Support Center > Search Results > SecureKnowledge Details
Enterprise Endpoint Security E80.96 Windows Clients Technical Level
Solution

Table of Contents:

  • In a Nutshell
  • What's New in E80.96
  • Endpoint Security Clients Downloads
  • Standalone Clients Downloads
  • Endpoint Security Server Downloads
  • Management Console Downloads
  • Utilities/Services Downloads
  • Known Limitations
  • Documentation and Related SecureKnowledge Articles
  • Revision History

 Endpoint Security Homepage is now available.

Important: This version is no longer supported and is expired as of 1-Jan-2021. Follow instructions in sk171213

Notes:

  • To support SmartLog or SmartView Tracker reporting with Endpoint Security Clients for all supported servers (except R80.20), you must update the log schema. Follow instructions in sk106662.
  • Starting in E80.85, anonymized incident related data is sent to Check Point ThreatCloud, by default. To learn more see sk129753.
  • Important: Download SmartConsole with the E80.92 client to avoid "signature verification failed" messages when uploading the client to the SmartConsole.
  • The relevant links to downloads are located in the relevant section, i.e., Endpoint Security Server, Management Console, Endpoint Security Clients, Standalone Clients, Utilities/Services.
  • The relevant links to documentation are located in the "Documentation" section.
  • It is strongly recommended that you read the E80.96 Endpoint Security Client Release Notes, before installing this release.
  • This release includes all limitations of earlier releases unless explicitly shown as resolved.
  • For E80.89 releases for Mac: Refer to sk131152 - Enterprise Endpoint Security E80.89 Mac Clients.
Click Here to Show the Entire Article

In a Nutshell

Item Description Link
Managed Client E80.96 Endpoint Security Clients for Windows OS
VPN Standalone Client

E80.96 Remote Access Clients for Windows

Capsule Docs E80.96 Capsule Docs Standalone Client
Documentation E80.96 Endpoint Security Client for Windows Release Notes  

What's New in E80.96

Show / Hide this section

Enhancements

  • Anti-Malware
    • Resolves a rare issue where Anti-Malware protection does not run after an upgrade.
    • Fixes an issue where Anti-Malware shows an incorrect status in UI, in some cases. (This is only relevant to the E2 package.)
    • Fixes an issue where sometimes the OfflineUpdater tool fails to update the signatures database on the client side. 
  • Capsule Docs 
    • Fixes an issue that may cause a failure in an upgrade, or in an uninstall process. 
  • Anti-Ransomware, Behavioral Guard and Forensics
    • The latest version of the Anti-Ransomware Honeypots are now correctly installed when upgrading from previous versions.
    • Anti-Ransomware Honeypots no longer stop working if they receive a second Anti-Ransomware policy update.
    • Disabling Forensics now correctly disables Anti-Ransomware completely, including removing all Anti-Ransomware Honeypot files.
    • Fixes an issue where Process information is corrupted before being inserted into the Forensics Database. With the fix, the number of instances of unknown processes in a Forensics report is dramatically reduced.
    • Fixes a rare case where the last received Forensics, Anti-Ransomware and Behavioral Guard policies are not saved and used, when the client cannot connect to the Management Server.
    • Fixes a rare crash in Forensics, when receiving policy before the full Forensics initialization is complete.
    • Fixes an issue where certain exclusions for Anti-Ransomware are not enforced, if the user logs in before the full service initialization is complete. 
  • Threat Emulation and Anti-Exploit
    • Resolves an issue where, in some cases, Threat Emulation may not deploy the SBA4B Chrome extension if a user has other (non-Check Point) extensions.
    • Makes sure that Threat Emulation avoids a crash when the database is very large.
    • Anti-Exploit now turns off completely when used with a third party Anti-Virus. Check Point's Anti-Malware will not cause Anti-Exploit to disable.
    • Fixes a very rare issue where Anti-Exploit does not completely parse the policy from the Management.
  • Install / Uninstall
    • Fixes a rare case where an unrequired reboot occurs after upgrade.
    • Resolves a rare issue where a crash happens on an uninstall and upgrade.
    • Changes the upgrade retry frequency and removes unnecessary user interface popups.
    • Removes a "Validation failed" message that is displayed in error, during an upgrade from an old version.
    • Updates the list of supported Windows 10 versions in Compliance blade to include versions 1809 and 1803.  
  •    Infrastructure
    • Fixes an issue where the Full Disk Encryption policy is sometimes not updated. 
    • Improves the security of the client when using hard linked files.
      • CVE-2019-8452: Prior to Check Point Endpoint Security Client for Windows E80.96, a hard-link from the log file archive to any file on the system changes permission so that all users can access the linked file. Doing this on files with limited access gains the local attacker higher privileges to the file.
      • CVE-2019-8454: Prior to Check Point Endpoint Security Client for Windows E80.96, a local attacker could create a hard-link between a file to which Endpoint Security Client for Windows writes and another BAT file. Then, by impersonating the WPAD server, the attacker could write BAT commands into that file to be run later by the user or the system.  
  • General
    • Reduces end-user popups and notifications to the items that require user knowledge or intervention.      

    Endpoint Security Clients Downloads

    Show / Hide this section
    Important:
      • Starting from E80.85, SandBlast Agent improves coverage of malicious threats by sending anonymized Incident related data to the Check Point Threat Cloud. This feature is turned on by default. For more information, including how to disable this feature, refer to sk129753.

    • To support SmartLog or SmartView Tracker reporting with Endpoint Security Clients for all supported servers (except R80.20), you must update the log schema. Follow instructions in sk106662.

    Endpoint Security E80.96 Clients

    Platform Package Description Link
    Windows E80.96 Endpoint Security Clients for Windows OS (Recommended) A zip file that contains all package permutations listed below.
    E80.96 Complete Endpoint Security Client for 32 bit systems
    A package for 32bit devices that includes Endpoint Complete package:
    • Desktop FW and Application Control
    • Anti-Malware
    • Forensics and Anti-Ransomware
    • URL Filtering
    • Anti-Bot
    • Threat Emulation
    • Media Encryption and Port Protection
    • Full Disk Encryption
    • Compliance
    • Remote Access VPN
    • Capsule Docs 
    E80.96 Complete Endpoint Security Client for 64 bit systems
    A package for 64bit devices that includes Endpoint Complete package:
    • Desktop FW and Application Control
    • Anti-Malware
    • Forensics and Anti-Ransomware
    • URL Filtering
    • Anti-Bot
    • Threat Emulation
    • Media Encryption and Port Protection
    • Full Disk Encryption
    • Compliance
    • Remote Access VPN
    • Capsule Docs 
    E80.96 Complete Endpoint Security Client without Anti-Malware for 32 bit systems
    A package for 32bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
    • Desktop FW and Application Control
    • Forensics and Anti-Ransomware
    • URL Filtering
    • Anti-Bot
    • Threat Emulation
    • Media Encryption and Port Protection
    • Full Disk Encryption
    • Compliance
    • Remote Access VPN
    • Capsule Docs 
    E80.96 Complete Endpoint Security Client without Anti-Malware for 64 bit systems
    A package for 64bit devices that includes Endpoint Complete package with the exception of Anti-Malware:
    • Desktop FW and Application Control
    • Forensics and Anti-Ransomware
    • URL Filtering
    • Anti-Bot
    • Threat Emulation
    • Media Encryption and Port Protection
    • Full Disk Encryption
    • Compliance
    • Remote Access VPN
    • Capsule Docs 
    E80.96 SandBlast Agent Client for 32 bit systems
    SandBlast Agent package for 32bit devices:
    • Forensics and Anti-Ransomware
    • Anti-Bot
    • Threat Emulation
    E80.96 SandBlast Agent Client for 64 bit systems
    SandBlast Agent package for 64bit devices:
    • Forensics and Anti-Ransomware
    • Anti-Bot
    • Threat Emulation
    E80.96 Full Disk Encryption and Media Encryption and Port Protection client for 32 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 32 bit systems
    E80.96 Full Disk Encryption and Media Encryption and Port Protection client for 64 bit systems Full Disk Encryption and Media Encryption and Port Protection package for 64 bit systems 
    E80.96 Initial client Initial client is a very thin client without any blade used for software deployment purposes.

    Standalone Clients Downloads

    Show / Hide this section
    Note: These Standalone clients do not require Endpoint Security Server installation as part of their deployment.

    E80.96 Standalone Clients

    Platform Package Description Link
    Windows E80.96 Remote Access Clients for Windows Remote Access VPN Client for SmartConsole-managed clients
    E80.96 Remote Access VPN Clients - Automatic Upgrade file Remote Access VPN Client for automatic upgrade through the gateway. For SmartConsole-managed clients only.
    E80.96 Remote Access VPN Clients for ATM Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface.  
    E80.96 Remote Access VPN Clients for ATM - Automatic Upgrade file Unattended Remote Access VPN clients, managed with CLI and API and do not have a User interface for automatic upgrade through the gateway. For SmartConsole-managed clients only.
    E80.96 Capsule Docs Standalone Client Capsule Docs package for environments that are managed by Capsule Docs Cloud Service.
    Capsule Docs PC Viewer Check Point Capsule Docs Viewer is a stand-alone client that lets you view documents that were protected through Capsule Docs. Get from: Capsule Docs Portal

    Endpoint Security Server Downloads

    Show / Hide this section

    Note: In order to download some of the packages you will need to have a Software Subscription or Active Support plan.

    The packages provided below are Legacy CLI packages (not CPUSE packages).
     

    R77.30.03

    Clean installation and In-Place Upgrade

    • Before installing the hotfixes, you need R77.30 to be installed and to update CPUSE (sk92449) to the latest build.
    • You must install the R77.30 Jumbo Hotfix for Endpoint Security Server before you install the Endpoint Security Server Package for Gaia OS.
    Order of Installation Package Link
    1 R77.30 Jumbo Hotfix for Endpoint Security Server (TGZ)
    2 R77.30.03 Endpoint Security Server Package for Gaia OS (TGZ)

    R80.20

     

    Endpoint Security Server Package Link
    R80.20 Endpoint Security Server R80.20  (ISO)

    Management Console Downloads

    Show / Hide this section

    Management Console for Endpoint Security Server

    The SmartConsole for Endpoint Security Server allows the Administrator to connect to the Endpoint Security Server and to manage the new Endpoint Security Software Blades.

    Latest Versions

    Endpoint Security Server Package Link
    R77.30.03 SmartConsole for Endpoint Security Server R77.30.03 (EXE)
    R80.20 SmartConsole for Endpoint Security Server R80.20 sk137593

    Previous Versions

    Endpoint Security Server Package Link
    R77.30 SmartConsole for Endpoint Security Server R77.30  (EXE)
    R80.10 SmartConsole for Endpoint Security Server R80.10 (EXE)
    R77.30 EP6.5 SmartConsole for Endpoint Security Server R77.30 EP6.5 (EXE)
    R77.20 EP6.2 SmartConsole for Endpoint Security Server R77.20 EP6.2 (EXE)

    Utilities/Services Downloads

    Show / Hide this section
    Utilities

    Platform Package Description Link
    Windows SandBlast Agent Remediation Manager for Administrators

    The administrator utility contains the capabilities of the end-user utility plus these additional features:

    • Quarantine - Send files to quarantine. 
    • Delete - Use the SandBlast Agent remediation service to delete a file. 
    • Import - Import a quarantined file from a different computer or location. Get the administrator utility from the release homepage
    Capsule Docs Bulk Protection Services for Windows-based Servers and Workstations Capsule Docs Bulk Protection lets you manage file protection settings based on file locations and properties. 
    R77.30 DLP Gateway HF for Content-aware Capsule Docs protection (Mail attachments / Network locations)  

    For more information about Capsule Docs Bulk Protection, refer to Capsule Docs Bulk Protection Services Reference Guide.

    Full Disk Encryption Offline Management Tool

    Platform Package Description Link
    Windows Full Disk Encryption Offline Management Tool The Endpoint Offline Management Tool lets administrators manage offline mode users and give them password recovery and disk recovery.
    Windows Full Disk Encryption Offline Management Tool (Japanese) The Endpoint Offline Management Tool lets administrators manage offline mode users and give them password recovery and disk recovery.

    Known Limitations

    Show / Hide this section
    Issue ID Description
    EPS-20447

    Microsoft VPN and Direct Access do not work when the Anti-Malware blade is installed.

    ESVPN-1212 Hotspot registration is not supported before logon to Windows (with Secure Domain Logon).
    Show / Hide this section      
    Document
    Endpoint Security Server
    R77.30.03 Management Endpoint Security Release Notes 
    R77.30.03 Endpoint Security Management Administration Guide
    R80.20 Release Notes
    Endpoint Security Clients
    E80.85 and higher Endpoint Security Client for Windows User Guide
    E80.96 Endpoint Security Client for Windows Release Notes
    Remote Access VPN Clients
    E80.96 Remote Access Clients for Windows Release Notes
    E80.72 and higher Remote Access Clients for Windows Administration Guide
    Capsule Docs Client
    E80.72 and higher Capsule Docs Plugin User Guide
    Check Point Capsule Docs Viewer User Guide: Get from: Capsule Docs Portal
    Capsule Docs Bulk Protection Services
    Capsule Docs Bulk Protection Guide

    Revision History

    Show / Hide this section
    Date Description
    15 July 2019 Link to Maintrain Release map was replaced
    16 Apr 2019 First release of this document.
    This solution is about products that are no longer supported and it will not be updated

    Give us Feedback
    Please rate this document
    [1=Worst,5=Best]
    Comment