Index

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Accessing Applications

Accessing Endpoint Applications in Secure Workspace

Accessing Files and Applications on the Endpoint Computer

Accessing Native Applications

ActiveSync Applications

Add Application

Adding a New Application

Adding a Trusted Certificate Authority for Website Certification

Adding Downloaded-from-Gateway Endpoint Applications

Add-on Applications

admin_wizard

Advanced Approach: Configuring a Threshold Policy for the Portal, Hardened for Specific Applications

Advanced Configuration of SSO

Advanced Configuration of Web Form SSO

Advanced Gateway Configuration for Handheld Devices

Advanced Password Management Settings

Advanced Two-Factor Authentication Configuration

Allowing Users to Save Files to the "Real" Desktop

Alternative Portal Configuration

Alternative References to OWA

Android Configurations

Android End User Configuration

Anti-Spyware Application Rule

Anti-Virus and Anti-malware Blade

Anti-Virus Application Rule

Application and Client Support for SSO

Application Installed on Endpoint Machine

Application Requirements for Easy Configuration

Application Runs Via a Default Browser

Applications Downloaded-from-Gateway

Applications for Clientless Access

Applications on the Endpoint Computer

Applications Permitted by Secure Workspace

Assign Policies to Gateways and Applications

Assign the Native Application to the User Group

Authentication

Authorization

Authorization Example Scenario

Authorized Locations

Automatically Running Commands or Scripts

Automatically Starting the Application

Basic Approach: Configuring a Common Policy for the Portal and all Applications

Basic Configuration of Web Form SSO

Basic DynamicID Configuration for SMS or Email

Basic SmartDashboard Configuration of DynamicID

Basic SSO Configuration

Before Configuring Citrix Services

Browsing to Servers with Untrusted Server Certificates

Certificate Authentication for Handheld Devices

Certified Applications

Changing the SMS Provider Certificates and Protocol

Changing to an IPS Profile Configuration for Mobile Access

Check Point GO

Check Point Mobile for Android

Check Point Mobile for iPhone and iPad

Check Point Mobile for Windows

Check Point Mobile VPN for iOS Devices

Check Point Remote Access Solutions

Citrix Deployments Modes - Unticketed and Ticketed

Citrix Service — Link in Portal Page

Citrix Service — MetaFrame Servers Page

Citrix Service — Protection Level Page

Citrix Service — Single Sign On Page

Citrix Service — STA Servers Page

Citrix Service — Web Interface page

Citrix Services

Client Side Security Highlights

Client-Based vs. Clientless

Cloning a Template

Cluster Deployment

Common OWA problems

Commonly Used Concepts

Completing the Configuration of the Citrix Service

Completing the Configuration of the File Share Application

Completing the Configuration of the Web Application

Completing the Configuration of the Web Mail Service

Completing the Endpoint Compliance Configuration

Completing the Native Application Configuration

Concurrent Connections to the Gateway

Configure the Link to the Remote Desktop Application

Configure the Package Downloaded-from-Gateway Application

Configure the Remote Desktop Profile to Start Automatically

Configuring a Proxy per Web Application

Configuring a Secure Workspace Policy per Gateway

Configuring a Simple Native Application

Configuring Advanced Endpoint Compliance Settings

Configuring Advanced Secure Workspace Settings

Configuring Advanced Single Sign On

Configuring Allowed Save Locations

Configuring an Advanced Native Application

Configuring Applications by Vendor

Configuring Approved Applications

Configuring Authentication

Configuring Authorized Locations per User Group

Configuring Citrix Services

Configuring Connection Direction

Configuring Data Compression

Configuring DNS Name Objects

Configuring Downloaded-from-Gateway Endpoint Applications

Configuring Endpoint Compliance

Configuring Endpoint Compliance Logs

Configuring Endpoint Compliance Settings for Applications and Gateways

Configuring File Shares

Configuring HT

Configuring Login Settings

Configuring Mail Services

Configuring Mobile Access Policy

Configuring Mobile Access to Forward Customized HTTP Headers

Configuring Multiple Phone Numbers

Configuring Office Mode

Configuring Outbound Firewall Rules

Configuring Password Change After Expiration

Configuring Phone Numbers or Email Addresses in LDAP

Configuring Phone Numbers or Email Addresses on Each Security Gateway

Configuring Platform-Based Bypass Per OS

Configuring Platform-Based Bypass Per OS in Secure Workspace

Configuring PT

Configuring Resend Verification and Match Word

Configuring Simultaneous Login Prevention

Configuring SSL Network Extender Advanced Options

Configuring the Endpoint Application to Run Via a Default Browser

Configuring the FTP Client (Add-On Application)

Configuring the Jabber Client (Add-On Application)

Configuring the Link Translation Domain

Configuring the Number of Times Messages are Resent

Configuring the Phone Directory

Configuring the PuTTY Client (Add-On Application)

Configuring the Remote Desktop Client (Add-On Application)

Configuring the Secure Workspace Policy

Configuring the SSH Client (Certified Application)

Configuring the Telnet Client (Certified Application)

Configuring the TN3270 Client (Certified Application)

Configuring the TN5250 Client (Certified Application)

Configuring UT

Configuring VPN Clients

Configuring Web Applications

Configuring Web Content Caching

Connecting iPhone/iPad Clients to ActiveSync Applications

Country Code

Create a CAB Package from the Profile

Create the Remote Desktop Profile

Creating and Editing Mobile Profiles

Creating Client Certificates

Creating Endpoint Compliance Policies

Creating Templates for Certificate Distribution

Defining Protection Levels

Defining the DNS Server used by Mobile Access

deleteUserSettings

Deployment in the DMZ

Deployment Options

Disabling Client SSO

Disabling Internet Explorer Protected Mode

Disabling Protections for Advanced Troubleshooting

Discrepancies in the OWA Web Application Configuration

Display User Details

DNS Names

DNS Names and Aliases

Domino Web Access

Downloaded-from-Gateway Application Requirements

DynamicID Authentication Enforcement

DynamicID Message

DynamicID Settings

Enabling LDAP Contacts Search in Web Mail Applications

Enabling Secure Workspace

Encryption

Endpoint Application Types

Endpoint Compliance Enforcement

Endpoint Compliance Logs

Endpoint Compliance Policy Granularity

Endpoint Compliance Policy Rule Types

Endpoint Compliance Scanner

Endpoint Compliance Scanner End-User Experience

Endpoint Compliance Scanner End-User Workflow

Endpoint Compliance Updates

Endpoint Connect- Simultaneous Login Issues

Endpoint Security On Demand

Endpoint Security Suite

Endpoint Security VPN

Endpoint Security VPN for Mac

Ensuring the Link Appears in the End-User Browser

ESOD Bypass for Mobile Apps

Example Rules for Endpoint Compliance Policies

Example: Adding a New Microsoft Remote Desktop Profile

Example: Adding a New SSH Application

Exchange Mail Applications for Smartphones and Tablets

Excluding a Spyware Signature from a Scan

Exiting Secure Workspace

File Share Application - Authorized Locations Page

File Share Application — General Properties Page

File Share Application — Link in Portal Page

File Share Application — Protection Level Page

File Share Application — Single Sign-On Page

File Share Viewers

File Shares

Firewall Application Rule

First time Installation of ActiveX and Java Components

General Properties

Generating the Certificate Signing Request

Generating the P12 File

Generating Wildcard Certificates for Hostname Translation

Getting Logs from Android Clients

Getting Logs from iPhones or iPads

Getting Started with Mobile Access

HBA Problems

How DynamicID Works

How Mobile Access Applications Behave Upon Failover

How the Gateway Searches for Users

How to Automatically Map and Unmap a Network Drive

How to Automatically Run a Script (Batch File)

How Translated URLs Appear in a Browser

HTTP Based SSO

HTTP Based SSO Limitation

ics_updates_script

Incoming (IMAP) and Outgoing (SMTP) Mail Servers

Initial Setup

Installing the Signed Certificate

Instructions for End Users

Integration with Check Point Program Advisor

Interoperability with Other Software Blades

Introduction to Mobile Access

IP Pool Optional Parameters

iPhone and iPad Configuration

iPhone/iPad End User Configuration

IPS Blade

IPS Protections Crucial for Mobile Access

IPsec VPN Blade

Kerberos Authentication Support

Language Selection

Latency Overhead Problems

Launch SSL Network Extender Client

Link Translation

Link Translation Domain

Link Translation Issues

Link Translation Per Gateway or Per Application

listusers

Localization Features

Logging on to the Mobile Access Portal Using Secure Workspace

Making an Application Available in Application Mode

Managing Client Certificates

Managing Expired Passwords

Managing Mobile Settings

Manually Defining HTTP Post Details

Match Word

Mobile Access Applications

Mobile Access Blade Configuration and Settings

Mobile Access Client Support for SSO

Mobile Access Commands

Mobile Access for Smartphones and Tablets

Mobile Access Logging Issues

Mobile Access Management

Mobile Access Security Features

Mobile Access Web Portal

Mobile Access Wizard

Multiple Hosts and Services

Native Applications

Native Applications for Client-Based Access

Obtaining and Installing a Trusted Server Certificate

Obtaining the SMS Provider Credentials

Office Mode

OR Group of Rules

Other Simultaneous Login Issues

Outlook Web Access

Overview of Mobile Access for Smartphones and Tablets

OWA over SSL or OWA with Form Based Authentication Enabled

Passcode Profiles

Password Expiration Warning

Performing Manual Updates

Phone Number or Email Retrieval

Planning the Endpoint Compliance Policy

Platform-Based Bypass Per Protection Level

Platform-Based Bypass Per Protection Level in Secure Workspace

Policy Requirements for ActiveSync Applications

Portal Accessibility Settings

Portal Customization

Portal Protection Settings

Portal Settings

Preparing for Check Point Mobile

Preparing for Desktop Clients

Preparing for Mobile VPN

Preventing an Endpoint Compliance Scan Upon Every Login

Preventing Portal Access with Unsupported Browsers

Protection Levels

Protection Levels for Native Applications

Providing Secure Remote Access

Recommended Deployments

rehash_ca_bundle

Remote Access Solution Comparison

Requiring Certificates for Mobile Devices

Reuse TCP Connections

Revoking Certificates

Roaming

Sample Mobile Access Workflow

Saving File Attachments with OWA

Secure Connectivity and Endpoint Security

Secure Container Mail Applications

Secure Workspace

Secure Workspace End-User Experience

Secure Workspace Policy Overview

SecureClient Mobile - Simultaneous Login Issues

SecuRemote

Securing Authentication Credentials

Security Gateway Portals

Server Certificates

Server Side Security Highlights

Session

Session Settings

Session Timeout for Android Devices

Session Timeouts

Setting up the Mobile Access Portal

Signing In

Simple Deployment

Simultaneous Login Issues

Simultaneous Logins to the Portal

Single Sign On

Single Sign On Problems

Slow Network Problems

SmartDashboard Configuration of Link Translation

SmartDashboard Toolbar

SMS Authentication Granularity

Spyware Scan Rule

SSL Network Extender

SSL Network Extender Application Mode

SSL Network Extender in Secure Workspace

SSL Network Extender Network Mode

SSL Time-out Problems

Start Menu and Taskbar

Statically Obscuring DNS Host Names

Summary of Remote Access Options

Supported Application Mode Applications

Supported SSO Authentication Protocol

Switching Between Secure Workspace and the "Real" Desktop

System Specific Configuration

Testing Two-Factor Authentication

The SMS Service Provider

The Sticky Decision Function

Tracking

Tracking of Simultaneous Logins

Troubleshooting Authentication with OWA

Troubleshooting Authorization with OWA

Troubleshooting Citrix

Troubleshooting Citrix Checklist

Troubleshooting File Shares

Troubleshooting Mobile Access

Troubleshooting Outlook Web Access

Troubleshooting OWA Checklist

Troubleshooting Performance Issues in OWA

Troubleshooting Secure Workspace

Troubleshooting Security Restrictions in OWA

Troubleshooting Web Connectivity

Two-Factor Authentication for Certain Authentication Methods

Two-Factor Authentication per Application

Two-Factor Authentication per Gateway

Two-Factor Authentication with DynamicID

Types of Solutions

Unsupported Feature List

User Authentication in Mobile Access

User Authentication to the Mobile Access Portal

User Experience Settings

User Workflow for Mobile Access Portal

Using Endpoint Security On Demand with Unsupported Browsers

Using Mobile Access Clusters

Using Protection Levels

Using the $$user Variable in File Shares

Using the $$user Variable in Native Applications

Using the ICSInfo Tool

Using the Login Name of the Currently Logged in User

Very Advanced Approach: Configuring Individual Policies for Each Application

Viewing the Certificate

Web Application — Authorized Locations Page

Web Application — General Properties Page

Web Application — Link in Portal Page

Web Application — Link Translation Page

Web Application — Protection Level Page

Web Application Features

Web Applications

Web Applications of a Specific Type

Web Data Compression

Web Form Based SSO

Web Form Based SSO Limitations

Web Mail Service — General Properties Page

Web Mail Service — Link in Portal Page

Web Mail Service — Protection Level Page

Web Mail Service — Single Sign-On Page

Web Mail Services

Web Mail Services User Experience

Website Certificate Verification

Where DNS Name Objects are Used

Windows Security Rule

Working with Automatic Updates

Working with the Secure Workspace Virtual Desktop