Endpoint Offline Management Tool

The Endpoint Offline Management Tool lets administrators manage offline mode users and give them password assistance and disk recovery. It does not require access to the Endpoint Security Management Server A Security Management Server that manages your Endpoint Security environment. Includes the Endpoint Security policy management and databases. It communicates with endpoint clients to update their components, policies, and protection data..

Double click the OfflineMgmtTool.msi file to install the tool.

Get the files from the Server Release information section of the Endpoint Security homepage.

Logging In to the Offline Tool

To log in to the tool, you must have a CPOMF file that contains at least one administrator with a password, or token authentication. To get the CPOMF file from SmartEndpoint A Check Point GUI application which connects to the Endpoint Security Management Server, to manage your Endpoint Security environment - to deploy, monitor and configure Endpoint Security clients and policies., see Get Offline Management File in Export the required packages

1. Open the Offline Tool.

2. In the Login window:

   • CPOMF File - Browse to the location of the CPOMF file

   • Login Name -Enter an offline administrator name

   • Password/Token - According to the authentication method of the offline administrator, enter a password or token response.

     Note - If the authentication method is a token with a response length of 16 digits and you are authenticating with a response that is 8 digits long, you will be prompted to complete an additional challenge-response phase.

   • Click Login.

Password Assistance

To help a user log in to a locked computer click Password Assistance.

• Select Recovery Mode - Select the type of Full Disk Encryption A component on Endpoint Security Windows clients. This component combines Pre-boot protection, boot authentication, and strong encryption to make sure that only authorized users are given access to information stored on desktops and laptops. Acronym: FDE. Remote Help Users can be denied access to their Full Disk Encryption-protected computers or Media Encryption & Port Protection-protected devices for many different reasons. Remote Help can help users in these types of situations. The user contacts the Help Desk or specified administrator and follows the recovery procedure. that is necessary:

  • One Time Logon - Lets users access using an assumed identity for one session, without resetting the password. Users who lose their Smart Cards must use this option.

  • Password Change - This option is applicable for users with fixed passwords who are locked out.

• Select Recovery File - The recovery file is a CPREC file that is uploaded from each client computer. The files are located in the Recovery Files shared folder.

  Click Browse to locate the file for the computer in the offline group that requires recovery.

• Click Next.

Note - Each offline group is cryptographically independent. The CPOMF file for one group does not work for a different group.

Selecting a User

• Select a user that has Pre-boot Authentication before the Operating System loads. permissions on the computer. You can enter the username manually in the format domain\username.

• Click Next.

Challenge from User

• Response One - Tell the user to enter the Response One text string in the Remote Help window on the locked computer.

  The endpoint computer shows a challenge code.

• Challenge - Enter the challenge code that the user gives you.

Response to User

• Response Two - Tell the user to enter the Response Two text string in the Remote Help window on the locked computer.

  Make sure that the user changes the password or has one-time access to the computer before ending the Remote Help session.

• Try Again - Click this to start the password recovery process again for a different user.

Disk Recovery

To help a user un-encrypt a disk click Disk Recovery.

• Select Recovery File - The recovery file is a CPREC file that is uploaded from each client computer. The files are located in the Recovery Files shared folder.

  Click Browse to locate the file for the computer in the offline group that requires recovery.

• Click Next.

Note - Each offline group is cryptographically independent. The recovery file for one group does not work for a different group.

Select a User Account

• Click Add to manually enter a new temporary user that will log in with the recovery media.

• Click Next.

Select Media

• Select the type of recovery media to generate:

  • ISO file

  • REC file

  • USB media

  If you select ISO or REC, select the storage location.

  If you select USB, choose the drive to use.

• Click Create Media.

Note - To create USB media, the tool must run with administrator privileges and the Media Encryption & Port Protection A component on Endpoint Security Windows clients. This component protects data stored on the computers by encrypting removable media devices and allowing tight control over computers' ports (USB, Bluetooth, and so on). Acronym. MEPP. must be disabled.