Check Point Harmony Endpoint Reviews

We primarily use the solution for protecting our endpoints from malware. We've provided features to group the endpoints and apply specific policies by including or excluding them in a certain policy group. 

It's great for endpoint security and protection. We are using the VPN feature as well to connect to the corporate network of our organization, which is a good feature. It's used for scanning malware and other malicious files on endpoints which greatly enhances our security posture for endpoints, including Windows and Macs and other operating systems as well. 

Check Point Harmony Endpoint benefits a lot to organizations by providing endpoint protection. There is centralized management through the Harmony portal, which is really nice. 

It is quite easy to use and deploy the agent on endpoints to protect them from bad actors. 

Daily signatures updates are really good and helpful in protecting against zero day vulnerabilities and exploits. 

The firewall and application control greatly improves our security posture. End users are unable to install any suspicious or malicious apps in our environment. 

The sandblast agent, policies implementation, and logs are quite valuable aspects of the solution. 

Threat emulation and anti-exploits are great features to protect the endpoints. 

The remote access VPN within the endpoint agent is quite easy to set up and use. 

The Harmony portal allows us to do a single sign-on using our active directory which makes the life of admins easy. 

Harmony Endpoint scans all website before opening and also scans fields on the website that protects from XSS and CSRF attacks which is really an advanced level feature. 

The endpoint scanning tools are quite enhanced and detect most malicious files. 

Sometimes the portal loads slowly which should be improved. 

There should be an easy option for the administrator to turn off or disable malware protection on a specific asset or computer instead of adding a specific asset in a Disable group as that will make it easy for the admin to disable if and when required for some testing purpose. I would like this feature to be added. 

Logs searching also needs to be more quick and enhanced and more metadata should be stored in the logs for Endpoint for a better view for admins. 

I've been using the solution for two years.

We have this at an enterprise level and we have it for all our endpoints. We use the product for disk encryption, anti-malware, and BPM blades.

The solution offers disk encryption, anti-malware, and BPM blades. For example, the Disc Encryption Software Blade is actually a part of this endpoint security solution. The whole thing is good for us.

The product has been proven 100% effective with us. We haven't had anything related to any threats passing to us for the past five years.

The solution is easy to use. It is self updated when there's a new version. It updates seamlessly, no matter what features you have. However, depending on what we use, there are some features that they will not apply in the clinics. We don't have the preview screen. We can customize it in a way that it doesn't disrupt our operation depending on if it is a laptop, it is a desktop.

The security is very good.

The solution is very straightforward.

The solution scales well.

We have found the stability to be very reliable. 

The solution is mostly very good. The reason why I'm trying to compare it with FireEye is due to the fact that it's supposed to be a mandate by the State. We are trying to justify the fact that we don't need to change our environment. For example, if the only thing that they want is to provide reports for the State, then that's a different story. We can customize the reports based on what they're asking for. We don't need to change or want to, however, the State may require us to.

Technical support can be a bit slow at times. 

We've dealt with the solution for ten years.

The solution is very stable. There are no bugs or glitches. Its performance is good. It doesn't crash or freeze.

The scalability of the product is very good.

The solution offers very good technical support. While they may be a bit slow, they always come through with a solution. 

The initial setup is very straightforward. It's not a problem at all. 

I have no information in terms of the pricing. I'm not involved with neither the purchase, maintenance, contract, or anything that has to do with licensing.

The company may be interested in trying to change to FireEye. I'm looking at it now to see what differences and advantages are at play. 

We're just a customer and an end-user.

I'd rate the solution at a ten out of ten. We've had no problems with it at all.

We are an international systems integrator company for Check Point Endpoint Security software solutions.

It's easy to deploy Check Point. If you try to download files or if you try to access any website, Endpoint will secure the activity. The malware will not be permitted to enter from the internet or USB drives. 

The SandBlast agent is the most valuable feature for Check Point Endpoint Security. We've found that the Check Point SandBlast agent is mature.

The remote deployment with Check Point Endpoint Security requires improvement. We have to depend on some of their deployment tools. 

I would like a dependable system endpoint protection management tool or remote deployment tool. The deployment on the remote client needs some type of tool to implement it.

The stability of Check Point Endpoint Security is quite good. One single install is enough. You can forget about it. Then it just takes care of scanning and updates. 

The beauty of Check Point Endpoint Security is the forensics. The forensics are very complicated too and it is easy to understand if some malware has entered into your PC. 

With Check Point forensics, they provide a pictorial diagram in the materials when malware is downloaded, when it is activated, when it is trying to contend with it, and when it is quarantined. 

Across the entire Check Point Endpoint Security software package, the network reports are really good.

For maintenance, one or two employees is more than enough. We have about 30 users total in our company.

The technical support from Check Point is really awesome. They initiate a call once they find a result. From the charts, alerts, and reports, you can reach out to support. 

If you share your phone number, they will call. Check Point provides us with really great support. Unless the issue is resolved, they will not disconnect the phone.

We also used Symantec and some of their anti-malware products. Once we tested Check Point, we realized that it's a lot better. 

The initial setup of Check Point Endpoint Security was very easy. What we found was that they redesigned the entire UI, now called Infinity. Infinity is the new platform they evolved.

The Infinity platform gives us good results and is easy to manage. The entire process is straightforward. The deployment did not take much time, maybe close to three hours.

With Check Point Endpoint Security, you can go with the Suite license or you can go with the individual Blade license. I recommend the Full Suite license.  

Check Point Endpoint Security is not 100% compatible with Kaspersky and Symantec products. You can go only with Endpoint, i.e. you cannot mix with a competitor's solution.

It could be a good solution because they have multiple ways to handle the licensing model. If someone requires an encryption license, it is extra and not included in the base license. If you have any intellectual property, then the financial investment will be worth it. 

If you compare Check Point Endpoint Security to Kaspersky, Kaspersky has two types of suites. One is the Select plan and one is the Advanced plan. If you go with their Advanced plan, then that will collect all of the web confidence reports, many of which vary. 

Check Point Endpoint Security is easier for the administrator compared to Kaspersky, in terms of alerts and reporting. The admin receives regular reports and each report says how many total Windows versions are there, how many Office instances there are, etc.

Each product will have a unique set of advantages and different backgrounds, but when it comes to security, we are happy to go with Check Point Endpoint Security.

We also looked at Kaspersky. 

The anti-malware we found very good on Check Point Endpoint Security. Mainly we observe the overall deployment and then maintenance is easy. It is only one click and you can deploy everything.

Whoever wants their data secure, and they want to have peace of mind, make sure to go with the anti-malware capabilities on the SandBlast Agent. 

We consider Check Point Endpoint Security to be one of the best systems for SAP. 

The zero-day anti-exploit solutions should be there with Check Point Endpoint Security. Because of the budget, people keep the software, but my advice is that it is also a must-have software. You should have SandBlast Agent along with the anti-malware capabilities installed. 

I would rate it a ten out of ten. 

We had to protect our equipment inside and outside the perimeter network, regardless of where we were. Due to this need, we came to use Check Point Harmony Endpoint, which was extremely easy to deploy from the moment we logged in to the website. 

This solution is very user-friendly. After the Check Point tenant is created, it allows us to download the application for iOS or Windows, and it is only a matter of installing it so that the teams can start reporting to the Harmony Endpoint cloud. 

It came to provide us with security, reliability, and a centralized administration of unified services. It works regardless of whether you work on Mac or Windows systems, which are among the equipment we have in our organization. Today, our equipment is very diverse. However, we have managed to protect everyone with this solution. Check Point Harmony Endpoint provides support within the new organizational disruption trend of teleworking. With it, we manage to protect and manage all teams from a centralized policy. 

Its most valuable feature is being able to integrate cloud services and centralize the protection policy from a single administration dashboard. We are achieving uniform work that is easy to manage if any changes are necessary. Being able to give us an inventory of the equipment and the health status of everything from a single place has been great. This solution has become a great ally for the prevention of threats and security problems caused by viruses such as ransomware, and we are protected against threats, which is of great value. 

I would like to see this same solution being able to link with the services of different corporate networks as if they were a remote access VPN extension and thus not require additional licenses. We'd like to be able to integrate several products and services into one to be more efficient and user-friendly within the infrastructure. 

I've used the solution for one year.

Previously, one of our clients was using Symantec and we provided POV to them with Check Point SandBlast agent after that customer found that it's very easy and stable to use after E83 version released.

There were many bugs or cosmetic issues that Check Point rectified and provided the stable version.

It helps us to detect running malicious activity in our network and after the COVID situation, most users are working from home where it becomes very difficult for IT admin to maintain security so such type of solution definitely helps us to prevent cyber attacks.

Compliance check, anti-malware, Media Encryption Full disc encryption, Forensic behavioral ransomware protection are some type of feature that Check Point provides with a single dashboard console. It gives overall host information about when any malicious activity has found and what action by which security blade has taken. So starting from firewall bladed to forensic / ransomware blade it gives us finite detail information on the host. So most of the security load has been transferring to the endpoint which is perfectly doing their work.

Most of EDR solutions which detect malware based on AI or ML. Check Point provides the most sophisticated attack vector information by combining these two. The forensic analysis gives detail information about host compromised how exact payload was executed and bots were communicating and how it prevents them.

Anti-ransomware createS a copy of your entire disk in case any suspicious activity founded then it automatically restored all files to its last backup file date so even after the system gets compromised by ransomware still we get hope to get all data safely.

Stability.

We know that Check Point has a very good database about threats even Check Point tries to make this EDR stable still there are some issues we were facing after upgrading or taking TAC to help its got resolved but Check Point really needs to work on metadata.

Check Point agent to Server communication many times got interrupted or cloud-managed infinity portal dashboard gives many issues while creating policy or installing uninstalling agent or packages.

Heavy load on the system gives issue which can be in a different manner.

2 years.

Needs to work better.

can be scaled upto high value

TAC team is helpful.

Symantec to Check Point.

Not too easy. Need to have basic understanding and require to take local Check Point engineers to help sometimes.

We are a vendor.

Cisco  AMP.

We wanted to consolidate a several-point solution to one endpoint. With so many new cyber threats and having a growing environment, what we had in place had too many gaps or grey areas between solutions and vendors. 

Also, with a rapid transition to hybrid working, we needed to reconsider our end point protection. Having used Check Point NGFW for five years, it seemed like a good fit. Also, the experience and long term position of Check Point in the security market gave us good confidence. This mature position in the market also helped with finding several resellers and experience.

There is one pane of glass to all end points, events, and incidents which is providing our team with a clear picture of the environment. We have already experienced several items that previously just got lost in the greyness of a multi-solution environment.

The rollout and management of devices were very simple. It allowed for a rollout of 200+ devices - all remote - in just a couple of weeks. Having cloud-based management also really helped get started, as, within the day, we had a POC running and just started to grow from there.

Cloud management and reporting are great. The management interface is very simple and easy to navigate. Just getting a logon to start is very helpful. The Check Point support at this stage was great. While it was very simple and intuitive, having someone talk over the defaults provided recommendations that helped us jump forward very easily.

Again, the cloud management service has a several inbuilt default reports which are easy to customize and provide more visibility than we have had previously with several solutions. 

The web filter service could be improved. It would be great to have a self-service user request for sites. An administrator would still need to approve, however. 

The block screen could have a nicer screen or allow it to be customized.

The list of exceptions for URLs could be improved with a separate screen for a large list of exceptions. Having the same exception list for mobile and endpoints would be great. 

We are hoping to transition to the SOC based service. Think this is still new; we're looking forward to get more information and test.

We just transitioned to Check Point Harmony, and have been running it now for six weeks.

Stability seems very strong, however, it's early days.

Scalability seems very strong, however, it is early days.

We don't know yet.

Positive

The move to hybrids has been working well during Covid.

The initial setup was not complex. 

We did both - we implemented through a vendor and in-house.

The product offers a great lower cost than previous solutions.

I'd advise users to talk to your Check Point partners or find a good one.

We spent a long time reviewing the marketplace and comparison sites however, we did not test anything.

I am very positive in terms of the solution and Check Point in general.

We primarily use this solution as the main firewall for the perimeter of the hospital. We use the firewall itself for URL filtering, application filtering, and identity awareness.

Before we used this solution, our mail used to have a lot of spam and most of the time our main email account was blacklisted. Now it works well; we are whitelisted by all organizations, including Google. Also, the security of our institution has really improved.

They should provide bandwidth regulation so we can monitor and regulate bandwidth.

It's 100% stable. It has never failed me in all the years I've used it.

I do not think I have had any higher scale than now. Initially, we used the R77.3, but I have just upgraded to the Gaia R80 operating system. For the amount of user we need, it usually works well. We have 5,000 users on it and it is still running okay.

Actually, we have already ordered two more boxes. We are waiting for them to arrive in the hospital. They are both from the 15400 series.

The technical support is fine. We've got a good relationship with the company. If there is any problem, they respond very well and fast.

For maintenance, we have a service agreement with the vendor who brought it to our institution.

We had SonicWall, but it was not stable. With the number of users we needed, SonicWall became a bit overwhelmed.

When we started it the initial setup was very complex. I have never been given any training on Check Point. I had to learn on the job.

The deployment did not take long, the guys who came to the place from Check Point did it very fast, it was a fast thing, within a day or two.

Return on investment was the first thing we checked. We are okay in that regard. We are not complaining.

We pay on an annual basis. There are no additional fees, they mostly tell us what we have to pay. We have budgeted for it.

We looked at firewalls from Fortinet and Barracuda. We even brought guys here to test their solutions, but they were no match for Check Point. We are comfortable now with Check Point.

My advice is to get Check Point, even without trying it first. Use it, and you will be very, very secure. Check Point guarantees the security and stability of your network.

I would rate this solution as nine out of ten.

We use the solution for endpoint security.

The solution provides endpoint security, ransomware protection, endpoint detection, and response. Also, cloud-based management is a good feature with an excellent catch rate.

If you're using an endpoint that does not have sufficient resources, it would be very tough to use. Most of them will shut down, but it works well with the detection so far. The solution can reduce the impact of the endpoints.

The performance impact should be improved. Also, the tool should have the ability to search for files. It could make on-premise deployment easier. They might have blocked ports and the control makes it more difficult. They can make implementation much easier even with what they have.

I have been using Check Point Harmony Endpoint as a reseller for three to four years.

The solution is stable.

It is a very scalable solution. It is well-suited for medium business. I rate the solution’s scalability a nine out of ten.

Technical support is responsive.

The tool is easy to set up but the on premise management is difficult. The deployment takes three hours to complete.

I rate the initial setup a seven out of ten, where one is difficult, and ten is easy.

The solution is reasonable, but there are cheaper solutions out there.

Smaller customers go with the cloud, whereas the bigger ones opt for on-premise management.

I recommend the solution.

Overall, I rate the solution an eight out of ten.