Capabilities of Offline Endpoint Security Client

This table shows the status of capabilities when the Endpoint Security ClientClosed Application installed on end-user computers to monitor security status and enforce security policies. is offline, that is, when it is not connected to the Management ServerClosed Check Point Single-Domain Security Management Server or a Multi-Domain Security Management Server..

Capability

Does it work offline?

Comments

Anti-MalwareClosed A component on Endpoint Security Windows clients. This component protects clients from known and unknown viruses, worms, Trojan horses, adware, and keystroke loggers.

Yes

Signatures are not updated.

Anti-BotClosed Check Point Software Blade on a Security Gateway that blocks botnet behavior and communication to Command and Control (C&C) centers. Acronyms: AB, ABOT. and URL FilteringClosed Check Point Software Blade on a Security Gateway that allows granular control over which web sites can be accessed by a given group of users, computers or networks. Acronym: URLF.

No

-

Anti-Ransomware, Behavioral Guard, and Forensics

Yes

  • Signatures are not updated.

  • The data is not uploaded to Threat Hunting.

  • The forensic report is not uploaded.

Threat EmulationClosed Check Point Software Blade on a Security Gateway that monitors the behavior of files in a sandbox to determine whether or not they are malicious. Acronym: TE. and Anti-Exploit

Yes, with the use of a local appliance.

Communication with the Threat Emulation cloud service is blocked.
Remote Access VPNClosed An encryption tunnel between a Security Gateway and Remote Access clients. Provides secure, seamless access to corporate networks remotely, over IPsec VPN. No

-
ComplianceClosed Check Point Software Blade on a Management Server to view and apply the Security Best Practices to the managed Security Gateways. This Software Blade includes a library of Check Point-defined Security Best Practices to use as a baseline for good Security Gateway and Policy configuration. and Posture Yes

  • The database of vulnerabilities is not updated.

  • Not supported if the client has pre-defined rules that require web access.
Firewall and Application ControlClosed A component on Endpoint Security Windows clients. This component: (1) Defines the topology of the organizational network, separating it into Trusted and Internet domains (2) Blocks or allows network traffic based on attributes of network connections (3) Controls network access on a per-application basis, letting you restrict application access by zone and direction. Yes

-
Media Encryption and Port Protection Yes

Passwords are not updated if the Management Server is not on the same network.
Full Disk EncryptionClosed A component on Endpoint Security Windows clients. This component combines Pre-boot protection, boot authentication, and strong encryption to make sure that only authorized users are given access to information stored on desktops and laptops. Acronym: FDE. Yes

  • Self-unlock is not supported if the Management Server is not on the same network.

  • Passwords are not updated if the Management Server is not on the same network.