In This Section: |
In today's business environment, it is clear that workers require remote access to sensitive information from a variety of locations and a variety of devices. Organizations must also make sure that their corporate network remains safe and that remote access does not become a weak point in their IT security.
All of Check Point's Remote Access solutions provide:
Factors to consider when choosing remote access solutions for your organization:
Check Point remote access solutions use IPsec and SSL encryption protocols to create secure connections. All Check Point clients can work through NAT devices, hotspots, and proxies in situations with complex topologies, such as airports or hotels. These are the types of installations for remote access solutions:
You can combine secure connectivity with additional features to protect the network or endpoint computers.
These solutions require licenses based on the number of users connected at the same time.
These solutions require licenses based on the number of clients installed.
Details of the newest version for each client and a link for more information are in sk67820.
SSL VPN Portal and Clients |
Supported Operating Systems |
Client or Clientless |
Encryption Protocol |
Security Verification for Endpoint Devices |
Desktop Firewall on Endpoint Devices |
IPv6 Support |
---|---|---|---|---|---|---|
Mobile Access Web Portal |
Windows, Linux, Mac OS, iOS, Android |
Clientless |
SSL |
|
R77.10 and higher |
|
SSL Network Extender for Mobile Access Blade |
Windows, Linux, Mac OS |
On demand Client through Mobile Access Portal) |
SSL |
|
|
|
Capsule Workspace for iOS (previously Mobile Enterprise) |
iOS |
Client |
SSL |
Jailbreak & Root Detection MDM Cooperative Enforcement (sk98201) |
|
R77.10 and higher |
Capsule Workspace for Android (previously Mobile Enterprise) |
Android |
Client |
SSL |
Jailbreak & Root Detection MDM Cooperative Enforcement (sk98201) |
|
R77.10 and higher |
Layer-3 VPN Tunnel Clients |
Supported Operating Systems |
Client or Clientless |
Encryption Protocol |
Security Verification for Endpoint Devices |
Desktop Firewall on Endpoint Devices |
IPv6 Support |
---|---|---|---|---|---|---|
Capsule Connect for iOS (previously Mobile VPN) |
iOS |
Client |
IPsec / SSL |
MDM Cooperative Enforcement (sk98201) |
|
|
Capsule VPN for Android (previously Mobile VPN) |
Android |
Client |
IPsec/SSL |
MDM Cooperative Enforcement (sk98201) |
|
|
Check Point VPN Plugin for Windows 8.1 |
Windows 8.1 |
Pre- installed client |
SSL |
|
|
|
Check Point Capsule VPN for Windows 10 |
Windows 10 |
Client |
SSL |
|
|
|
Check Point Mobile for Windows |
Windows |
Client |
IPsec |
|
|
Layer-3 VPN Tunnel Clients Integrated with Endpoint Security |
Supported Operating Systems |
Client or Clientless |
Encryption Protocol |
Security Verification for Endpoint Devices |
Desktop Firewall on Endpoint Devices |
IPv6 Support |
---|---|---|---|---|---|---|
Endpoint Security VPN for Windows |
Windows |
Client |
IPsec |
|
||
Endpoint Security VPN for Mac |
Mac OS |
Client |
IPsec |
|
|
|
Endpoint Security Suite Remote Access VPN Blade |
Windows, Mac OS |
Client |
IPsec |
|
Additional Remote Access Solutions |
Supported Operating Systems |
Client or Clientless |
Encryption Protocol |
Security Verification for Endpoint Devices |
Desktop Firewall on Endpoint Devices |
IPv6 Support |
---|---|---|---|---|---|---|
SecuRemote |
Windows |
Client |
IPsec |
|
|
|
Below is a summary of each Remote Access option that Check Point offers. All supply secure remote access to corporate resources, but each has different features and meets different organizational requirements.
Details of the newest version for each client and a link for more information are in sk67820.
SSL Network Extender is a thin SSL VPN on-demand client installed automatically on the user's machine through a web browser. It supplies access to all types of corporate resources.
SSL Network Extender has two modes:
Supported Platforms: Windows, Mac OS X, Linux
Supported Platforms - Windows
Required Licenses - Mobile Access Software Blade on the gateway
Where to Get the Client - Included with the Security Gateway. See sk67820.
Capsule Workspace for iOS is an SSL VPN client. It supplies secure connectivity and access to web-based corporate resources and Microsoft Exchange services. It also gives secure access to Capsule Docs protected documents. It was previously called Mobile Enterprise.
Capsule Workspace is ideal for mobile workers who have privately-owned smart phones or tablets. It protects only the business data inside the App and does not require device-level security measures, such as device-lock or device-wipe.
Required Licenses - Mobile Access Software Blade on the gateway and a mail license on the Security Management Server
Supported Platforms - iOS
Where to Get the Client - Apple App Store
Capsule Workspace for Android is an SSL VPN client. It supplies secure connectivity and access to web-based corporate resources and Microsoft Exchange services. It also gives secure access to Capsule Docs protected documents. It was previously called Mobile Enterprise.
Capsule Workspace for Android is ideal for mobile workers who have privately-owned smart phones or tablets. It protects only the business data inside the App and does not require device-level security measures, such as device-lock or device-wipe.
Required Licenses - Mobile Access Software Blade on the gateway
Supported Platforms - Android
Where to Get the Client - Google Play Store
Capsule Connect is a full L3 tunnel app that gives users network access to all mobile applications. It supplies secure connectivity and access to all types of corporate resources. It was previously called Mobile VPN.
Required Licenses - Mobile Access Software Blade on the gateway and a mail license on the Security Management Server
Supported Platforms - iOS 6.0 +
Where to Get the Client - Apple App Store
Capsule VPN for Android devices is an L3 VPN client. It supplies secure connectivity and access to corporate resources using L3 IPSec/SSL VPN Tunnel. It was previously called Mobile VPN.
Required Licenses - Mobile Access Software Blade on the gateway
Supported Platforms - Android 4 + (ICS+)
Where to Get the Client - Google Play Store
Check Point VPN Plugin for Windows 8.1 is an L3 VPN client. It supplies secure connectivity and access to corporate resources using L3 SSL VPN Tunnel.
Required Licenses - Mobile Access Software Blade on the gateway
Supported Platforms - Windows 8.1
Where to Get the Client - Pre-installed with Windows.
Check Point Capsule VPN for Windows 10 is an L3 VPN client. It supplies secure connectivity and access to corporate resources using L3 SSL VPN Tunnel.
Required Licenses - Mobile Access Software Blade on the gateway
Supported Platforms - Windows 10
Where to Get the Client - Microsoft Software & Apps store.
Check Point Mobile for Windows is an IPsec VPN client. It is best for medium to large enterprises that do not require an Endpoint Security policy.
The client gives computers:
Required Licenses - IPsec VPN and Mobile Access Software Blades on the gateway.
Supported Platforms - Windows
Where to Get the Client - Check Point Support Center - sk67820.
Endpoint Security VPN is an IPsec VPN client that replaces SecureClient. It is best for medium to large enterprises.
The client gives computers:
Required Licenses - The IPsec VPN Software Blade on the gateway, an Endpoint Container license, and an Endpoint VPN Software Blade license on the Security Management Server.
Supported Platforms - Windows
Where to Get the Client - Check Point Support Center - sk67820.
Note - Endpoint Security VPN on Mac OS X includes a Desktop Firewall but not Security Verification. |
Endpoint Security VPN combines Remote Access VPN with Endpoint Security in a client that is installed on endpoint computers. It is recommended for managed endpoints that require a simple and transparent remote access experience together with Desktop Firewall rules. It includes:
Required Licenses - The IPsec VPN Software Blade on the gateway, an Endpoint Container license, and an Endpoint VPN Software Blade license on the Security Management Server.
Supported Platforms for Users - Mac OS X
Where to Get the Client - Check Point Support Center - sk67820.
The Endpoint Security Suite simplifies endpoint security management by unifying all endpoint security capabilities in a single console. Optional Endpoint Security Software Blades include: Firewall, Compliance Full Disk Encryption, Media Encryption & Port Protection, and Anti- Malware & Program Control. As part of this solution, the Remote Access VPN Software Blade provides full, secure IPsec VPN connectivity.
The Endpoint Security suite is best for medium to large enterprises that want to manage the endpoint security of all of their endpoint computers in one unified console.
Required Licenses - Endpoint Security Container and Management licenses and an Endpoint VPN Software Blade on the Security Management Server.
Supported Platforms - Windows, Mac OS X
Where to Get the Client - Check Point Support Center - sk67820.
SecuRemote is a secure, but limited-function IPsec VPN client. It provides secure connectivity.
Required Licenses - IPsec VPN Software Blade on the gateway. It is a free client and does not require additional licenses.
Supported Platforms - Windows
Where to Get the Client - Check Point Support Center - sk67820.