What's New

New Features and Enhancements

E88.70 - Released on 30 September 2024

NEW: Added support for Endpoint Security on macOS 15 (Sequoia) as an EA (Early Availability) version.

E88.60 - Released on 26 August 2024

Enhancement: Blocking the browser Incognito mode in Chrome, Edge, Firefox, Brave using Management policy is now supported.

E88.50 - Released on 9 July 2024

Enhancement: Endpoint Security Clients now supports uploading CPInfo to Amazon Simple Storage Service (S3) through push operation and manually using the S3 application.

Enhancement: The Threat Hunting tool on macOS is now supported in the United Arab Emirates region.

E88.40 - Released on 19 June 2024

Enhancement: The Hardware Inventory feature is now enabled by default. This provides data about CPU specifications, Network details, Disk Usage statistics, and RAM utilization on Asset Management.

E88.30 - Released on 8 May 2024

Enhancement: Installation is now simplified. For non-MDM deployments, there are fewer privacy approvals for Full Disk Access.

Prior to E88.30, approvals for these Endpoint Security processes/apps were required: "cpamdApp", "cpdaApp", "cpefrd", "cpmedApp", "efr-mon-epsec", "cpted", "cpard", and "Check Point Application Control".

With E88.30, only one approval is needed: "Check Point Endpoint Security".

Note: MDM deployments can continue using the same provisioning profiles.

Enhancement: Browser extension status can now be viewed on the macOS platform for all supported browsers, similar to the functionality available on the Windows platform.

Support for macOS 10.15 (Catalina) is declared as "End of Engineering".

Starting from E88.30, new features will no longer include support for macOS 10.15. Any version released after September 30, 2024, will not be supported on macOS 10.15.

E88.21 - Released on 19 June 2024

This Hotfix complements the E88.20 release with important fixes. If you installed E88.20, we recommend upgrading to E88.21.

E88.20 - Released on 15 April 2024

Enhancement: Updated the Reconnect tool on the Harmony Endpoint Cloud Server. Refer to Harmony Endpoint EPMaaS Administration Guide > Reconnect Tool.

Enhancement: Improved ransomware detection.

E88.10 - Released on 4 March 2024

Enhancement: The Reconnect tool now supports the "--enter-password" option. The user is now prompted to securely enter the organization password. For more information, refer to Harmony Endpoint EPMaaS Administration Guide > Reconnect Tool.

Enhancement: Improved installation of the Media Encryption Offline Access tool:

  • Now installed as a macOS application bundle instead of an installer package (.pkg).

  • The installation process is now drag-and-drop from the mounted dmg to the Applications folder without requiring administrative privileges.

Enhancement: In E88.10, the "Anti-Bot" network extension is also unified into the "Check Point" network extension. For MDM deployments, only the Endpoint Security for macOS Firewall Network Filter.mobileconfig file is now needed.

Enhancement:

  • Improved CPU usage for the Firewall and Application Control Blade.

  • The new unified Network Extension uses less CPU time in all network flows.

Enhancement: The Media Encryption and Port Protection Blade now supports a new Server setting: "Use Port Protection without kernel extensions":

Port Protection can block USB devices with or without using a kernel extension.

Use of kernel extension is not recommended from the security perspective and requires explicit approval and reboot of the client machine during installation. See the Kernel Extensions section here. However, it does provide protection against additional activities performed at the kernel level, such as mobile phone charging. There are three options for this setting:

  • ON - Blocks the USB device without using the kernel extension.

  • OFF - Blocks the USB device using the kernel extension.

  • Default - The Port Protection Blade will not use kernel extension after a new installation but will continue to use an already approved kernel extension after an upgrade.

Enhancement: Kernel extensions are deprecated for Endpoint Security on Mac, eliminating the need for deployment steps previously associated with the Media Encryption and Port Protection blade. These steps, such as booting into recovery and adjusting security settings, are no longer necessary.

Enhancement: Added support for Offline File Reputation detection.

E88.00 - Released on 24 December 2023

Enhancement: Process Signer information is now included in the reported Threat Hunting events.
Enhancement: Logon events are now reported as part of Threat Hunting.

Enhancement:

  • Reduction of Network Extension approvals - the "Application Control" and "Firewall" network extensions are now unified into a new "Check Point" network extension.

  • The "Endpoint Security for macOS Application Control Network Filter.mobileconfig" file, used by MDMs, is no longer needed.

Enhancement:

  • Threat Emulation now supports both Detect and Prevent mode.

  • Threat Emulation now supports Disconnected mode.