Print Download PDF Send Feedback

Previous

Next

Check Point Remote Access Solutions

In This Section:

Secure Remote Access

Types of Solutions

Remote Access Solution Comparison

Summary of Remote Access Options

Secure Remote Access

In today's business environment, it is clear that workers require remote access to sensitive information from a variety of locations and a variety of devices. Organizations must also make sure that their corporate network remains safe and that remote access does not become a weak point in their IT security.

Types of Solutions

All of Check Point's Remote Access solutions provide:

Factors to consider when choosing remote access solutions for your organization:

Client-Based vs. Clientless

Check Point remote access solutions use IPsec and SSL encryption protocols to create secure connections. All Check Point clients can work through NAT devices, hotspots, and proxies in situations with complex topologies, such as airports or hotels. These are the types of installations for remote access solutions:

Secure Connectivity and Endpoint Security

You can combine secure connectivity with additional features to protect the network or endpoint computers.

Remote Access Solution Comparison

Details of the newest version for each client and a link for more information are in sk67820.

SSL VPN Portal and Clients

Supported Operating Systems

Client or Clientless

Encryption Protocol

Security Verification for Endpoint Devices

Desktop Firewall on Endpoint Devices

IPv6 Support

Mobile Access Web Portal

Windows, Linux, Mac OS, iOS, Android

Clientless

SSL

 

R77.10 and higher

SSL Network Extender for Mobile Access Blade

Windows, Linux, Mac OS

On demand Client through Mobile Access Portal)

SSL

 

 

Capsule Workspace for iOS

(previously Mobile Enterprise)

iOS

Client

SSL

Jailbreak & Root Detection

MDM Cooperative Enforcement (sk98201)

 

R77.10 and higher

Capsule Workspace for Android

(previously Mobile Enterprise)

Android

Client

SSL

Jailbreak & Root Detection

MDM Cooperative Enforcement (sk98201)

 

R77.10 and higher

Layer-3 VPN Tunnel Clients

Supported Operating Systems

Client or Clientless

Encryption Protocol

Security Verification for Endpoint Devices

Desktop Firewall on Endpoint Devices

IPv6 Support

Capsule Connect for iOS

(previously Mobile VPN)

iOS

Client

IPsec / SSL

MDM Cooperative Enforcement (sk98201)

 

 

Capsule VPN for Android

(previously Mobile VPN)

Android

Client

IPsec/SSL

MDM Cooperative Enforcement (sk98201)

 

 

Check Point VPN Plugin for Windows 8.1

Windows 8.1

Pre- installed client

SSL

 

 

 

Check Point Capsule VPN for Windows 10

Windows 10

Client

SSL

 

 

 

Check Point Mobile for Windows

Windows

Client

IPsec

 

 

Layer-3 VPN Tunnel Clients Integrated with Endpoint Security

Supported Operating Systems

Client or Clientless

Encryption Protocol

Security Verification for Endpoint Devices

Desktop Firewall on Endpoint Devices

IPv6 Support

Endpoint Security VPN for Windows

Windows

Client

IPsec

 

Endpoint Security VPN for Mac

Mac OS

Client

IPsec

 

 

Endpoint Security Suite Remote Access VPN Blade

Windows, Mac OS

Client

IPsec

 

Additional Remote Access Solutions

Supported Operating Systems

Client or Clientless

Encryption Protocol

Security Verification for Endpoint Devices

Desktop Firewall on Endpoint Devices

IPv6 Support

SecuRemote

Windows

Client

IPsec

 

 

 

Summary of Remote Access Options

Below is a summary of each Remote Access option that Check Point offers. All supply secure remote access to corporate resources, but each has different features and meets different organizational requirements.

Details of the newest version for each client and a link for more information are in sk67820.

SSL Network Extender

SSL Network Extender is a thin SSL VPN on-demand client installed automatically on the user's machine through a web browser. It supplies access to all types of corporate resources.

SSL Network Extender has two modes:

Required Licenses - Mobile Access Software Blade on the gateway

Where to Get the Client - Included with the Security Gateway. See sk67820.

Capsule Workspace for iOS

Capsule Workspace for iOS is an SSL VPN client. It supplies secure connectivity and access to web-based corporate resources and Microsoft Exchange services. It also gives secure access to Capsule Docs protected documents. It was previously called Mobile Enterprise.

Capsule Workspace is ideal for mobile workers who have privately-owned smart phones or tablets. It protects only the business data inside the App and does not require device-level security measures, such as device-lock or device-wipe.

Required Licenses - Mobile Access Software Blade on the gateway and a mail license on the Security Management Server

Supported Platforms - iOS

Where to Get the Client - Apple App Store

Capsule Workspace for Android

Capsule Workspace for Android is an SSL VPN client. It supplies secure connectivity and access to web-based corporate resources and Microsoft Exchange services. It also gives secure access to Capsule Docs protected documents. It was previously called Mobile Enterprise.

Capsule Workspace for Android is ideal for mobile workers who have privately-owned smart phones or tablets. It protects only the business data inside the App and does not require device-level security measures, such as device-lock or device-wipe.

Required Licenses - Mobile Access Software Blade on the gateway

Supported Platforms - Android

Where to Get the Client - Google Play Store

Capsule Connect for iOS

Capsule Connect is a full L3 tunnel app that gives users network access to all mobile applications. It supplies secure connectivity and access to all types of corporate resources. It was previously called Mobile VPN.

Required Licenses - Mobile Access Software Blade on the gateway and a mail license on the Security Management Server

Supported Platforms - iOS 6.0 +

Where to Get the Client - Apple App Store

Capsule VPN for Android

Capsule VPN for Android devices is an L3 VPN client. It supplies secure connectivity and access to corporate resources using L3 IPSec/SSL VPN Tunnel. It was previously called Mobile VPN.

Required Licenses - Mobile Access Software Blade on the gateway

Supported Platforms - Android 4 + (ICS+)

Where to Get the Client - Google Play Store

Check Point VPN Plugin for Windows 8.1

Check Point VPN Plugin for Windows 8.1 is an L3 VPN client. It supplies secure connectivity and access to corporate resources using L3 SSL VPN Tunnel.

Required Licenses - Mobile Access Software Blade on the gateway

Supported Platforms - Windows 8.1

Where to Get the Client - Pre-installed with Windows.

Check Point Capsule VPN for Windows 10

Check Point Capsule VPN for Windows 10 is an L3 VPN client. It supplies secure connectivity and access to corporate resources using L3 SSL VPN Tunnel.

Required Licenses - Mobile Access Software Blade on the gateway

Supported Platforms - Windows 10

Where to Get the Client - Microsoft Software & Apps store.

Check Point Mobile for Windows

Check Point Mobile for Windows is an IPsec VPN client. It is best for medium to large enterprises that do not require an Endpoint Security policy.

The client gives computers:

Required Licenses - IPsec VPN and Mobile Access Software Blades on the gateway.

Supported Platforms - Windows

Where to Get the Client - Check Point Support Center - sk67820.

Endpoint Security VPN

Endpoint Security VPN is an IPsec VPN client that replaces SecureClient. It is best for medium to large enterprises.

The client gives computers:

Required Licenses - The IPsec VPN Software Blade on the gateway, an Endpoint Container license, and an Endpoint VPN Software Blade license on the Security Management Server.

Supported Platforms - Windows

Where to Get the Client - Check Point Support Center - sk67820.

Note - Endpoint Security VPN on Mac OS X includes a Desktop Firewall but not Security Verification.

Endpoint Security VPN for Mac

Endpoint Security VPN combines Remote Access VPN with Endpoint Security in a client that is installed on endpoint computers. It is recommended for managed endpoints that require a simple and transparent remote access experience together with Desktop Firewall rules. It includes:

Required Licenses - The IPsec VPN Software Blade on the gateway, an Endpoint Container license, and an Endpoint VPN Software Blade license on the Security Management Server.

Supported Platforms for Users - Mac OS X

Where to Get the Client - Check Point Support Center - sk67820.

Endpoint Security Suite

The Endpoint Security Suite simplifies endpoint security management by unifying all endpoint security capabilities in a single console. Optional Endpoint Security Software Blades include: Firewall, Compliance Full Disk Encryption, Media Encryption & Port Protection, and Anti- Malware & Program Control. As part of this solution, the Remote Access VPN Software Blade provides full, secure IPsec VPN connectivity.

The Endpoint Security suite is best for medium to large enterprises that want to manage the endpoint security of all of their endpoint computers in one unified console.

Required Licenses - Endpoint Security Container and Management licenses and an Endpoint VPN Software Blade on the Security Management Server.

Supported Platforms - Windows, Mac OS X

Where to Get the Client - Check Point Support Center - sk67820.

SecuRemote

SecuRemote is a secure, but limited-function IPsec VPN client. It provides secure connectivity.

Required Licenses - IPsec VPN Software Blade on the gateway. It is a free client and does not require additional licenses.

Supported Platforms - Windows

Where to Get the Client - Check Point Support Center - sk67820.