Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 

Top Tips for Working Securely From Home

Shay_Levin
Admin
Admin
10 8 11.1K

Hi CheckMates!

Are you looking for ways to maintain business continuity and keeping your employees secure? Thanks to our not-so-welcomed COVID-19, AKA, Coronavirus, many of us are required to be prepared for secured remote access to corporate resources.

 @Moti , Check Point’s Chief Evangelist, @Jonny, Check Point CISO, and myself gathered for a CheckMates TechTalk special edition on Top Tips for Working Securely From Home using Check Point technology.

Watch the video below for an insightful Q&A with Jony, a quick demo on how to configure Mobile Access Blade, and a step-by-step guide on how to configure secure remote access including top use cases.

Shay Levin

 

 

** Check the step by step guide video for Mobile Access Blade Deployment and Managed Endpoint Security

 

Below you’ll find an FAQ regarding Remote Access VPN.

FAQ

Can I use my own, non-corporate PC, to work from home?

Yes. With Check Point Remote Access solutions you may use any desktop either Windows or Mac for accessing your working environment from home. Whatever your organization provides – lightweight web-based Mobile Access or enterprise-grade Remote Access VPN – you will be able to perform your tasks during a global outbreak.

What do I need to do, install, configure?

It depends on the chosen solution.

If your company has selected lightweight web-based Mobile Access you will simply need to start your browser and enter URL of special site your organization will give you. All required components will be installed automatically on-demand. You will need to configure nothing.

If your company prefers enterprise-grade Remote Access VPN you will be given by installer of VPN client. You will run it on your computer and configure the corporate site you will need to connect to. Your system administrator will provide your exhaustive guidelines on how to do that.

What is VPN and why do I need it to work remotely?

VPN or Virtual Private Network is a world standard to build a secure communication channel between two points, for example, your computer and your office. The key feature of a VPN is that whole information in the channel is encrypted with industry-standard encryption which guarantees that it will not be intercepted and read by any third party person or organization. The second advantage of VPN is that the system identifies you as a legal user which means none can get unauthorized access to your resources.

What would be the user experience?

It depends on the chosen solution.

In the case of Mobile Access, you will use your browser to enter special web site of your organization.  Your system administrator can configure the system that all required applications will be launched automatically.

In the case of Remote Access VPN, you will have a special client that will constantly run on your computer. You will need to connect manually (can be configured to be automatic as well). Once the connection is established you may work from within your office.

How many times do I need to log in when working from home?

This depends on a specific Remote Access solution chosen and some other details. For example, if you do not need to login to your home PC, and your VPN authentication is certificate-based, you will only have to log in to your office station with RDP, by using your corporate credentials

I suspect my home PC is not as secure as the corporate PC in the office. Is it a problem? Is there any danger to infect my office computer when working remotely?

We understand this concern. Check Point offers various solutions to decrease such risk. Both Mobile Access and Remote Access VPN products have capabilities to check if your computer is compliant with organizational policy for remote work. They may check if your anti-virus software is up-to-date and if your operating system has all security patches installed. And you may be calm about the danger to infect your office computer: the risk to infect your office workstation is extremely low. In the case of Mobile Access, you may request your system administrator to allow Secure Workspace (available for Windows 7, 8.1 and 10) for better isolation.

Have any questions? Please post them in the comments section below. We'll be keeping a close eye on the page so that we can promptly address any concerns you may have.

8 Comments
Richard_Wieser
Participant

Is there any documentation on how many current Mobile Access VPN users are supported on a 6800 appliance?

STEVE_ENS
Contributor

Thanks for these overviews.  Helpful to all organizations now and for the future. 

HenriqueFM96
Employee Alumnus
Employee Alumnus

@Richard_Wieser, in all appliances (excluding SMB models) Mobile Access license is included for 5 concurrent users. But this number can be increased by using Mobile Access extensions.

You can find this information on the last page in appliance comparison chart, for example.

LadislavNemecek
Participant

Is there any posibility for generate/get testing trial mutiCPU license with moblie access, to be able run VPN concentrator on spare openservers?

Shay_Levin
Admin
Admin

Hi, 

If your user center account is attached to an exiting Check Point account, you can generate by yourself an evaluation license directly from the user center.

https://usercenter.checkpoint.com/usercenter/portal/media-type/html/role/usercenterUser/page/default...

If you don't have an account, drop me an email shayl@checkpoint.com

 

 

John_Tomasetti
Participant
Microsoft released a statement on how to optimize your VPN network bandwidth for Office365 traffic. The narrative I believe assumes that you will be implementing split tunnel remote access VPN. https://techcommunity.microsoft.com/t5/office-365-blog/how-to-quickly-optimize-office-365-traffic-fo... However, we disable remote access VPN and want to keep it that way. What I would like to see is a Check Point feature to allow the VPN administrator to specify a white list of clear-text IPs and Updatable Objects (specifically the Office365 updatable object). While split-tunneling remains disabled, these specified white list items should be allowed to leave the client to the Internet, bypassing the VPN tunnel. We would like to take advantage of the network performance increases suggested by Microsoft, but with split-tunneling disabled. With the sudden increased desire for working from him in recent weeks, this feature is needed right away.
John_Tomasetti
Participant
Correction: It should read "...we disable remote access split-tunnel VPN..."
Sai23
Explorer
  •  I am getting error message in show client option as "No security policy is configured". So that i am unable to connect to VPN. Please suggest any solution for this.