- Products
- Learn
- Local User Groups
- Partners
- More
Check Point Jump-Start Online Training
Now Available on CheckMates for Beginners!
Why do Hackers Love IoT Devices so Much?
Join our TechTalk on Aug 17, at 5PM CET | 11AM EST
Welcome to Maestro Masters!
Talk to Masters, Engage with Masters, Be a Maestro Master!
ZTNA Buyer’s Guide
Zero Trust essentials for your most valuable assets
The SMB Cyber Master
Boost your knowledge on Quantum Spark SMB gateways!
As YOU DESERVE THE BEST SECURITY
Upgrade to our latest GA Jumbo
CheckFlix!
All Videos In One Space
Hello guys,
Still studying for my CCSE... now I am at the point where I want to dig deeper into the Mobile Access solutions that Check Point offers. To be precise, I am just kind of confused regarding all the different client solutions. So I'd like to write down what I understood so far and be very glad if you guys could correct me if something is wrong. Also useful links to SKs that explain the differences in detail would be appreciated.
=> Check Point Mobile
- available for Windows, iOS, Android
- IPsec tunnel for Windows installations
- SSL tunnel for iOS/Android
- no further endpoint security - just a remote access client without any further features that would be used if the endpoint is not connected to the corporate network via the RA tunnel
=> SecuRemote
- remote access client available for Windows only
- connects to the corporate gateway via an IPsec tunnel
- also no further features - it's just a remote access solution
- seems to be free (no license for the endpoint site required) [?]
=> Check Point Capsule [Workspace]
- remote access client available for Android and iOS only
- offers a SSL based tunnel solution
- comes together with the Capsule "package", meaning in detail you will also benefit from
> Capsule Docs (encrypts documents, controls who can access them...)
> Capsule Cloud (provides the possibility to enforce additional security settings to the endpoint that also apply when the endpoint is not connected to the corporate network)
> Capsule Workspace on its own not only provides the SSL RA solution but also the possibility (hand in hand with Capsule Docs) to access corporate documents remotely and also (on its own with AD integration) access exchange details like your calendar and mail
> also supports MDM enforcements (jailbreak/root detection / remote wipe possibility)
=> Check Point Capsule Connect
- remote access client available for iOS, Android and Windows
- completely based on a IPsec solution
- seems to be a permanent full tunnel that secures all applications (and not just a few like Capsule Workspace)
- also supports MDM enforcements (w/o jailbreak/root detection or remote wipes)
As you see most of my assumptions are probably wrong but I think I just drowned in the severity regarding all these solutions. Especially the fact which ones are permanent tunnels and which aren't confuses me. Seems the Capsule solutions are both permanent - but I am also not sure regarding this statement.
In addition, I am not able to understand the license model of each one (not related to SecuRemote which appears to be a license free solution on the client site). And what is the reason behind all of this solutions that kind of overlap in some areas?
Thanks for any advice, hopefully somebody is able to make a clear structure out of the mess that I currently have in my brain, haha.
Regards,
Maik
sk67820: Check Point Remote Access Solutions
Quite lengthy but very thorough.
--
Second Edition of my "Max Power" Firewall Book
Now Available at http://www.maxpowerfirewalls.com
interesting read. I am suprised to see GO is listed as supported...
Check Point GO is End of Life, so am somewhat surprised it's listed there.
that's what i said!
Thanks Timothy!
Seems to be exactly what I was looking for - weird that I oversaw it when I was looking for related SK's
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY