Check Point Endpoint Security FAQ
What is Check Point Endpoint Security?
Check Point Endpoint Security (CPES) is an enterprise encryption product that was acquired around a year ago. Formerly, it was known as Pointsec. CPES consists of multiple modules, two of which we care about:
- Full Disk Encryption (formerly Pointsec PC) enables you to encrypt the hard disk of workstations and laptops running Windows, Mac OS X, and Linux.
- Media Encryption (formerly Pointsec Protector) enables you to encrypt data at rest on smart-phones and PDAs running Windows Mobile, Palm OS, and Symbian.
Why Check Point?
CPES satisfies the requirements of Minnesota’s Office of Enterprise Technology Portable Computing Device Policy, and a statewide purchase contract (vendor #200649721-00, contract #437009) was negotiated by OET, which the System chose to leverage. This was not purely a financial decision; CPES’s technical capability and multi-platform support made it an ideal choice for our large and diverse environment.
Why do I want it?
Your users work with non-public, private and sensitive data as part of their jobs. Some of them store that private data locally, exposing our systems and data to additional risk of loss should a PC or laptop be lost or stolen. By ensuring all data residing locally on a workstation’s hard drive is encrypted, the ability of a thief to gain access to that data is severely limited.
Additionally, in the event a computer is lost while the hard drive is fully-encrypted, the likelihood that a breach notification will need to be completed is greatly reduced.
How did you determine how many licenses to purchase?
The Information Security Office requested the total number of staff/faculty laptops and desktops used to access ISRS, since this population is readily quantifiable and most likely to be working with and storing non-public data.
What does it cost?
There is no cost to MnSCU institutions. The licensing cost is paid by the Information Security Office, and is $40/seat. The maintenance is $5/seat/year, and this cost will also be covered by the Information Security Office. Effective July 1, 2009, this pricing will increase 10%.
What do I get with my license?
Each license allows one computer (Windows, Linux or Mac) to encrypt any and all local hard disks connected directly. Pointsec clients for Windows, Linux and Mac are available and are managed similarly. There is no cost difference for using a Mac or Linux client, except that you must still own one seat for each. So 5 Windows laptops, 5 Linux workstations and 5 Mac laptops will require 15 licenses total.
How do I access my license information?
With Check Point’s acquisition of Pointsec, the licensing scheme was changed. Institutions that received licenses as part of the first round of purchases received a license code that can be used during installation and implementation of Pointsec. For future installations and updates, you must now generate a license certificate from within Check Point’s User Center website. This is also where you will go to issue support requests.
Where possible, two staff members at each institution have already been added to that institution’s User Center account. To log in, go to the Check Point login page and log in using your complete email address. If you missed the original notification that you were added to a User Center account, you can click on the link “Forgot your password?” and have a new password sent to your email address.
If you should have access but do not currently, please ask your CIO if they can log in and add you to the account, or have them email John Hoffoss to be added to your institution’s User Center account.
You can get more help on User Center functionality and capability in the User Center Step-by-step Guide or by contacting either Fred Mathys with Check Point or Nick Castle with FishNet Security.
What training and resources are available?
- Authored by a team of ITS staff from around the system, Developing a Deployment Plan for Pointsec for PC is a document that presents an overview of the CPES products, along with secure default options and explanations for the configuration options of the software. Written by Kevin Thompson (Minnesota State University Mankato), Nhan Tran (Metropolitan State University), Tom Melin (Pine Technical College), Ken Ries (Pine Technical College), Judith Storkamp (St. Cloud State University), and Jason Rausch (Saint Cloud Technical College). Email Kevin Thompson or John Hoffoss for the latest version.
- The OET Pointsec email list. Email Rick Ensenbach to request subscription.
- The OET resources page for Check Point.
- CPES training sessions led by Kevin Thompson (Minnesota State University Mankato) or Firasat Khan (Metropolitan State University, Center for Strategic Information Technology and Security).
Fred Mathys - Check Point Software | Channel Manager |
Nick Castle - FishNet Security | Inside Sales - MN, IA, ND |
|
John Hoffoss - OoC | Information Security |
Kevin Thompson - MSU Mankato | Information Security |
