Check Point Harmony Endpoint Reviews

We deployed this product to harmonize our products and have one central access point. 

It helps us to set security features that protect the computing devices from malware attacks. 

It gives me an opportunity to manage applications that works on various workflows centrally. 

Integration with all employee devices has enabled my team to monitor the security situation and put in place emergency measures in case of any threat. 

Team members can connect their working devices from a central networking connection that is secure and reliable.

The high-level security provided by Check Point Harmony Endpoint has given my team all the required tools for setting up a central network control platform. It provides solutions to challenges that affect workflows slowing down performance. 

There is improved business work processes agility that keeps all the sectors functional. 

There has been improved security compliance and risk management in all the business transactions that we undertake since we deployed this application. 

Laptops and mobile devices that operate within the enterprise have been secured, and teams can easily focus on more productive roles without fear of being attacked.

Data security analytics enable us to prepare and take suitable precautions before landing in trouble and exposing confidential information. 

The cloud management system provides security to hybrid information and saved files. 

The customer support services are efficient and always reliable when reached for any consultation. 

It supports operating systems that are deployed in computers and mobile devices. 

New users familiarize themselves easily with the operation of UI since it has flexible dashboards. 

The faster data processing capability saves time and costs for accomplishing given tasks.

It has full performance capability to execute the given duties. 

It blocks safe URLs sometimes when there are network interruptions. 

The cost of deployment varies with the existing working conditions and the organization's size. 

The cloud networking infrastructure can be attacked if there are limited security features and poor monitoring capacity from the IT team. 

The overall performance impressed my team. Check Point Harmony Endpoint is the sure deal for enterprise security coverage and computing device control.

I've used the solution for ten months.

It is stable in the provision of reliable security.

I am impressed by the performance of this product.

The customer support staff is ever supportive.

Positive

I have not used a similar solution previously.

The initial setup procedure was straightforward.

There was high-level expertise from the vendor team during implementation.

There has been a positive ROI since we deployed it.

The setup cost and licensing terms vary according to enterprise size.

I evaluated several options. This platform was the best.

I recommend the implementation of this platform in other organizations.

The main option for which this solution is used is to have all the peripheral equipment protected - avoiding risks due to malware and viruses. The solution can be managed by device, with filtering and analysis of the information of all collaborators available there. 

It's used to analyze emails from key users and for content filtering rules. It does not allow dangerous downloads, which protects the work of the organization outside the main network. It gives tools to the collaborators to make the work outside the installations (home office) easy.

With COVID affecting the world, a solution was needed that could be able to provide security at workstations outside of the organization itself. With the sandblast tool, coverage is made on the equipment that we provide (laptops) and employees can carry out their activities from home. The tool has provided us with security to ensure that the computers are protected while also providing information analysis. It offers easy control and implementation of content filtering rules. Thus, you have control of all the organization's teams outside and within the operational network.

The endpoint agents, which can be installed in one go, are great. The communication with the console is very dynamic and remote, without the need to return to the computer locally. 

From the administration console, we can generate content filtering rules and labels, as well as run an analysis of emails and downloads that the collaborator does to fulfill their functions. Informing the administrator of threats by mail gives us the facility to detect real-time vulnerabilities in order to continue fulfilling the objective of safeguarding the information of the organization.

There needs to be compatibility with the most recent versions of the various operating systems. They need to be up-to-date with the signatures of new viruses and the latest ramsonware. With the encompassing of all its solutions in one platform, there should be artificial intelligence for specific analysis to thus be able to anticipate and detect unique risks to the organization. 

To be able to count on the administration console on any device and online cloud would be ideal. We would like there to be no need to install clients as executables.

I've been using the solution for one year.

We like the idea of ​​continuing to implement more solutions offered by Harmony.

Technical support is good. They comply when we need support or have product questions.

No, Sandblast was chosen as the first option.

The solution meets our business needs. 

We did look at Fortinet solutions.

With every new firewall that we're purchasing, we're deploying the SandBlast Agent. At the moment we're only running it on about 20 firewalls, just because the licensing isn't retroactive. What we need to do is produce a proof of concept to say, "This is the stuff we're getting." We're looking at it in a learning mode and then we can consider getting into a more aggressive mode of stopping everything. At the moment, we're trying to use it to give us information rather than to fully stop everything.

It's deployed on our physical firewalls, on-prem.

We have seen some attempted ransomware in our network. With the firewall we've already got IPS, but we wanted to integrate the endpoints into that as well. That's something we are seeing. Our IT risk team are getting those reports and seeing them and seeing fewer potential attacks.

It reduces potential downtime through ransomware by reducing risk. I don't think I would go to the CEO and say, "Hey, we've completely eradicated this and that," but it certainly complements other Check Point products that we have. It gives us some more information about what is happening and where it's happening on the network, on-prem, on the applicable firewalls. It's hard to say exactly what it has improved because it just works very well with what we've got. Certainly, with our Windows environment and our VPN, we do see a lot more. But I don't know if there's just more of a focus on the reporting, as a whole, that we're getting.

We have had previous ransomware attacks, and while we can't necessarily quantify any downtime or loss, there certainly was risk around that. This has reduced our risk in that environment. That's one of the big focal points. From a network operational point of view, could you ask, "Well, has it reduced things?" and the answer is "no," but from an IT-risk point of view, our IT risk team have certainly seen less impact from attacks. We're more proactive than reactive, compared to how we were doing things before.

We don't see it leading to a reduced number of security engineers. What we do envisage is information and empowerment. Rather than manually having to check this, that, and the other, we're looking at having these tools available and for them to produce actual results. We definitely see this tool helping us do that.

It's pretty complete for preventing threats to endpoints. Its capabilities are great.

The solution's automated detection and response capabilities are pretty good. It really depends on how aggressive we want to be with it. We've not deployed it in the most aggressive way you can, such as shutting down everything, because we've not deployed it in a greenfield site. It has not been deployed with that in mind. It has been deployed as an add-on service. As such, we don't want to be as aggressive as some top security firms would recommend we should be.

We do like the product, although there are quite a few things that we're asking our Check Point account team to enhance, where we think we probably could get more features from it.

We use a couple of Check Point products, like SmartEvent, and SandBlast Agent is not really integrated into that. We haven't gotten the reports working yet. We are working with the account team and trying. As I said, it's still relatively new in terms of what we're trying to achieve. We probably should have had more Professional Services come and help us. But, from our company's point of view, especially at this time in the market, the finances are just not there. But from what I've seen so far, I don't think there's enough integration into SmartEvent. That's something that I've asked our account team to try to focus on in the next versions or as an enhancement request.

Integration and deployment are probably the weakest points, and maybe service as well, although they are still at the high end. Would we go out to market and buy this on its own? Probably not, is the honest answer. But because it is a Check Point product and the licensing comes as part of it, it gives us this time to go and prove that, when it's together with all the other products that we have from Check Point, it certainly integrates very well. Would I go and buy this just as a standalone service if we didn't have Check Point firewalls? Probably not.

We're relatively new to Check Point SandBlast Agent, once they put it onto their firewall platform with the new environment. It comes built-in for the first year, including the cost. We've sampled it, starting about four months ago.

We had seen it work before. We had demos with it, but it was always something that seemed would be a nice feature to use, but not something the business wanted to buy into, per se. Now that it comes as part of the package for the first year, we thought we'd give it a go and see how it gets on.

I've had no problems from a stability point of view. It just seems to work.

It's definitely scalable. It's whether there is a business appetite. When we get a new firewall, we'll enable it and run it through the service. It's scalable to retrofit. We could do that and we could run that very easily, but that would involve a commercial spend, which at the moment, no one wants to do. We understand that, but the solution is certainly something that is of interest to various people.

If we get approval then it will move from a PoC to across-the-board. At that point, there would be between 100 and 200 people using it and thousands of agents. It could be scaled out to our whole organization. Again, it's funding-dependent.

We have Diamond Support, so it's very good, but we pay for the privilege. We have one engineer and a separate TAC team.

We had a solution but it wasn't really a similar solution. This is the first of its kind for us, for what it does. We do have antiviruses, so that the machines aren't just dead, and we do have our own hybrid package of something that, if you add four of them together, maybe adds up to half of this, but no similar package.

It's relatively easy to set up. There's plenty of documentation out there for how you do it. The way we've done it is probably the easiest way of doing it. We're not going all-out. We've gone with a small approach, mainly due to commercial reasons.

Our implementation strategy is just to switch it on in our new firewalls and see what happens, honestly. That's not always the best approach, but we switch it on in learning mode to give us information on what's out there and to see what we didn't know.

It took us about three weeks with the first two firewalls, and that doesn't include the firewall build time. That's just setting up everything else and the integration piece. There were two of us involved, me and a colleague. There were "dotted lines" into others, such as our IT risk team where we were asking, "Hey, is this what you want to see?" We're not really offering it as a full service, it's a PoC. If it goes live with a view to deploy it to all of our firewalls and all of our endpoints, I wouldn't say we would need any more people. It would be part of our operational team. The same is true for the risk team. I don't think we would need to get more people, although we see the IT risk team having more of an input.

We did it ourselves.  Potentially, if I had an open wallet and a blank cheque book, would we use a third-party? Yes, of course we would, but at the moment that option is just not there.

Return on investment would be not being attacked. Have we seen any? No. Has it identified certain things? Yes. The way we've got to look at return on investment is, all of a sudden we're less vulnerable to attacks. That's a hard measurement to define. Ultimately, not being attacked, and our reputation, is worth a lot more than just a dollar figure.

The cost-effectiveness of SandBlast is knowledge and understanding what is happening on our network. Do we have some infections? Are we seeing certain things which, without this tool, we would be exposed to? Yes, we are seeing that.

Licensing comes free in that first year or is included in the base package. From a commercial point of view, it really just is the renewal cost, rather than a one-time fixed cost or buy-in. That's for new firewalls. For existing firewalls, we haven't even gotten to that point yet. They don't even want us to look at the pricing. First, we need to think about what the product does. Does it do what it says on the tin? And if it does, then it's a commercial thing. We have quite a good commercial model with Check Point, so we don't really need to worry about that too much. The pricing should be good.

The licensing, the way they've changed it, is a positive and a negative. Ultimately, Check Point has changed how it operates and now we have to go back and retrofit.

If this does everything it says it does, I don't see any reason that we would use a different product, because this integrates so well with existing Check Point products.

What we've gained is more of an understanding of what's on our network. If I were to go and do this again from scratch, I probably would have looked to integrate more with our Check Point sales team and would have gotten more help from them.

My advice would be to involve your SE. He can help you through a lot more of the options when you deploy.

We don't use the solution’s Management Platform for the creation of virtual endpoint management services in the cloud. We haven't got to that cloud point yet. It's something we could do, potentially. We're going to work with our account team about that. But that's the one of the lessons learned: We did it by just playing around with it rather than doing a full deployment.

I would rate it at nine out of 10. What comes to mind is its effectiveness. Normally, I don't get involved in the costing too much. Is it doing everything that it said it was going to do? Yes it is, at the moment. Could it be enhanced more? Sure. But we have a relationship with Check Point and they do deliver on the RFEs for us. If we say we want it to do this, they'll get their engineering team looking at that.

We use this solution for our desktops, laptops, servers, and selective mobile devices. It offers real-time protection against malware and other malicious threats is superb. 

Our previously used antivirus has not been able to identify certain threats. Check Point Harmony did it. That is a key highlight of this product. Check Point Harmony Endpoint includes a firewall component that allows us to enforce network security policies at the endpoint level, including application control, network segmentation, VPN enforcement, etc.

We can now see the performance of the computers. Previously, we used some other applications where we could see the CPU percentage go increasingly high. Compared to that, this solution is good. 

Check Point Harmony Endpoint helps us ensure endpoint compliance with security policies and regulatory requirements by enforcing configuration settings. 

Moreover, It provides visibility into endpoint activities and enables security teams to detect, investigate, and respond to security incidents in real-time. So business progress never gets disturbed. 

It monitors endpoint behavior in real-time to identify and block suspicious activities indicative of malware or malicious behavior. This proactive approach helps us a lot. 

It employs sandboxing technology to execute suspicious files in a controlled environment and analyze their behavior. This allows it to identify and block malware that may evade traditional detection methods by remaining dormant or obfuscated. 

More importantly, it is easy to install from the cloud. 

Simplifying the user interface and making it more intuitive can enhance usability; this is more beneficial for those who are new to the industry and lack knowledge about threats. 

Enhancements in compliance management and reporting capabilities could help organizations meet regulatory requirements more effectively and streamline audit processes. 

Continuously updating and enriching threat intelligence feeds and research capabilities can improve threat detection and prevention accuracy and effectiveness.

I've used the solution for over a year.

Check Point is a well established cybersecurity vendor with a long history of developing and maintaining security solutions. Harmony Endpoint benefits from this experience and is built on a solid foundation of technology and best practices. That i believe. 

The centralized management console enables efficient management of endpoint security across the entire organization, irrespective of its size. Administrators can easily configure policies, deploy updates, and monitor endpoint activities from a single interface, streamlining management at scale.

Customer service should be improved. 

Positive

Check Point Harmony has fould a suspicious file that the previous application did not discover (that file was in the system for a period as alogic bomps).

The initial setup was straightforward and easy.

We handled the setup in-house.

We've noted ROI in Risk Reduction and have noted:

• Productivity gains
• Compliance cost reduction
• Operational efficiency
• Security consolidation
• Incident response cost reduction

Compared to other service providers, the price is a bit high. That said, it is worth the price. 

We did evaluate McAfee and Norton. 

The solution is good, hence I'm more concerned about the pricing. It would be good if that can be been reduced. 

We use the product at the perimeter. Since we do not have a branch, only one area is protected by the solution. The networks we have are in a compact area.

I love the product’s flexibility. We can manage the blade without changing the protocols. It is easy to manage how the tool runs the network. The product is easy to deploy. It’s a good firewall. It supports most of our OS, such as Linux and Windows. We can use it even on mobile devices. The browser and data protection are good. The solution has good threat intelligence features.

The network monitoring features must be improved. If my ISP says that they gave me 300 Mbps, I would like to see where the network is used the most and where we are underutilizing it. I need features to monitor the bandwidth. I want features to monitor the upload and download speeds.

I have been using the solution for the last three years.

The technical support is good. I was working on some backups of a hospital management system to the cloud. Check Point provided us with very good support.

Positive

The pricing is very high. The tool’s cost has increased by almost 300% in two years.

I will recommend the tool to others. Overall, I rate the solution eight and a half out of ten.

The implementation of Check Point Harmony Endpoint has provided great improvements in the functioning of our organization. Therefore, we wanted to protect our courses from cyber attacks and required an end-to-end security system that could prevent/save us from cyber attacks and protect our sensitive data. 

The advantages that it presents is that you can access the systems on multiple devices, be it laptops, Mac, Windows or mobile devices and this is a great benefit. It provides reports where it brings the details of vulnerabilities.

Check Point Harmony Endpoint was implemented due to the fact that malware and cyber-attacks have been steadily increasing lately and we needed a tool that would prevent cyber-attacks. With Harmony Endpoint, it is possible to identify those attacks and prevent them. It has also given us the possibility to qualify all these possible attacks and thus take into account where and how they want to penetrate our network.

This implementation provided a fully functional antivirus solution that gave the company the ability to defend against almost all threats occurring inside or outside the network.

Check Point Harmony Endpoint features different types of features but one of the most useful is an up-to-date and working anti-malware scanner.

The threat extraction and threat emulation have been a great benefit to give more autonomy to users.

On the other hand, it cannot be left out that it reduces the number of malicious attacks. It has helped us to properly monitor what has been happening with our network traffic and prevent individual attacks from accessing certain sites where we want to have restrictions or limitations.

Some problems that I have had with this and other Check Point tools in the cloud is when entering the portal since it stops responding or takes a long time to process a query and this causes delays and efficiency.

They should also add new functions such as threat hunting. 

Finally, it should be able to implement with and have a good integration and interaction with Azure in the management of vulnerabilities, and data management that between the two can be integrated 100% with Check Point Harmony Endpoint and thus be able to make good automated management.

It was implemented approximately 2 years ago

The product is very stable. It has some problems in the cloud where the access is stuck, however, nothing has caused improper functioning.

Check Point Harmony Endpoint is an easy to scale tool.

We have had good experiences. The cases have been successfully concluded.

Positive

Nothing was implemented that was similar to this type of tool.

As mentioned before, the configuration of this tool is very simple and interactive.

When the installation was done, a vendor helped us and explained how it worked.

With this tool, you can be sure of and have confidence that the investment made will protect the company's complete information.

Check Point Harmony Endpoint is a tool that I highly recommend. Its implementation is very easy, as is its configuration.

Several tools were taken into account, however, Check Point was chosen as we have already used several tools and it has given us confidence and solidity.

It is an excellent tool in the management of vulnerabilities.

Our company uses Harmony Endpoint for encryption and encapsulation. Our clients use it for data encryption.

The most valuable feature is Harmony Endpoint's encapsulation system which captures the whole system and protects it against other functions. It is really good for the Check Point Harmony specialists.

In terms of improvement, the ticketing system could be better.

I have been using Check Point Harmony Endpoint for about three months. 

In terms of stability, I would rate it an eight out of ten.

I would rate the scalability of the solution a solid eight out of ten. It could be slightly improved. Approximately 1000 people use Harmony Endpoint at our company. The maintenance is done once a week by a team of three engineers.

In the Harmony series, the products are linked to each other. It is a little tricky when you try to open a case and give it to an engineer because, in our custom environment, we have to access it from their devices. For example, in Harmony Mobile, their Android or iPhone devices have to be used. All of that takes time and it would be good if Check Point could find a better solution to this and create a feature to help us collect logs for the cases. I would rate the support a six out of ten.

Neutral

I'm currently working with Cisco Secure Endpoint and Palo Alto Cortex XDR. 

We use both the cloud and on-premise solutions. The initial setup is simple and creating a profile with the agents is easy. We only create agents and direct them to versions of the agents while we integrate them with the process. It only takes about five minutes to deploy one mission.

We have seen good results with the solution. If it is used with Linux or Mac, it provides better performance.

Check Point Harmony Endpoint is a subscription-based solution and the pricing is quite reasonable when compared to other solutions on the market. I would give it a nine out of ten in terms of affordability.

My advice to people who are considering using Check Point Harmony Endpoint is to be careful of which version you choose while deploying the solution. You should get the recommended versions for the agents. Otherwise, there will be a lot of problems and soft ticketing. Overall, I would rate Harmony Endpoint a seven out of ten.

Within the company, some departments, including the IT department, require their users to be connected from anywhere. In order to provide security to their teams, whether they were inside or outside the company, it was necessary to be able to implement a robust solution that would help us with access, equipment security, and reliability both for the protection of equipment information and to avoid vulnerabilities through applications to which users have access with credentials and administrator permissions.

This "Harmony Endpoint" tool is a modern solution from the Check Point Harmony family and has helped us improve the company's security with anti-malware protection, ransomware, among others, real-time protection, monitoring, and review of logs from the Check Point Infinity Portal. 

Thanks to these characteristics, we have gained control over the equipment to avoid data loss. For example, with the encryption of the device units, we can avoid loss of the equipment, as well as access protection and application control policies, among other options that were enabled. It's leveraged to improve security.

The most important characteristic of our requirements was the implementation of disk encryption. It's necessary to avoid loss or theft of the equipment and, therefore, loss of data from the equipment. It can be applied to all the equipment from the portal or segments.

Another advantage is the control of applications and access policies that can be carried out in a granular manner for different company profiles. It works very well.

It offers secure administration from Check Point Infinity Portal. It is a security center where many of the Check Point solutions are located.

The improvements that can be mentioned are few. The solution and its architecture are very well done.    

The Check Point Infinity Portal sometimes has some latency or performance issues that are slightly worse, affecting user management. It cannot be improved by the customer.

We would also like to make the documentation for more modern solutions like the Harmony family easier to find. That way, we can implement these solutions with the best practices recommended by the manufacturer.

The solution has been used for more than two years for our portable devices with high mobility.

Previously we used ESET at endpoints, however a site once had a ransomware attack and the solution was not able to solve the problem, so it was decided to change.

The costs are per user. It is a good option for covering company equipment.

I recommend finding a partner that can help you with the costs for this and any other Check Point solution.

This solution is very good and complete. I recommend it. You should try it and decide.