This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
MtxMan
Contributor
‎2022-04-24 03:49 PM
Jump to solution

Remote Access VPN Solutions

Hi All,

I have some questions for you about VPN on Check Point, because im new on Check Point solution, im sorry if i have basic question.

  1. Per this article, Check Point has many models and type of RA VPN. If the requirement are VPN solution can protect the endpoint + has capabilities security capabilities like antivirus for Mobile Devices (Android, iOS), can Check Point firewall achieve it? or need buy another license or solution?
    Because in the article said, that required "Mobile Access Software Blade on the Security Gateway" for Android and iOS, but no information about endpoint feature(Anti Virus).

  2. And for Corporate Devices (mostly Windows), i can go with "Harmony Endpoint" option based on the article, but my question is about the licensing, do you know guys about the SKU "Endpoint Policy Management Software Blade" and "Endpoint Security Container" in the catalog? I spent ~30 minutes but cant find those SKU.

  3. For simple VPN, mostly for the vendor to remote the firewall, switch or server in the office, can i offer "SecuRemote" to customer? because it's free but have limited functionality, honestly i dont know what the limitation is haha

  4. Is "SecuRemote" and SSL Network Extender (SNX) can perform split or full tunneling?

Thank you guys, appreciated your support and feedback! Thank you so much!

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin
‎2022-04-25 02:45 PM
Jump to solution

If you're wanting protection on Mobile Phones, you will want Harmony Mobile, which is a separate solution from Harmony Endpoint, which is for protecting PCs and Macs.

The licensing for the management of Harmony Endpoint can be achieved a couple of different ways:

  • Included with Network Security management (e.g. an NGSM-x or Smart-1 appliance)
  • Included cloud-based management (managed through Infinity Portal)
  • One of the following SKUs to run the management on Open Server or a VM: CPSM-P1003-E, CPSM-P2503-E, CPSM-P2503-E (for 1000 endpoints, 2500 endpoints, or unlimited respectively)

For simple VPN, your options are:

With any of the VPN solutions, you can either do split or full tunneling, but keep in mind it's a global setting.
You can allow users to choose or you can force a specific setting. 

Hope that helps.

View solution in original post

2 Replies
PhoneBoy
Admin
Admin
‎2022-04-25 02:45 PM
Jump to solution

If you're wanting protection on Mobile Phones, you will want Harmony Mobile, which is a separate solution from Harmony Endpoint, which is for protecting PCs and Macs.

The licensing for the management of Harmony Endpoint can be achieved a couple of different ways:

  • Included with Network Security management (e.g. an NGSM-x or Smart-1 appliance)
  • Included cloud-based management (managed through Infinity Portal)
  • One of the following SKUs to run the management on Open Server or a VM: CPSM-P1003-E, CPSM-P2503-E, CPSM-P2503-E (for 1000 endpoints, 2500 endpoints, or unlimited respectively)

For simple VPN, your options are:

With any of the VPN solutions, you can either do split or full tunneling, but keep in mind it's a global setting.
You can allow users to choose or you can force a specific setting. 

Hope that helps.

G_W_Albrecht
Legend Legend
Legend
‎2022-04-26 01:18 AM
Jump to solution

A quote for license pricing and blades / containers needed is usually generated by your CP partner who knows about the sizing and blade selection options. Concerning pt. 3 + 4: SecuRemote is only usable in very special situations (especially by RA VPN clients with fixed IP) as it does not offer OfficeMode. SNX should be used with the MAB blade, but not legacy SNX.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events