- Products
- Learn
- Local User Groups
- Partners
- More
CheckMates Fifth Birthday
Celebrate with Us!
days
hours
minutes
seconds
Join the CHECKMATES Everywhere Competition
Submit your picture to win!
Check Point Proactive support
Free trial available for 90 Days!
As YOU DESERVE THE BEST SECURITY
Upgrade to our latest GA Jumbo
The 2022 MITRE Engenuity ATT&CK®
Evaluations Results Are In!
Now Available: SmartAwareness Security Training
Training Built to Educate and Engage
MITRE ATT&CK
Inside Check Point products!
CheckFlix!
All Videos In One Space
Hello guys,
Still studying for my CCSE... now I am at the point where I want to dig deeper into the Mobile Access solutions that Check Point offers. To be precise, I am just kind of confused regarding all the different client solutions. So I'd like to write down what I understood so far and be very glad if you guys could correct me if something is wrong. Also useful links to SKs that explain the differences in detail would be appreciated.
=> Check Point Mobile
- available for Windows, iOS, Android
- IPsec tunnel for Windows installations
- SSL tunnel for iOS/Android
- no further endpoint security - just a remote access client without any further features that would be used if the endpoint is not connected to the corporate network via the RA tunnel
=> SecuRemote
- remote access client available for Windows only
- connects to the corporate gateway via an IPsec tunnel
- also no further features - it's just a remote access solution
- seems to be free (no license for the endpoint site required) [?]
=> Check Point Capsule [Workspace]
- remote access client available for Android and iOS only
- offers a SSL based tunnel solution
- comes together with the Capsule "package", meaning in detail you will also benefit from
> Capsule Docs (encrypts documents, controls who can access them...)
> Capsule Cloud (provides the possibility to enforce additional security settings to the endpoint that also apply when the endpoint is not connected to the corporate network)
> Capsule Workspace on its own not only provides the SSL RA solution but also the possibility (hand in hand with Capsule Docs) to access corporate documents remotely and also (on its own with AD integration) access exchange details like your calendar and mail
> also supports MDM enforcements (jailbreak/root detection / remote wipe possibility)
=> Check Point Capsule Connect
- remote access client available for iOS, Android and Windows
- completely based on a IPsec solution
- seems to be a permanent full tunnel that secures all applications (and not just a few like Capsule Workspace)
- also supports MDM enforcements (w/o jailbreak/root detection or remote wipes)
As you see most of my assumptions are probably wrong but I think I just drowned in the severity regarding all these solutions. Especially the fact which ones are permanent tunnels and which aren't confuses me. Seems the Capsule solutions are both permanent - but I am also not sure regarding this statement.
In addition, I am not able to understand the license model of each one (not related to SecuRemote which appears to be a license free solution on the client site). And what is the reason behind all of this solutions that kind of overlap in some areas?
Thanks for any advice, hopefully somebody is able to make a clear structure out of the mess that I currently have in my brain, haha.
Regards,
Maik
sk67820: Check Point Remote Access Solutions
Quite lengthy but very thorough.
--
Second Edition of my "Max Power" Firewall Book
Now Available at http://www.maxpowerfirewalls.com
interesting read. I am suprised to see GO is listed as supported...
Check Point GO is End of Life, so am somewhat surprised it's listed there.
that's what i said!
Thanks Timothy!
Seems to be exactly what I was looking for - weird that I oversaw it when I was looking for related SK's
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY