Client Requirements

This section shows the requirements for Endpoint Security clients.

Supported Client Operating Systems

Microsoft Windows

Version

Editions

Architecture

SPs or Updates

Supported Features

11 21H2

10 21H2

10 21H1 (version 2103)

10 20H2 (version 2009)

10 20H1 (version 2004)

10 19H2 (version 1909)

10 19H1 (version 1903)

10 LTSC (version 1809)

10 (version 1809)

10 (version 1803)

10 (version 1709)

10 LTSB (version 1607)

Enterprise
Pro

32/64-bit

 

All

8.1

Enterprise
Pro

32/64-bit

Update 1

All

7

Enterprise
Professional

32/64-bit

SP1
Microsoft update KB3033929

All

Microsoft Windows Server

Version

Editions

Architecture

SPs or Updates

Supported Features

2022

All

64-bit

 

Compliance, Anti-Malware, Firewall, Application Control, Forensics, Anti-Ransomware, Anti-Bot, Threat Emulation, Capsule Docs (Standalone Client), Media Encryption and Port Protection.

2019

All

64-bit

 

Compliance, Anti-Malware, Firewall, Application Control, Forensics, Anti-Ransomware, Anti-Bot, Threat Emulation, Capsule Docs (Standalone Client), Media Encryption and Port Protection.

2016

All

64-bit

 

Compliance, Anti-Malware, Firewall, Application Control, Forensics, Anti-Ransomware, Anti-Bot, Threat Emulation, Capsule Docs (Standalone Client).

2012

All

64-bit

 

Compliance, Anti-Malware, Firewall, Application Control, Forensics, Anti-Ransomware, Anti-Bot, Threat Emulation, Capsule Docs (Standalone Client)

2012 R2

All

64-bit

 

Compliance, Anti-Malware, Firewall, Application Control, Forensics, Anti-Ransomware, Anti-Bot, Threat Emulation, Capsule Docs (Standalone Client)

2008 R2

All

32/64-bit

Microsoft update KB3033929

Compliance, Anti-Malware, Firewall, Application Control, Forensics, Anti-Ransomware, Anti-Bot, Threat Emulation, Capsule Docs (Standalone Client)

Notes:

  • To support Endpoint Compliance rules for Windows Server 2016 on versions older than R80.20, see sk122136.

  • Windows Server CORE is not supported.

VMware ESXi

Version

Supported Features

5.1, 5.5, 6.0

All, except: Full Disk Encryption and Media Encryption & Port Protection

Note - If you install a client package with features that are not supported on the server, the installation succeeds but only the supported features are installed.

Supported Harmony Endpoint Browser Extension for Windows

Harmony Endpoint Browser Extension for Windows clients browsers support:

 

Chrome

Microsoft Edge (Chromium)

Firefox

Internet Explorer

File Download Protection

Credential Theft protection including Zero-Phishing and Corporate-password-reuse protection

URL Filtering (for Web Management users only)

Note - Activation of the extension on Firefox ESR requires the user's manual approval.

Supported Languages for Endpoint Security Clients

The Endpoint Security client is available in these languages:

  • English

  • German

  • Polish

  • Czech

  • Greek

  • Italian

  • Russian

  • French

  • Japanese

  • Spanish

  • Portuguese

Client Hardware Requirements

The minimum hardware requirements for client computers to run the Total Endpoint Security Package are:

  • 2 GB RAM

  • 2 GB free disk space

The recommended hardware requirements for client computers to run the Total Endpoint Security Package are:

  • 8 GB RAM

  • 6 GB free disk space

Full Disk Encryption Requirements

This section applies to Check Point Full Disk Encryption and not BitLocker Management.

Full Disk Encryption clients must have:

  • 32MB of continuous free space on the client's system volume

Note - During deployment of Full Disk Encryption on the client, the Full Disk Encryption service automatically defragments the volume to create the 32MB of continuous free space, and suspends the Windows hibernation feature while the disk is being encrypted.

Clients must NOT have:

  • RAID.

  • Partitions that are part of stripe or volume sets.

  • Hybrid Drive or equivalent Drive Cache Technologies. See sk107381.

  • The root directory that is compressed (compressed sub-directories of the root directory are supported).

UEFI Requirements

The new UEFI firmware that replaces BIOS on some computers contains new functionality that is used by Full Disk Encryption.

Full Disk Encryption in UEFI mode requirements are:

  • Windows 11

  • Windows 10 32/64-bit

  • Windows 8.1 Update 1 32/64-bit

  • Windows 7 64-bit

Unlock on LAN Requirements

  • Mac OS - On Mac, you can use Unlock on LAN on computers that are shipped with OS X Lion or higher. You can use Unlock on LAN with some earlier computers, if a firmware update is applied to the computer.

  • Windows - On Windows, you can use Unlock on LAN on computers that support UEFI Network Protocol. UEFI Network Protocol is on Windows 8, Windows 10 or Windows 11 logo certified computers that have a built in Ethernet port. The computer must be running Windows 8, Windows 10 or Windows 11 in native UEFI mode and Compatibility Module Support (CSM) must not be enabled. On some computers, UEFI Network support must be manually enabled in the BIOS setup.

For troubleshooting the UEFI network connectivity issues, see sk93709.

UEFI "Absolute Pointer" Keyboard-less Tablet Touch Requirements

Support for Pre-boot touch input on tablets (64-bit) requires:

  • A Windows 8, Windows 10 or Windows 11 logo certified computer

  • The UEFI firmware must implement the UEFI Absolute Pointer protocol

See sk93032 for information about touch support on your device.

Self-Encrypting Drives (SED)

You can use Self-Encrypting Drives with Full Disk Encryption.

The requirements are:

  • Supported Windows versions in UEFI mode

  • UEFI firmware that implements the UEFI ATA Pass-through protocol or the UEFI Security Command Protocol

  • TCG Opal compliant drives version 1.0 or 2.0

See sk108092 for a list of drives explicitly tested by Check Point.

See sk93345 for information about compatibility of a UEFI computer with SED Opal encryption for Check Point Full Disk Encryption.

Support for TPM

The TPM is used to enhance security by measuring integrity of Pre-boot components. To use TPM, you must enable it in the Full Disk Encryption policy.

This system requirement applies:

  • TPM hardware, based on specification 1.2 or 2.0

Media Encryption & Port Protection Support

Storage Devices:

  • USB Devices

  • eSATA devices

  • CD/DVD devices

  • SD cards

Capsule Docs Supported Applications

After Capsule Docs clients are installed, they operate in all supported applications.

The supported applications are:

  • Microsoft Office - Supported versions are described in sk157772

  • Adobe Reader DC