Check Point Harmony Endpoint Overview
Check Point Harmony Endpoint is the #6 ranked solution in our list of EDR tools. It is most often compared to CrowdStrike Falcon: Check Point Harmony Endpoint vs CrowdStrike Falcon
What is Check Point Harmony Endpoint?
Check Point Harmony is the industry’s first unified security solution for users, devices and access.
The solution protects devices and internet connections from the most sophisticated attacks while ensuring Zero-Trust Access to corporate applications.
Check Point Harmony Endpoint is also known as Check Point Endpoint Security, Endpoint Security, Check Point SandBlast Agent.
Check Point Harmony Endpoint Buyer's Guide
Download the Check Point Harmony Endpoint Buyer's Guide including reviews and more. Updated: June 2021
Check Point Harmony Endpoint Customers
Boston Properties, Independence Care System, Melbourne Convention and Exhibition Centre (MCEC), Courtagen Life Sciences, Carmel Partners
Check Point Harmony Endpoint Video
What users are saying about Check Point Harmony Endpoint pricing:
- "Licensing comes free in that first year or is included in the base package. From a commercial point of view, it really just is the renewal cost, rather than a one-time fixed cost or buy-in."
- "One of the key factors that made us go with this solution was the pricing. On the licensing part, there was an initial complementary set of licenses offered in the initial onboarding package, either 15 or 20. Then, we had some complementary licenses in the initial purchase of the package. That was pretty useful."
- "There are three different licensing models including basic, advanced, and complete, and it needs to be selected according to the endpoint."
- "I bought them for 12 months and I genuinely cannot remember what I paid for them. I think it's about 100 pounds per user per year, so about 10 pounds a month per person."
- "Initial monies replacing all AVs with a single product is about £10k."
- "In terms of licensing, have a buffer zone around your projects in terms of the amount of endpoints that you want to have. You can always have more, but it is best to leave room for a little increase or growth."
- "The solution is too pricey."
- Highest Rating
- Lowest Rating
- Review Length
Showingreviews based on the current filters.
Network Technical Specialist at a manufacturing company with 10,001+ employees
Real UserTop 10
Nov 9, 2020
Enables us to integrate endpoints into our IPS and we are seeing things which, without this tool, we would be exposed to
What is our primary use case?With every new firewall that we're purchasing, we're deploying the SandBlast Agent. At the moment we're only running it on about 20 firewalls, just because the licensing isn't retroactive. What we need to do is produce a proof of concept to say, "This is the stuff we're getting." We're looking at it in a learning mode and then we can consider getting into a more aggressive mode of stopping everything. At the moment, we're trying to use it to give us information rather than to fully stop everything. It's deployed on our physical firewalls, on-prem.
Pros and Cons
- "It's pretty complete for preventing threats to endpoints. Its capabilities are great."
- "We use a couple of Check Point products, like SmartEvent, and SandBlast Agent is not really integrated into that. We haven't gotten the reports working yet. We are working with the account team and trying. As I said, it's still relatively new in terms of what we're trying to achieve."
What other advice do I have?What we've gained is more of an understanding of what's on our network. If I were to go and do this again from scratch, I probably would have looked to integrate more with our Check Point sales team and would have gotten more help from them. My advice would be to involve your SE. He can help you through a lot more of the options when you deploy. We don't use the solution’s Management Platform for the creation of virtual endpoint management services in the cloud. We haven't got to that cloud point yet. It's something we could do, potentially. We're going to work with our account team about…
Consultant at Cognizant
Sep 17, 2020
Protects against malware, phishing, DDoS and MITM attacks
What is our primary use case?Our use case for SandBlast Agent is that our team is set up in multiple geographies, such as, India, Sri Lanka, UK, North America, and Australia (where we have a bit of business). We have courses for an educational client which need go to market, schools, instructors for hire, and students. Given that there was COVID-19 and a lockdown, there was an increase in the digital demand for learning courses. So, we wanted to secure our courses from cyber attacks. Thus, we wanted an end-to-end security system in place that would prevent/save us from cyber attacks and protect our sensitive data. Systems… more »
Pros and Cons
- "SandBlast Agent is always working in the background collecting sensitive data, forensics, and notifying users whenever there is a chance of a brute-force attack into our systems. Otherwise, it has been protecting our data at various geographies along with the endpoints that we set up on the cloud. They have been able to filter out or thwart any attacks from the very word, "Go," and make our work very safe and smooth."
- "It needs more documentation and better ease of deployment. For documentation, it needs more information about integrating the endpoints on SandBlast Agent mobile as well as on desktop platforms."
What other advice do I have?In this digital ecosystem, we need to secure our data at every moment and have something in place, like SandBlast, to keep our networks scanned at each moment. You never know where the next attack is coming from: malware, phishing, denial-of-service attacks, man-in-the-middle attacks, etc. Therefore, we need to be on the lookout for these type of attacks and any other unauthorized URLs trying to get into our systems to access data for any purpose. Have a system in place to keep your data secure. You should definitely give SandBlast Agent a try. It is worth it. The solution is very secure and…
Learn what your peers think about Check Point Harmony Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: June 2021.
510,534 professionals have used our research since 2012.
Senior Manager at a financial services firm with 10,001+ employees
Good logging facilitates forensics, but policy configuration and deployment are complex
What is our primary use case?The solution should be able to provide next-generation security for endpoints and should be able to monitor, detect, mitigate, and block attacks, as well as provide complete visibility in terms of the chain of events so that forensics can be performed accordingly. All of the security features should be provided on a single agent and it should be lightweight and should not have a performance impact on the endpoint. Provide required/relevant logs on the console and also should be able to forward to the SIEM solution. So accordingly, a use case can be created. The agent should be tamperproof and… more »
Pros and Cons
- "Harmony Endpoint is able to detect, monitor, block, and mitigate attacks on the endpoint and it builds and maintains relevant logs for later inspection."
- "The application control and URL filtering features are not very strong."
What other advice do I have?In case you want to set up the solution on-premises and you want to deploy multiple policy servers, it is complicated. You will need an OVF to be deployed at each location and sometimes, organizations don't have the compute or supporting platform for deployment. Also, for connecting remote users there is a dependency on the VPN, hence it's again a challenge for users to connect to the policy server for updates.
Head of IT at a real estate/law firm with 11-50 employees
Oct 29, 2019
Very easy to deploy and has good stability
What is our primary use case?We use it primarily for mobile phones. That is it. We really aren't using it in depth at all. We're using it just with basic configuration.
Pros and Cons
- "The biggest value we found was ease of deployment. I haven't really used it much, so I can't really comment beyond that. I haven't used it much, but it's working."
- "I'd also love to see them add full MDM support, but I appreciate that that's not the product market. If it did come in, I'd be more than happy to look at additional modules. It was probably one of the easiest products I've ever had to deploy it, but if it's not capable of doing MD, then that's going to impact its usefulness to us."
What other advice do I have?It's very basic from what I see. It's not a full MDM solution and it's restricted with other MDM provisions. If you want to use an MDM with it to do other things like your email provisioning to mobile devices, you don't have very many options. I think it's AirWatch, MobileIron, Intune, or SOTI: only the most expensive products. If you want to look at something a little bit cheaper, you've got to pay through the nose. You can't have a cheaper solution as an MDM and run this concurrently. That's why they need to look at integrating with more MDM vendors. Other than that, it's okay. It does what…
Information Security Analyst at The VPS Group
Real UserTop 10
Mar 6, 2021
Good reporting, straightforward to set up, and the features give our users more autonomy
What is our primary use case?Currently, our servers are not protected by a working anti-virus solution that receives updates. These servers & particularly the business are at extreme risk of not only suffering a breach and losing data, but also have a high risk of infecting the rest of the subsidiaries owned by Tyrion. The solution hinges on the following requirements: * The ability to be completely managed from a Cloud environment, including the ability to download new signatures whilst not on the corporate network; * The ability to generate reports based on set criteria (which can help justify the cost); * Ability to… more »
Pros and Cons
- "The most useful feature so far has been having a functioning and up-to-date anti-malware scanner."
- "Sometimes, the Cloud Management Portal can become unresponsive or take a long time to process a query. This in turn will cause the browser to freeze, which will require closing and reopening of your browser."
What other advice do I have?If you have never used a Check Point product before, I would highly recommend engaging with a Professional Services provider to help with the deployment of the tool & ensuring you implement the tool based on best practices. Additionally completing the training for the Checkpoint Sandblast tool will equally achieve the same goals.
Jacob Imo-Abasi, Jr
Business Analyst / Developer at a tech services company
Real UserTop 5
Aug 19, 2020
Reduces malicious attacks and restricts users from accessing sites via our network
What is our primary use case?We use it to manage our entire network and protect network traffic in terms of files that go out and come in. This protects our network between any platform we access or interactions between our clients and us. Also, it helps to monitor and block malicious applications, then it prevents these sites from accessing our stuff. We use it for the endpoints and all the additional points which access the network in the organization. It protects everything across the board, from the server to the many other devices, like your phones and laptops.
Pros and Cons
- "In terms of network usage, it actually reduced the amount of malicious attacks that we had. Before, we really didn't have a secure network. Each endpoint had to protect itself and probably most of them were not actually protected. Now, it's an entire process in which we've been able to cut down significantly the amount of malicious attacks by 60 percent that we get in the organization. It helps us to adequately monitor what has been going on with our network traffic and stopping individual attacks from accessing certain sites where we want to have restrictions or limitations."
- "There should be some way of managing this solution outside the organization's network, possibly with some type of remote access. For example, if I'm the admin of Check Point who manages the entire network, I would like to have access on my home device or maybe a mobile app to get reports, etc."
What other advice do I have?It is a great fit for any organization. I would rate the solution a 10 out of 10.
Team Lead Implementation Services/Systems Integration Engineer at Trinidad Systems Limited
Real UserTop 10
Jul 29, 2020
Threat Emulation and Threat Extraction features scan email attachments before the user is able to access the file and then provide a safe copy of the attachment
What is our primary use case?Our primary use case for this solution is Antivirus capabilities. These include Antimalware, Antibot, Anti-Ransomware, and Threat Emulation and Anti Exploit. We have a mixed environment that includes Windows 2012 R2 Windows 7 Windows 10 and macOS 10.xx. We also use VMware. The client has been installed on all servers, PC,s, laptops and MAC machines. We need all this infrastructure monitored for malicious activity and reporting if something happens in realtime. This solution has worked very well.
Pros and Cons
- "One of the most valuable features is the Threat Emulation and Threat Extraction. These features are able to scan email attachments before the user is able to access the file and then provide a safe copy of the attachment. Malicious files never get to the users machine. This is a very valuable feature of this solution."
- "As I understand there will be a URL filtering feature included with the browser agent in the future. This will allow URL filtering without the need for a Gateway Device. This is something I am looking forward to and would be a great addition to list of features."
What other advice do I have?Check Point Endpoint Security just works. You will not be disappointed.
José Javier Dominguez Reina
Project Manager at Junta de Andalucia
Enables us to centralize all the security software used in a console and avoid ransomware
What is our primary use case?We were looking for a solution as complete as possible to replace the existing antivirus and, if possible, integrate it with other products that we have, such as the CheckPoint firewall. We decided to use the Check Point SandBlast agent to prevent ransomware on users' computers. We subsequently expanded the scope of the solution to detect malicious activity on our network. It is a very complete product but you have to know how to parameterize it well to avoid high CPU consumption. It is also missed that it does not have a client for Linux.
Pros and Cons
- "The graphical interface is very easy to use and intuitive, which greatly facilitates the work and greatly facilitates the work and the location of threats on the users' computers."
- "SandBlast Agent had moments in which it had a high load, we escalated it to the CheckPoint support that helped us to stabilize it. We had a problem with the parameterization of the solution. Once corrected by following the CheckPoint instructions, everything worked normally again."
What other advice do I have?It is a very complete product but you have to know how to parameterize it well to avoid high CPU consumption. It is also missed that it has no client for linux.
See 12 more Check Point Harmony Endpoint Reviews
Download our free Check Point Harmony Endpoint Report and get advice and tips from experienced pros sharing their opinions.
- What are the threats associated with using ‘bogus’ cybersecurity tools?
- When evaluating Endpoint Security, what aspect do you think is the most important to look for?
- Which ransomware is the biggest threat in 2020?
- How was the 2020 Twitter Hack carried out? How could it have been prevented?
- What is the best for ransomware infection?
- Compromise Assessment vs Threat Hunting
- What security measures should businesses prioritize to support secure remote work?
- Why is endpoint security important?