check Policy Logon Settings - Do not Allow user to change his credentials from the endpoint client.
  • One Check Policy Logon Settings - Update preboot password upon OS password change.
Full Disk Encryption
00672028 Full Disk Encryption Blade on Endpoint Security E80.41 for Mac does not support encryption of multiple disks.
00672045 The Media Encryption Offline Access utility is not supported on computers with Full Disk Encryption for Mac 3.x.
00671951 Mac computers with Apple Fusion drives are not supported by the Full Disk Encryption blade. If you attempt to install the Full Disk Encryption blade on such systems, installation will fail.
   
This solution is about products that are no longer supported and it will not be updated

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment