She's not my wife yet, and probably will never be If I decide to spend more money on security suites
Harmony Endpoint Release Notes and Roadmaps
- Thread starter Trident
- Start date
I obtained from the Australian Tech Geeks, Sophos MDR.
Running the XDR Sensors as a backend to Microsoft Defender for Business.
Running the XDR Sensors as a backend to Microsoft Defender for Business.
What! I've been busy doing something else and not running my Harmony VM for the past week, was unaware of this, no email message from Lithify...
EDIT: I now see updated input from Trident re Lithify, at least for the time being.
Last edited:
They are still in the game with their other website, checkpoint.direct.What! I've been busy doing something else and not running my Harmony VM for the past week, was unaware of this, no email message from Lithify...
well I do have DeepInstinct on hardware and Harmony on VM, all good so farI guess running Deep Instinct with Harmony is overkill tho. Probably not an option. I'll see what the future brings
Theoretically they could work together on one host, if DI processes are excluded under Infinity Portal and Check Point processes are excluded under DI console. Also, do not Integrate DI to security centre. Or Integrate DI there and do not install anti-malware engine under Harmony. But it is not necessary really.well I do have DeepInstinct on hardware and Harmony on VM, all good so far
Harmony Endpoint Windows Client v 88.50 released 5th of Aug 2024.
List of New Features and Enhancements in E88.50 for Windows
| ID | Description |
| General | |
| AHTP-30360 | Enhancement: Added Data Loss Prevention (DLP) capability which detects and prevents unauthorized transmission of confidential information, such as social security numbers, credit card numbers, bank account numbers and so on. Refer to Harmony Endpoint EPMaaS Administration Guide > Configuring the Endpoint Policy > Data Loss Prevention. |
| AHTP-30649 | Enhancement: The system now automatically blocks vulnerable drivers upon their creation on the device. This includes drivers that are downloaded, extracted, copied, or otherwise introduced to the system. |
| EPS-56912 | Enhancement: Installing any of the Anti-Malware, Anti-Bot, Forensics, or Threat Emulation blades requires Microsoft .NET Framework version 4.7.2 or higher. For all other configurations, the minimum required Microsoft .NET Framework version is 4.6.1. Refer to sk182480. |
| EPS-57300 | Enhancement: Enhanced software security through advanced compilation techniques and updated the core libraries, strengthening enterprise protection. |
| EPS-57548 | Enhancement: The Harmony Endpoint connectivity tool no longer uses E1 URLs. |
| EPS-56975 | Enhancement: Added pagination to the Blade tabs tables in the Clients UI to improve the performance when loading large datasets. |
| Anti-Bot and URL Filtering | |
| AHTP-30718 | Enhancement: URL Filtering eliminates User Check popups for blocked connections in supported browsers with the Harmony Extension installed. This reduces interruptions, improving user experience. In Incognito mode, blocked connections are silently dropped. |
| AHTP-30872 | Enhancement: URL Filtering logs in the Management Server logs now include additional information:
|
| Anti-Malware E2 (US-DHS and EU compliant) | |
| AHTP-30787 | Enhancement:
|
| AHTP-30618 | Enhancement: The Critical Scan feature is improved to include boot sector scanning. |
| Anti-Ransomware, Behavioral Guard and Forensics | |
| AHTP-30058 | Enhancement: Refined the ability to detect network-related security threats. |
| AHTP-30673 | Enhancement: Improved the detection of some types of Ransomware and Wipers. |
| EPS-56879 | Enhancement: Improved the RDP usage information for advanced signatures. |
| AHTP-30810 | Enhancement: When illegitimate login attempts are detected, the account that is targeted will be removed from the list of accounts authorized to access the specific computer. |
| EPS-56740 | Enhancement: Data transferred through OS pipes is now reported to the Threat Hunting tool. |
| EPS-57500 | Enhancement: Additional folders in ProgramData are now protected against tampering. |
| EPS-56617 | Enhancement: Optimized detection algorithm to reduce false positives in generic anti-ransomware signature. |
| Full Disk Encryption | |
| EPS-56482 | Enhancement: After a password change, Microsoft Entra ID users are now prompted to lock and unlock the computer to synchronize the Windows password and the FDE Pre-boot password. |
| EPS-57260 | Enhancement: The Mobile Enrollment feature in the Endpoint Security Client UI now supports all the available languages. |
| EPS-55822 | Enhancement: FDE Pre-boot Remote Help now features a user-friendly wizard interface. This guided flow helps users easily select the type of assistance they need before system boot. |
| EPS-56840 | Enhancement: The PS2 keyboard default setting for Dell Latitude 5420 laptops is now changed to "FALSE" (disabled). |
| Media Encryption and Port Protection | |
| EPS-56627 | Enhancement: Printers installed as software devices are now controlled by the Media Encryption and Port Protection Blade, allowing administrators to apply access policies and rules to regulate communication with these virtual printer resources, enhancing security oversight. |
List of Resolved Issues in E88.50 for Windows
| ID | Description |
| General | |
| EPS-57575 | Launching SmartConsole from Smart-1 Cloud portal fails after Endpoint Security Clients upgrade to E88.41. Refer to sk182532. |
| Anti-Ransomware, Behavioral Guard and Forensics | |
| EPS-56823 | Abnormally high memory usage by the EFR service at first login after a PC reboot. |
| AHTP-30740 | There maybe multiple EFRSAL_*.ds files in the DBStore directory. |
| AHTP-30785 | Some internal system files, which are not created by users, are listed in the Restoration UI screen. |
| Threat Emulation | |
| AHTP-30786 | When the File Reputation feature sends a report to the Management Server and XDR, the Protection Name field sometimes displays as either "File.Rep." or "Unknown" instead of a more specific identifier. |
| Remote Access VPN | |
| ESVPN-4273 | When a non-administrator user creates a VPN site from a link, the browser does not prompt the VPN GUI to open. |
Threat Emulation Engine Release Updates
| 15 July 2024 | 11.19 | 60.990000825 |
|
5th of Aug (just a few days ago). Updated is the core .Net Framework to make the way for a series of performance improvements, which will be made. Anti-Ransomware, Behavioural Guard and Forensics are once again improved. UI and static analysis are GPU optimised. All signatures are now placed in a smarter way to improve HEP loading time.
Seems like checkpoint keeps increasing their suite with different technologies from companies they aquire
Checkpoint have some of the best security suites available and seems like their prices are competitive as well
But specifically at Harmony they definitely need to keep improving the performance usage and seems like they are keeping improving on that front
Checkpoint got good results in some tests it's been gone through
List of New Features and Enhancements in E88.60 for Windows
| ID | Description |
| General | |
| EPS-57370 | Enhancement: Super Node feature now supports environments with restricted network access for local accounts. In setups where local users cannot log into Super Node machines from the network, a special registry key allows the Super Node to run with elevated privileges. This ability enables the NGINX process, which serves files via HTTP protocol, to operate as system instead of a dedicated local user account. Note, this is not a recommended setup. It should only be used in specific scenarios. |
| Anti-Malware E2 (US-DHS and EU compliant) | |
| AHTP-31304 | Enhancement: Anti-Malware signature update source is now added to the Management Server event logs. |
| Anti-Ransomware, Behavioral Guard and Forensics | |
| AHTP-31234 | Enhancement: Improved detection of ransomware in rare scenarios. |
| AHTP-30632 | Enhancement: Improved the defense against some behavioral patterns. |
| AHTP-31232, AHTP-31167 | Enhancement: Improved the usage of advanced signatures. |
| AHTP-31047, AHTP-31046 | Enhancement: Reduced the size of some internal files. |
| Browser Extension | |
| AHTP-30541 | Enhancement: Blocking the browser Incognito mode in Chrome, Edge, Firefox, Brave using Management policy is now supported. |
List of Resolved Issues in E88.60 for Windows
| ID | Description |
| General | |
| EPS-57593 | The progress of manual CPInfo upload to Check Point FTP gets stuck displaying incorrect percentage after completion, for example, "100%483647%" , leaving the CPInfo terminal window open in that state. |
| EPS-57517 | When internal Endpoint Security communication is lost, the Host Isolation feature does not function as expected. |
| Installation | |
| EPS-57354 | In rare scenarios, upgrade package installation fails with "Product: Check Point Endpoint Security – Error 27562.Changing configuration of Check Point Endpoint Security is not allowed. Please check that the password you have entered is correct or contact your system administrator". |
| EPS-57338 | The CPDA process exits with a dump file after an upgrade of Endpoint Security Clients. |
| Anti-Ransomware, Behavioral Guard and Forensics | |
| AHTP-31207 | The EFR service dump file is created on a multi-role Server. |
| AHTP-31218 | Real Time Attack Context can initially lead to increased memory and CPU consumption compared to regular signatures. However, by replacing multiple signatures, it's expected to ultimately reduce overall resource usage. |
| AHTP-31189 | False positive matches of advanced signatures are returned for trusted .dll files. |
| THPTSE-1090, THPTSE-1071, THPTSE-1041 | Some information may be missing in Threat Hunting logs. |
Harmony Endpoint Announcements
Endpoint Updates are too minimal to be mentioned, with only one hotfix released.
| 15 Nov 2024 | 11.22 | 60.990000993 |
|
| 15 Oct 2024 | 11.21 | 60.990000925 |
|
| 15 Aug 2024 | 11.20 | 60.990000874 |
|
Endpoint Updates are too minimal to be mentioned, with only one hotfix released.
New in ThreatCloud and Emulation:
DeepDLL. The new model improves the effectiveness of DLL files detection when attackers are using DLL injection, hijacking or sideloading.
It’s based on deep learning and static analysis.
DeepDLL. The new model improves the effectiveness of DLL files detection when attackers are using DLL injection, hijacking or sideloading.
It’s based on deep learning and static analysis.
Introducing HT-ML Guard to Automatically Analyze and Secure HTML Files
Introducing HT-ML Guard to Automatically Analyze and Secure HTML Files - Check Point Blog
Highlights: HTML files are being used in phishing attacks, mimicking trusted websites HT-ML Guard is designed to analyze HTML files and accurately
blog.checkpoint.com
Ok, let me add some latest release notes as Trident seems pretty busy these days. 88.62 Just became the Recommended Version.
List of Resolved Issues in E88.61 for Windows
| ID | Description |
| General | |
| AHTP-31805 | In rare scenarios, when process exclusions are configured, BSOD may occur. |
| AHTP-31806 | The C:\Windows\cpepmon.mlf log file grows on some Servers. |
| Anti-Bot and URL Filtering | |
| AHTP-31803 | In rare scenarios, the epab_svc service repeatedly exits. |
| AHTP-31817 | Anti-Bot DNS Inspection does not handle correctly large amounts of messages printed on DC/DNS Servers, leading to Domain resolve timeouts. |
| Anti-Ransomware, Behavioral Guard and Forensics | |
| AHTP-31828 | Some process notifications pop up either in the Endpoint Security Client or in the management logs, although they should appear in both. |
| AHTP-31839 | Some developers commands make take longer to complete. |
| AHTP-31896 | Stability issues. |
| Full Disk Encryption | |
| EPS-58470 | In some scenarios, FDE Smart Pre-boot (EA feature) fails to start. |
| Threat Emulation | |
| AHTP-31815 | Non-ASCII characters in exclusions may be incorrectly interpreted. |
List of Resolved Issues in E88.62 for Windows
| ID | Description |
| General | |
| EPS-59270 | Windows updates fail with the "Error 80070005" because of a permission issue. |
| EPS-59324 | Endpoint Security Client upgrade fails because of corrupted registry entries. |
| Remote Access VPN | |
| ESVPN-4471 | Remote Access VPN users with Windows 11 24H2 fail to connect to VPN. |
List of New Features and Enhancements in E88.70 for Windows
| ID | Description |
| General | |
| EPS-55641 | Enhancement: The Super Node Server status is now displayed on the Management Server. |
| EPS-58573 | Enhancement: Endpoint Security Clients now supports Super Node functionality in semi-isolated environments. |
| EPS-57794 | Enhancement: Improved the flow and user experience for uploading files to FTP when running CPInfo. |
| EPS-57551 | Enhancement: Language settings configured in Harmony Management UI now change the Endpoint Security Client language but do not override user-defined language settings. |
| AHTP-31935 | Enhancement: Configuring Data Loss Prevention policy for GenAI applications now provides enforcement granularity per application. |
| Anti-Bot and URL Filtering | |
| AHTP-31275 | Enhancement:
|
| AHTP-31358 | Enhancement:
|
| AHTP-31357 | Enhancement: Added ability to allow users to dismiss the URL filtering alert and access blocked websites. This option uses the same settings as the Browser Extension in Advanced settings > Web & Files Protection, as follows:
|
| Anti-Ransomware, Behavioral Guard and Forensics | |
| AHTP-31612 | Enhancement: Improved the sensors for specific attacks. |
| AHTP-31364 | Enhancement: Improved Anti-Ransomware remediation for directories. |
| AHTP-31359, AHTP-31154 | Enhancement: Improved proxy and Super Node compatibility for the Anti-Ransomware, Behavioral Guard and Forensics Blade. |
| AHTP-30400 | Enhancement: Behavioral Guard signatures are now loaded faster. |
| AHTP-30192 | Enhancement: The Forensics report now provides better visibility into the exact Registry location that triggered the detection. |
| AHTP-31515, AHTP-31294, AHTP-31783 | Enhancement: A series of performance optimizations are introduced to improve overall system performance and reduce CPU consumption. |
| Compliance and Posture | |
| EPS-58832 | Enhancement: Updated the SDK used for scanning and patching vulnerabilities to version 2024-04 (9.7), enhancing compatibility and performance. |
| EPS-57949 | Enhancement: Improved the installation rate in Posture management. |
| Full Disk Encryption | |
| EPS-55649 | Enhancement: Installation now halts if multiple ESP (EFI System Partition) or old SA (FDE System Area) partitions are detected, displaying an error message that directs users to remove extra partitions before reinstalling. This ensures a clean installation environment. |
| EPS-56932 | Enhancement: TPM (Trusted Platform Module) is now automatically disabled (for FDE use only) during OS upgrades to ensure smooth upgrades without compromising security. TPM is re-enabled upon completion. |
| Threat Emulation | |
| AHTP-31173 | Enhancement: Enforcement of Infinity IoC by Endpoint Security Client is now performed faster. |
| Browser Extension | |
| AHTP-31702 | Enhancement: The Browser extension icon now displays Data Loss Prevention policy name and number. |
List of Resolved Issues in E88.70 for Windows
| ID | Description |
| General | |
| EPS-59250 | In some scenarios, memory usage of the CPDA and DAF services is excessively high. |
| EPS-57684 | When using the "Kill Process" push operation to end a specific process, the operation seems successful but process is not killed. |
| EPS-57577 | The Reconnect tool fails to remove redundant files after successful Server migration. |
| AHTP-31537 | A kernel memory leak related to early boot processes. |
| EPS-57714 | Revo Uninstaller attempts to remove the Endpoint Security Client may remove the Client registration with Windows Installer, which may interfere with later installations or affect how Windows recognizes or interacts with Endpoint Security software in the future. |
| EPS-57465 | Some notifications fail to display due to missing localization support, with the notification text defaulting to English. |
| AHTP-32364 | Environments with limited access to the internet (such as semi-isolated environments, or networks where most of the traffic is blocked by firewall) are unsupported and may lead to the malfunction of multiple capabilities. |
| AHTP-31308 | The Management Server displays exclusion instructions in the Description field of incident logs sent by Threat Emulation, Anti-Bot and URL Filtering from endpoints. |
| EPS-57808 | In the GUI > Menu > Advanced > View Policies, File Protection (Threat Emulation) policy is missing, when Anti-Malware and File Protection are installed. |
| AHTP-32010 | The Resource field for DLP events is not displayed. |
| EPS-59331 | After Windows updates on HP devices with Full Disk Encryption, the EFI System Partition (ESP) becomes fully occupied with data from multiple sources (FDE, Microsoft, and firmware vendors), resulting in Windows OS failing to load during boot. |
| Anti-Malware E2 (US-DHS and EU compliant) | |
| EPS-57248 | Microsoft Defender removal causes incorrect Anti-Malware blade status, it is displayed as "not running". |
| EPS-58161 | When the Anti-Malware Blade is disabled through the Edit Capabilities settings and configured time out interval passes, the blade remains inactive instead of restarting. |
| EPS-58091 | In Anti-Malware, the "Rescan" option may not trigger the scanning as expected. |
| AHTP-31282 | The scheduled scan with randomized scan time does not function on the configured hours. |
| Anti-Ransomware, Behavioral Guard and Forensics | |
| AHTP-31842 | There may be multiple Windows Events enabled for logging by Endpoint Security Client. |
| EPS-58173 | In rare scenarios, the EFR.db file size may be large. |
| EPS-57535 | After an upgrade, the EFR service status is inconsistent. |
| Compliance and Posture | |
| EPS-58046 | Automatic deployment of posture management patches fails because the download resources are unavailable. |
| Firewall and Application Control | |
| AHTP-31007, EPS-58223 | In a rare scenario, BSOD is caused by the Firewall driver during an upgrade. |
| EPS-57608 | The Firewall driver routes packets to an incorrect network adapter. |
| EPS-57417 | In a rare scenario, during an upgrade, the Firewall driver configuration gets corrupted. |
| EPS-51944 | After an upgrade, in a rare scenario, the Firewall Blade does not run. |
| ID | Description |
| General | |
| EPS-59260 | NEW: The File Protection Blade now computes SHA256 hashes for supported file types to enable compatibility with SHA256-based Infinity IoC indicators. This feature is available for EA customers (Early Availability program). To enable it, contact Check Point support. |
| EPS-59463 | Enhancement: The Diagnostic report now collects the data by default, without a configured policy. The data is sent to the Security Management Server only if explicitly allowed. |
| EPS-59411 | Enhancement: Improved reconnection reliability. Super Node configurations are now automatically updated when Endpoint Security Clients connect to new Servers. This prevents connection attempts to obsolete nodes. |
| EPS-58517 | Enhancement: On Terminal Servers, if a restart is required during an upgrade and no user interaction is detected, the system now automatically initiates the reboot. |
| EPS-58416 | Enhancement: The dynamic EPS.msi is now saved in the C:\ProgramData\CheckPoint\Endpoint Security\Installer\Backup folder to prevent upgrade/uninstall failure with the "Cached msi C:\WINDOWS\Installer\XXXXXXX.msi of version 8X.XX.XXXX does not exist. Refer to sk139752" error. |
| EPS-58044 | Enhancement: Super Node now creates under "ProgramData" folder instead of "Program Files (x86)". |
| EPS-57928 | Enhancement: Added a new push operation that stops self-protection with a specified timeout and automatically restarts it afterward. |
| EPS-57887 | Enhancement: A new log entry is now generated in Endpoint Security Client UI logs and Management logs when Host Isolation is enabled or disabled. |
| AHTP-32064 | Enhancement: Enhanced the cleanup mechanism to remove unused temporary files from the C:\Windows\Temp folder. |
| EPS-57982 | Enhancement: Starting from the E89.00 Endpoint Security Client version, HTTPS communication uses a hardened cipher policy by default, allowing only whitelisted secure TLS cipher suites. |
| Anti-Malware E2 (US-DHS and EU compliant) | |
| EPS-58859 | Enhancement: When uninstalling the Anti-Malware Blade, reboot is no longer required. |
| EPS-58501 | Enhancement: Optimized performance of the Endpoint Security Client UI when the Client is minimized to the system tray while an Anti-Malware scan is running. |
| AHTP-32485 | Enhancement: Added functionality for the "Open app" button in Windows Security Center > Security Providers > Anti-Virus. Clicking this button now launches the Anti-Malware overview section within the Endpoint Security Client user interface. |
| Anti-Ransomware, Behavioral Guard and Forensics | |
| AHTP-32557 | Enhancement: Improved Windows Defender detection system to apply automatic exclusions faster. |
| AHTP-31834 | Enhancement: Enhanced support for excluding files and processes located on network paths from the Anti-Ransomware, Behavioral Guard and Forensics Blade. |
| Full Disk Encryption | |
| EPS-57875 | Enhancement: Smart Pre-boot UI now provides clearer mobile login instructions and improved guidance for network setup when Wi-Fi configuration is needed for Server communications. |
| EPS-58320 | Enhancement: FDE Pre-boot authentication now displays the user's actual display name instead of the auto-generated Azure AD constructed name when the "show last used user" option is enabled. |
| EPS-58193 | Enhancement: The Endpoint Security Client UI now displays timestamps for Pre-boot password events. |
| Threat Emulation | |
| AHTP-32549 | Enhancement: Optimized File Protection Blade performance by eliminating redundant calculations and reducing thread creation. |
| AHTP-32011 | Enhancement: Introduced the Static Signatures engine as one of the File Protection engines. The engine adds additional signature enforcement capabilities based on Check Point research discoveries. The detector previously named "Static Analysis" was changed to "Heuristic Signatures" to better reflect its functionality. |
| Remote Access VPN | |
| ESVPN-4203 | Enhancement: Added support for Diffie-Hellman Groups from Group 15 through Group 21. Requires Check Point Quantum R82 Security Gateway. |
| ESVPN-3658 | Enhancement: Added support for SHA-384 and SHA-512 Data Integrity algorithms. Requires Check Point Quantum R82 Security Gateway. |
| ESVPN-4506 | Enhancement: Added prevention mechanism against TunnelVision attack - CVE-2024-3661. Refer to sk182290. |
| Capsule Docs | |
| EPS-59507 | Capsule Docs reached its End of Support. To upgrade to the E89.00 Endpoint Security Client with managed Capsule Docs, you must uninstall Capsule Docs from the machine first. |
List of Resolved Issues in E89.00 for Windows
| ID | Description |
| General | |
| EPS-58321, EPS-58158 | A display issue in the Japanese version of the Endpoint Clients UI may occur because the Japanese OS uses a specific code page for Japanese character encoding. Refer to sk182856. |
| EPS-59766 | The system incorrectly saves data to a temporary file instead of memory when downloading, leading to uncleaned temporary files and potential performance issues. |
| EPS-59655 | When clicking the "View Progress" option from the tray pop-up menu, no window opens up. |
| EPS-59594 | When empty temporary files get deleted, the log still reports "0" for the number of deleted empty files, although several of them were deleted. |
| EPS-59556 | The Security Gateway uses WMI to query Active Directory Domain Controllers. When it receives a wrong value, the Endpoint Security Client may become unresponsive. |
| EPS-59501 | The Portuguese translation of the message: "Your computer is compliant with the organizational security policy" is not accurate. |
| EPS-59372 | The "invalid date" message is displayed at the bottom of the Client when the Server is disconnected. |
| EPS-59268 | The CPFileAnlyz process exits after an upgrade. |
| EPS-58750 | Blades missing from the StoppableBlades registry key are not displayed in the Edit Capabilities list for activation. |
| EPS-58697 | Enabling/disabling Self-Protection does not trigger a log entry. |
| EPS-58608 | Endpoint Security Client is disconnected after a new SSL certificate was installed on the Endpoint Security Management Server. |
| EPS-58654 | A long text in a push operation causes Endpoint Security Client to remain stuck with the "Sent to clients" status. |
| EPS-58165 | Some machines appear as disconnected in the Endpoint Security Client UI despite it is online on the Management Server and logs are not uploaded from certain Clients to the Server. |
| EPS-58620 | Newline characters are not correctly displayed in a pop-up message. |
| EPS-57972 | Applications unexpectedly close in development environments while debugging with Visual Studio. |
| EPS-59239 | The CPDA service exits because of missing Azure Domain data, causing Endpoint Security Client disconnection. |
| EPS-58611 | The "Upgrade Now" button in the Initial Client UI does not trigger the upgrade process if the installation is postponed. |
| EPS-58618 | Endpoint Security Client upgrade fails with "Error 27562" visible in SmartEndpoint and Infinity Portal. |
| EPS-58621 | Endpoint Security Client gets disconnected after the installation in an Azure environment. |
| EPS-58743 | Upgrading the Endpoint Security Management Server may fail with the "Failed to download package" error. |
| EPS-59385 | The cpda.exe process exits during an Endpoint Security Clients upgrade. |
| EPS-59596 | Downloading the installation package may fail. |
| Anti-Bot and URL Filtering | |
| AHTP-32017 | Network speed reduces when URL filtering is enabled. |
| AHTP-32586 | Denied access to legitimate Google domains (google.com and related sites) after accidentally visiting oogle.com (missing the initial "g"). The erroneous domain visit prevents subsequent access to authentic Google websites, even when correctly entered. |
| AHTP-32994 | High memory and CPU usage of Anti-Bot Blade when DNS Inspection is running on DNS Servers. |
| Anti-Malware E2 (US-DHS and EU compliant) | |
| AHTP-32712 | Endpoint Security Anti-Malware Blade is not listed as a Managed Provider on the Windows Security Dashboard. |
| AHTP-32291 | A Windows Security pop-up is displayed: "Check virus protection - Microsoft Defender Antivirus and Check Point Endpoint Security are both turned off. Tap or click to see installed antivirus app". This occurs despite the Anti-Malware Blade appears active in both the Endpoint Security Client UI and Harmony Management Portal. |
| AHTP-32423 | Turning off Anti-Malware via Edit Capabilities in the Client UI did not reflect in Windows Security |
| Firewall and Application Control | |
| EPS-58327 | A race condition may occur when an application previously allowed is blocked by Application Control after a new policy is applied. |
| Full Disk Encryption | |
| EPS-57688 | The "Remote Help" checkbox and "Password change" field in the Remote Help dialog may stay visible in the classic Pre-boot window when the option "OneCheck > Remote Help > Allow account to receive remote password change" is disabled. |
| EPS-59405 | Wi-fi does not work in Smart Pre-boot on HP EliteBook 840 G11. |
| EPS-59548 | The built-in touchpad does not work in Smart Pre-boot on HP EliteBook 840 G11. |
| Threat Emulation | |
| AHTP-32418– | When the Threat Emulation license expires, an incorrect status ("Connection error" instead of "INVALID_LICENSE") is shown in the Operational Overview. |
| AHTP-32443 | After an upgrade, File Protection Blade appears in Initializing state (Pause) although it is up and running. |
| Remote Access VPN | |
| EPS-59410 | After a failed upgrade ending with the "The error code is 26704" message and reverting to the previous version, the VPN service remains down with Watchdog and TracSRVWrapperprocesses stopped, requiring manual intervention to restore functionality. |
You may also like...
-
Announcing End of Life for Kaspersky Engine in Harmony Endpoint- Started by Trident
- Replies: 14
-
Harmony Endpoint by Check Point
- Started by Trident
- Replies: 704
-
Deep Research: McAfee GTI, JTI, Artemis and Other Technologies Explained
- Started by Trident
- Replies: 2
-
Deep Research: Trend Micro VSAPI and ATSE Release History and Modus Operandi
- Started by Trident
- Replies: 7
-
