This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
valterj
Contributor
‎2021-07-30 01:15 PM

Mobile Access Blade

Hi All. 

In my SGW Cluster configuration, in VPN Clients, I need to specify which clients is allowed to connect to GW. But, if I enable Mobile Access blade, the initial configuration has the exactly same options.

What is the difference about use or not this blade? Which additional options this blade should provide me? Should I accept remote client connections without use Mobile Access blade? It's not clear for me. 

With best regards. 

0 Kudos
6 Replies
PhoneBoy
Admin
Admin
‎2021-07-30 01:48 PM

Mobile Access Blade provides a web portal to access web-based applications.
If you’re just allowing remote access through VPN clients, that can be done via the VPN blade.

valterj
Contributor
‎2021-07-30 02:05 PM
In response to PhoneBoy

Hi Phoneboy. Thank you for your answer. 

That was exactly my doubt. Why I have to specify which clientes I'd like to use, if Mobile Access will provide a web portal access? So I'll use any browser, not a VPN Client. 

Regards. 

PhoneBoy
Admin
Admin
‎2021-07-30 03:06 PM
In response to valterj

A client-based VPN and clientless VPN are completely different types of access that serve different use cases.
They also require very different configuration.
Also, not every web-based application will work with Mobile Access.
It really depends on what kind of users you have and what they will access as to which method you'll use.
You might use both.

If you're interested in Mobile Access, I'd start with the documentation: https://sc1.checkpoint.com/documents/R81.10/WebAdminGuides/EN/CP_R81.10_MobileAccess_AdminGuide/Defa... 

0 Kudos
valterj
Contributor
‎2021-08-06 08:56 AM
In response to PhoneBoy

Thank you again. 

My point is: considering that Mobile Access is a paid feature, which advantages should I have using them instead a regular VPN client (or clientless model)? I'm confused because, in terms of Cluster configuration, we need to specify which clients are allowed to connect to gateway, so I can't see the difference yet. 

Regards. 

0 Kudos
the_rock
Legend
Legend
‎2021-08-06 09:20 AM
In response to valterj

Well, keep in mind also, you can use app on the phones called capsule VPN, which sort of acts like a vpn client from windows/mac machines. Users create a site, authenticate and they can access pretty much whatever internal resources they are allowed to access, based on gateway policy.

 

Is there something in particular you are concerned about?

0 Kudos
PhoneBoy
Admin
Admin
‎2021-08-06 03:16 PM
In response to valterj

The only "free" option is SecuRemote which is fairly limited in terms of useful situations.
See: https://community.checkpoint.com/t5/Remote-Access-VPN/Quick-Primer-on-How-to-Configure-your-Gateway-...

Both "client" and "clientless" options require some sort of license, which is an extra cost.
I believe all modern gateway licenses come with a five user Mobile Access license, which enables both options.
SMB gateways include more than this (depends on the model).
For additional users, you will either need to buy one of:

  • A Mobile Access license (either 50, 200, or Unlimited users, licensed based on concurrent connections)
  • Harmony Endpoint licenses (buy as many as needed, but licensed based on number of clients installed)
  • CPEP-ACCESS licenses (not in the Product Catalog, but still orderable), which are "Endpoint Security VPN" (includes Desktop Firewall + Compliance). Licensed based on number of clients installed.

It depends on what kind of access you want to allow from what kind of device.
And, of course, what you have licenses for.

 

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    Top