Create a Post
Showing results for 
Search instead for 
Did you mean: 

Mobile Access client options - general questions

Hello guys,

Still studying for my CCSE... now I am at the point where I want to dig deeper into the Mobile Access solutions that Check Point offers. To be precise, I am just kind of confused regarding all the different client solutions. So I'd like to write down what I understood so far and be very glad if you guys could correct me if something is wrong. Also useful links to SKs that explain the differences in detail would be appreciated. Smiley Happy

=> Check Point Mobile

- available for Windows, iOS, Android

- IPsec tunnel for Windows installations

- SSL tunnel for iOS/Android

- no further endpoint security - just a remote access client without any further features that would be used if the endpoint is not connected to the corporate network via the RA tunnel

=>  SecuRemote

- remote access client available for Windows only

- connects to the corporate gateway via an IPsec tunnel

- also no further features - it's just a remote access solution

- seems to be free (no license for the endpoint site required) [?]

=> Check Point Capsule [Workspace]

- remote access client available for Android and iOS only

- offers a SSL based tunnel solution

- comes together with the Capsule "package", meaning in detail you will also benefit from

      > Capsule Docs (encrypts documents, controls who can access them...)

      > Capsule Cloud (provides the possibility to enforce additional security settings to the endpoint that also apply when the endpoint is not connected to the corporate network)

      > Capsule Workspace on its own not only provides the SSL RA solution but also the possibility (hand in hand with Capsule Docs) to access corporate documents remotely and also (on its own with AD integration) access exchange details like your calendar and mail

      > also supports MDM enforcements (jailbreak/root detection / remote wipe possibility)

=> Check Point Capsule Connect

- remote access client available for iOS, Android and Windows

- completely based on a IPsec solution

- seems to be a permanent full tunnel that secures all applications (and not just a few like Capsule Workspace)

- also supports MDM enforcements (w/o jailbreak/root detection or remote wipes)

As you see most of my assumptions are probably wrong but I think I just drowned in the severity regarding all these solutions. Especially the fact which ones are permanent tunnels and which aren't confuses me. Seems the Capsule solutions are both permanent - but I am also not sure regarding this statement.

In addition, I am not able to understand the license model of each one (not related to SecuRemote which appears to be a license free solution on the client site). And what is the reason behind all of this solutions that kind of overlap in some areas?

Thanks for any advice, hopefully somebody is able to make a clear structure out of the mess that I currently have in my brain, haha.



0 Kudos
6 Replies
Champion Champion

Legend Legend

sk67820: Check Point Remote Access Solutions

Quite lengthy but very thorough.

Second Edition of my "Max Power" Firewall Book
Now Available at

Gateway Performance Optimization R81.20 Course
now available at

interesting read. I am suprised to see GO is listed as supported... 

0 Kudos

Check Point GO is End of Life, so am somewhat surprised it's listed there.

0 Kudos

that's what i said!

0 Kudos

Thanks Timothy!

Seems to be exactly what I was looking for - weird that I oversaw it when I was looking for related SK's


Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events