Uninstalling Endpoint Security Using Challenge-Response in Offline Mode

You can allow a user to uninstall the Endpoint Security client on their remote Windows computer without giving the client uninstall password to the user. A challenge-response procedure validates the identity of the user on the remote computer.

This is the procedure for Offline mode, using the Endpoint Offline Management Tool. This procedure is for environments where the clients do not have a connection to the Endpoint Security Server. If the clients do have a server connection, use the online procedure: Uninstalling the Endpoint Security Client Using Challenge-Response.

Configure the Client Setting policy one-time only, for all users:

  1. In the SmartEndpoint Users and Computers tab, go to the Offline Group.

  2. Click Edit rule.

  3. In the Client Settings, edit the Installation rule, and select Uninstall client using challenge-response.

  4. Optional: Set the number of digits of the Response length. The default setting is 30 digits (High Security).

  5. In the main toolbar, click Save rule , and Install the Policy

  6. In the offline group, click Get Update Policy File and save it to the Updates folder in the Offline location (the shared location where files for the Offline Group are stored).

  7. After saving the policy file to Updates folder, the policy on the client is automatically updated. To update the policy immediately, tell the user to click Update now in the Endpoint Security client UI.

To allow a user to uninstall their Endpoint Security client using Challenge-Response:

  1. Open the Endpoint Offline Management Tool. See Logging In to the Offline Tool.

  2. Click CLIENT UNINSTALL.

  3. In Select Status File, select the .cpsts file of the client in the Client Logs folder in the Offline location.

  4. Click Next.

  5. Give these instructions to the user:

    1. Start the process of uninstalling the Endpoint Security client. On the Windows computer, go to the Add or remove programs system setting, select the Endpoint Security client, and click Uninstall.

      A Check Point Endpoint Security challenge-response window opens. The window has a Challenge field that contains a number with many digits, and a Response field that is blank.

    2. Give the Challenge number to the administrator. This can be by phone, text message, email, or in some other way

  6. In the CHALLENGE FROM USER page of the Endpoint Offline Management Tool, in the Challenge field, type the number that the user gave you

  7. Click Next.

    A Response number shows in RESPONSE TO USER page.

  8. Give the Response number to the user. This can be by phone, text message, email, or in some other way

  9. Give these instructions to the user:

    1. Uninstall the Endpoint Security client. Type the Response number into the Check Point Endpoint Security Challenge-Response window.

    2. Click OK.

      The Endpoint Security client is uninstalled.

    3. If Full Disk Encryption (FDE) is installed, a popup window shows. Click OK to reboot the client computer. This decrypts the computer. Then, the Endpoint Security client is uninstalled.