We have many clients using this solution for different use cases.
The solution can be deployed on the cloud and on-premise.
Check Point Harmony Endpoint is mainly used for protection.
We have many clients using this solution for different use cases.
The solution can be deployed on the cloud and on-premise.
Check Point Harmony Endpoint is mainly used for protection.
The most valuable feature of Check Point Harmony Endpoint is centralized management.
Check Point Harmony Endpoint could improve by allowing it to work on older systems by reducing the system requirements. Since our systems are dated we can only use the antivirus module features.
I have been using Check Point Harmony Endpoint for approximately two years.
Check Point Harmony Endpoint is very stable.
The scalability of the Check Point Harmony Endpoint is good. It can scale easily.
We have some clients with 10,000 users that are using this solution.
I have opened up many tickets with the support and they have been responsive. I have not had any problems with them. They have helped whenever I faced a problem.
I rate the support from Check Point Harmony Endpoint a four out of five.
Positive
The initial setup of the Check Point Harmony Endpoint is easy. We use the main policy for the installation across the organization.
We have had some problems with connection management because if we install the initial client on the computer, we cannot stop or delete this client or install the full package afterward.
If we have a new signature technical support ticket, they add this signature to the database in three to five days which they could improve.
I rate the initial setup from Check Point Harmony Endpoint a four out of five.
Check Point Harmony Endpoint does not have some features that SentinelOne or CloudStrike has.
I rate Check Point Harmony Endpoint a seven out of ten.
We have used Check Point Sandblast Agent as an anti-malware solution. We were already working in a Check Point environment, which made the decision to purchase an endpoint security product from Check Point easy.
We first tested it in a Lab environment, where we sampled various malware, some less complicated than others. We were impressed with the results.
Check Point Endpoint Security really helped the business stop various malware attacks throughout the time we used it, including a ransomware attack, which was stopped in minutes.
The Sandblast Agent really made a difference for the organization. It integrated well with the existing Check Point environment we had in place. It was used both for threat protection and remote access VPN.
I think some work needs to be done to improve the integration with other third-party products, namely SIEM solutions. We found it quite challenging.
We found out the hard way that the configuration was lost when we version upgraded the management console.
We have used Check Point Endpoint Security for the past two years.
We did not use another similar solution prior to this one.
We did not evaluate other options.
We use the solution for many things. We don't only use it as an Endpoint client for antivirus. It is used for our next-generation antivirus. We are also using Harmony on other things, for example, our email. There's a Harmony email and office solution, which we also are using in order to protect our email.
The fact that everything is centralized is great. For example, the management is centralized on one portal in the cloud.
We like the fact that we have a lot of visibility with this solution and the protection is very good. I have seen cases where customers, get attacked by ransomware and it is very easy for Check Point to restore a file that has been compromised with ransomware. It's 100% effective.
They are developing new technologies. For example, they added SASE to their portfolio with Harmony. They also have Infinity SOC. If one of the Harmony Endpoints gets compromised, Check Point Infinity SOC is going to see it, and it's going to highlight that.
They're on the very edge of technology and are very fast with implementing new technologies.
The solution is very stable.
They have a great knowledge base that you can leverage as a user.
The product scales well.
Technical support is knowledgeable and responsive.
Every now and then, every vendor does have a vulnerability that is discovered. For example, when many vendors were using open SSL, they had to do some fixes on their software in order to fix that particular vulnerability. Check Point was the first one to fix that. It's clear that, unlike the competition, it is always keeping up with the patching of its own software.
We'd like it if the solution continued to add new features. For example, what would be specifically useful to us is a feature that allows threat hunting. They may be already working on that or have something available, however, we need something robust and effective.
I'm not sure if they need to improve anything right now. They are already developing new aspects that are quite innovative.
The only thing that our customers want, is lower prices.
I've been using Check Point for 18 years.
The product is very stable. There are no bugs or glitches. It doesn't crash or freeze. It's reliable.
We have found the solution to be very easy to scale. If you need to expand it you can do so.
They have good technical support. They have very knowledgeable people, depending on the solution. Some specialize in Harmony Endpoint. It's very good.
The initial setup is very easy. The management is on the cloud, and therefore, you practically don't have to do any installation. You only log in and then you begin to use it and you begin to deploy on your network, the endpoints. The time it takes to deploy depends on the size of endpoints you have. With a small network, such as 100 endpoints, you can do it in one day or a couple of hours.
But they are a leader in detecting threat, therefore, it's reasonable that they are a little more expensive than some other competitors. However, customers always want to pay a bit less.
We are a reseller.
My advice to new users would be to reconsider installing administration servers on-premise. The cloud solution can do it. It's going to lower the maintenance costs. Also, if you are on-premises, you often need some sort of expert on-side, whether it's a vendor or someone else - especially if you are upgrading. That requires knowledge. In contrast, on the cloud, everything is done for you. They have a high availability network so that when you upgrade the servers can keep up. You can upgrade without downtime if you choose the cloud.
I would rate the solution at a ten out of ten.
We use Checkpoint here, and are currently in the process of planning a major from the standalone client to the full console version.
They had some issues in the past with the OS X and Windows versions not being in sync, but with the latest release E80 release, the clients are identical.
There are still a few gaps, such as not supporting Fusion drives, but overall, things have been great.
Deployment has been simple: We create a composer package that pushes the installer and our installation profile onto the client, and then call a script to run through the pkg installer. It has worked flawlessly for us.
As far as management goes, the reason we are moving to the console version is to have better reporting. Currently, the encryption files are written to a File share, and that is all the logging we get. We use the JSS' EA to get a more up to date picture, but with the Console version, it allows for more "real-time" updates (1-2 minutes).
The stability has been great for us. We have found a few iMacs that shipped to us with bad blocks/sectors that were not picked up by any of our HD diagnostics.
When we have reached out to support, they have been quick to respond. Like I said above, I definitely suggest the web chat as the best option.
Reliability has been pretty good. We saw an uptick in "black screens" that leave the machines in an un-bootable state, but that is more due to the fact that these drives have been encrypted for 4-5 years, and are used 24/7.
As far as performance goes, we have noticed that with Checkpoint we are getting about a 1-2% performance hit over FileVault, but nothing that has cause major issues.
The primary use case is VPN.
It provides remote access for the staff and increases their productivity.
A couple of times, we experienced some sales issues.
The technical support is good.
The initial setup was moderately complex. We had to wait for it to do a few runs, back and forth, until it was solid.
We did the deployment in-house.
We have seen a measurable decrease in the hang times of the detector responses by five percent.
We use it to manage our entire network and protect network traffic in terms of files that go out and come in. This protects our network between any platform we access or interactions between our clients and us. Also, it helps to monitor and block malicious applications, then it prevents these sites from accessing our stuff.
We use it for the endpoints and all the additional points which access the network in the organization. It protects everything across the board, from the server to the many other devices, like your phones and laptops.
In terms of network usage, it actually reduced the amount of malicious attacks that we had. Before, we really didn't have a secure network. Each endpoint had to protect itself and probably most of them were not actually protected. Now, it's an entire process in which we've been able to cut down significantly the amount of malicious attacks by 60 percent that we get in the organization. It helps us to adequately monitor what has been going on with our network traffic and stopping individual attacks from accessing certain sites where we want to have restrictions or limitations.
The sandboxing feature: I like the entire process. It's one thing for it to detect, but another thing to have a remediation plan. It actually extracts out what we need to make it a clean file.
There should be some way of managing this solution outside the organization's network, possibly with some type of remote access. For example, if I'm the admin of Check Point who manages the entire network, I would like to have access on my home device or maybe a mobile app to get reports, etc.
I have been using it since sometime from the beginning of last year.
It works just fine. I haven't experienced any issues.
It scales well. It accommodates all the endpoints that we have in our organization. As we grow, we do plan to increase usage.
We use it in our entire organization. Every staff person and device has access to the solution. We have approximately 250 endpoints.
We have 10 IT managers and systems engineers directly working on it. I also work with the solution as a business analyst/developer.
The technical support is good. It is a straightforward solution. We have not really needed to call for anything because they train you on how to use this solution. You already have the IPS working and know how that works. It's not something that is complex.
We were previously using Sophos. We switched to Check Point because the pricing was much cheaper (by 25 percent).
The initial setup was straightforward. You're required to have some administrative training on how to use the solution. The deployment took between three to six months.
We worked directly with the vendor. The vendor had a partner in my region. Therefore, we worked directly with the partner, who was also working with Check Point. So far, the experience has been great. They were efficient. We have been able to achieve the reason why we set up and procured this solution.
We have seen ROI. It reduces malicious attacks and restricts users from accessing sites via our network.
As we grow, we've been given room to add additional licenses in terms of all our endpoints.
In terms of licensing, have a buffer zone around your projects in terms of the amount of endpoints that you want to have. You can always have more, but it is best to leave room for a little increase or growth.
The solution is too pricey.
We only evaluated Check Point and Sophos. There are only two really good cybersecurity solutions locally. You are either doing Sophos or Check Point. It is one or the other.
It is a great fit for any organization. I would rate the solution a 10 out of 10.
We use it for government utility billing, with all of our systems located in different places, working remotely as well. We also have an on-prem data center here in India. We have Check Point to cover all these things.
We used to have Fortigate, the firewall, and endpoints were only protected by an antivirus. We did not have threat management or ransomware protection. We upgraded to Check Point to get this kind of protection at the endpoint level. It covers firewall, availability, VPN, IP security, IPS, application control, URL filtering, antibot, antivirus, anti-spam, and sandblast threat emulation and extraction.
The entire industry may move to the cloud, where we don't have to worry.
The stability is good.
The scalability is there.
Their technical support is good.
We changed from Fortigate because we deal with public data, government data, utility billing. It is very important to maintain security to the greatest extent possible. We can't afford to lose data.
Our billing cycle that takes place periodically. If we miss something, lose data due to ransomware or the like, we are totally out or operation. We can't again continue the billing cycle in such a situation. It is subject to penalties imposed by the local state government.
The deployment was very simple. It took about 20 days.
We had help from a Check Point solution partner.
Check Point offered very good pricing through negotiation. The licensing is done yearly. We have a three-year subscription, including premium, direct support; the Next Generation and SandBlast are for two years. Our cost, including everything, is 18 lakh rupees.
Symantec is expensive so we did not go for it. Many solutions are equally good, you could go for any of them. Check Point offered competitive pricing and additional features. Symantec may be suitable for certain applications and certain data centers. But what we found over a period of time Check Point suits our purpose.
If you have a medium-size environment like ours, this solution should serve the purpose, although you may need different things. In security, one thing cannot suit everybody.
We have about 500 users of the solution. We don't have any immediate plans to increase our usage. Any increase would be at least two to three years in the future, given the type of environment and workloads that we have.
We use it to help clients solve their security problems.
It helps clients have a better view of the risks. It also helps increase staff productivity by more than 50 percent, in my estimate.
The most valuable features are the innovations that they release in every version. The end-user facilities for managing the tool are also good.
I'm not sure what they are thinking about in terms of additional features at the moment, but I hope that they'll maintain focus on the tool to enhance the solution.
Areas that have room for improvement are the scope of the product and, while I think the support is good, they can improve support as well.
It has a good level of scalability. They expand the solution with new and helpful features.
Technical support provides good solutions. They are available and respond quickly. They are knowledgeable.
Each scenario is different depending on the client's requirements or the regulations they need to follow or what they need to cover around risks.
The initial setup is easy, but because we are resellers we are trained in setting it up.
In addition to the standard licensing fees, there is a cost for support.
We have more than 70 products related to security solutions and we are resellers of many of them.
Consider the solution as one of your options because it's one of the top tools.
I rate this solution at nine out of ten because it covers what it needs to cover. As always, there is room to improve, but I think it's a good product.