We just raised a $30M Series A: Read our story
T. BalaMuruganandhan
Sr. Manager at Incedo Inc.
MSP
Good security with a useful single dashboard and centralized management capabilities

Pros and Cons

  • "Forensic Analysis provides a complete analysis of threats via detailed reports."
  • "Support's service and the response times can be improved. The triaging of the tickets takes a long time and the tickets are only resolved with escalations."

What is our primary use case?

We primarily use it for end-to-end security for endpoints and the co-relation of events from one single console. We have been able to protect our endpoints with Harmony. The user experience is also good and there is not too much to be done with respect to the endpoint changes (the best part). Features like Threat Emulation/Threat Extraction, Antibot, Anti- Exploit, Anti Ransomware protection, UBA, Zero-day Phishing protection, Behavioral Guard, Encryption, VPN, and compliance makes it more powerful and helpful to our security team in order to protect the environment.

How has it helped my organization?

Our organization's overall security posture has improved with Harmony Endpoint protection. This has helped to secure against all modern age threats and risks that came in during the pandemic. 

During the pandemic, the users, for example, have been forced to work from home and that's been forcing the IT to do overtime to protect the endpoints. After introducing Harmany Endpoint we have seen the incident levels going down to close to zero. 

The single dashboard provides complete visibility over endpoint security and the administration can view the actionable tasks to follow up easily without searching across multiple reports/consoles. 

What is most valuable?

All of the available features are good (for example Threat Emulation/Threat Extraction, Antibot, Anti-Exploit, Anti-Ransomware protection, UBA, Zero-day Phishing protection, Behavioral Guard, Encryption, VPN, and compliance), however, the one I have thought to be very valuable is the Ransomware Protection Feature which has been used widely during the pandemic. It protects as well as saves original file copies to prevent data loss.

Forensic Analysis provides a complete analysis of threats via detailed reports. The threat prevention, which includes a detailed threat landscape is very good.

The VPN connectivity and compliance check are also very good features.

What needs improvement?

Support's service and the response times can be improved. The triaging of the tickets takes a long time and the tickets are only resolved with escalations. 

With respect to the product, we feel Endpoint vulnerability management is one of the modules that is missing and it is something that is required. Adding this will strengthen the product and help in taking proactive steps towards protecting the environment.

DLP Module & Patching are required from an endpoint perspective. It would be good to add those in an upcoming release/version.

For how long have I used the solution?

I've used the solution for more than 6 months.

What do I think about the scalability of the solution?

We have deployed it on the cloud which helps it to be scalable and cost-effective.

Which solution did I use previously and why did I switch?

We were using multiple solutions to protect the environment in the past. These include solutions such as McAfee, Websence DLP, encryption, etc. however, now it is all happening with this one tool and console 

How was the initial setup?

Easy to set up and start using.

A single administrator can manage the complete solution. It's easy to deploy and does not require any additional effort. We're able to have multiple solutions within a single solution.

What about the implementation team?

We implemented the product with the help of our OEM and our in-house team. There were no major challenges during implementation or even in day-to-day operations.

What's my experience with pricing, setup cost, and licensing?

Harmony Endpoint, in terms of the deployment, integration, and setup, costs less than other solutions.

Which other solutions did I evaluate?

Yes, we evaluated other products as well, however, with respect to feature price and integration availability, we selected this product.

What other advice do I have?

Harmony Endpoint is a good product and scalable with business growth. 

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
NM
Team Lead Implementation Services/Systems Integration Engineer at Trinidad Systems Limited
Real User
Top 20
Threat Emulation and Threat Extraction features scan email attachments before the user is able to access the file and then provide a safe copy of the attachment

Pros and Cons

  • "One of the most valuable features is the Threat Emulation and Threat Extraction. These features are able to scan email attachments before the user is able to access the file and then provide a safe copy of the attachment. Malicious files never get to the users machine. This is a very valuable feature of this solution."
  • "As I understand there will be a URL filtering feature included with the browser agent in the future. This will allow URL filtering without the need for a Gateway Device. This is something I am looking forward to and would be a great addition to list of features."

What is our primary use case?

Our primary use case for this solution is Antivirus capabilities. These include Antimalware, Antibot, Anti-Ransomware, and Threat Emulation and Anti Exploit. We have a mixed environment that includes Windows 2012 R2 Windows 7 Windows 10 and macOS 10.xx. We also use VMware. 

The client has been installed on all servers, PC,s, laptops and MAC machines. 

We need all this infrastructure monitored for malicious activity and reporting if something happens in realtime. This solution has worked very well.

How has it helped my organization?

In the past, we have experienced virus problems on our network. It has come in through email attachments, USB drives, internet websites, and so on. The current solution was not performing well. Since we implemented  Checkpoint Endpoint Security we have had no infection thus far. It is able to scan all email attachments, lock the ability to use external USB drives, and scan rouge internet traffic. We are very satisfied with this solution. Since its implementation, we have had no loss in data and no loss of revenue.

What is most valuable?

One of the most valuable features is the Threat Emulation and Threat Extraction. These features are able to scan email attachments before the user is able to access the file and then provide a safe copy of the attachment. Malicious files never get to the users' machine. This is a very valuable feature of this solution.

The Zero Phishing feature is also very valuable. This feature has the ability to scan the username and password fields on a website before you enter your credentials and verify if the site is legitimate. This brilliant feature prevents the stealing of account information.

What needs improvement?

As I understand there will be a URL filtering feature included with the browser agent in the future. This will allow URL filtering without the need for a Gateway Device. This is something I am looking forward to and would be a great addition to a list of features.

The best improvement to the product that can be made is to make it less resource-intensive so it may work effortlessly on slower systems.

The ability to push the Endpoint Client over the network without the use of 3rd party solutions would be an asset.

For how long have I used the solution?

I have been using and implementing this solution for about three years.

What do I think about the scalability of the solution?

My impression of the scalability of the this solution is positive. It can be don't with minimal affect on production. 

How are customer service and technical support?

They attend to your needs in a timely manner. They are well educated in the product.

Which solution did I use previously and why did I switch?

We did use a different solution in the past. It was not performing well and we were always getting infected by malicious software. they made us switch to Checkpoint Endpoint Security.

How was the initial setup?

The initial setup is straightforward and can be done by less technical staff.

What about the implementation team?

It was done by an in-house team.

What's my experience with pricing, setup cost, and licensing?

Setup costs can be kept to a minimum as Check Point offers Cloud Management which eliminates the need for on-premise hardware cost.

Which other solutions did I evaluate?

We did evaluate Avast. Which was not performing well. We also evaluated Kaspersky. Their client was a bit to resource-intensive.

What other advice do I have?

Check Point Endpoint Security just works. You will not be disappointed.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Learn what your peers think about Check Point Harmony Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: November 2021.
552,695 professionals have used our research since 2012.
SS
CISO, CIO, AVP at CIANS ANALYTICS PVT. LTD
User
Good encryption feature and scalable but needs to be more accurate

Pros and Cons

  • "Cost-wise it's cheaper than other options."
  • "It gives you an alert for malicious sites, which, after searching on the Google database, don't come out to be the same."

What is our primary use case?

We primarily use the solution for anti-malware. We installed it on around 300 systems. Since we required some application to safeguard ourselves in this situation of work from home, so we were evaluating Antimalware products. 

After some research, we finalized Check Point and took a demo. The product seems fine as per our scenario and fits current conditions. We were evaluating it for work-from-home situations. it had a multifeatured tool that helps in safeguarding the current digital attack vector for organizations of all types.

How has it helped my organization?

It helps in safeguarding our infra from malicious attacks. However, initially, we faced lots of challenges while implementation as the vendor who was implementing it made blunders, which resulted in chaos for the organization. 

Our team worked almost 24/7 for 3 to 4 weeks to resolve the issues. We haven't requested the encryption feature, yet they implemented it. Our laptops were already encrypted, so it started decryption and re-encryption, which was a nightmare for us. We are still facing a few challenges for which we couldn't find any reason for the issues we've since found that were not there before installation.

What is most valuable?

We found all features valuable - other than the encryption since we were already using that feature. Since we required some application to safeguard ourselves in this work from home situation. We were evaluating anti-malware products specifically. 

There can be scenarios where this encryption feature will be applicable and fruitful if it is implemented with proper planning and organized with respect to a particular organization. There have to be proper requirements gathering and a plan to work effectively.

What needs improvement?

There are improvements required in terms of accuracy. It gives you an alert for malicious sites, which, after searching on the Google database, don't come out to be the same.

There can be scenarios where specific planning will be required before even giving thought to implementing it into an organization - be it small, medium, or large. Everything needs to be organized with respect to each particular organization. There has to be proper requirement gathering and a plan for the SOW to work accordingly. 

I would suggest that the Check Point team always allocates an SME to all the vendors before implementation as it will improve the first impression. In my case, I had pretty much faced disaster after implementation that I would not suggest anybody go with the product.

The product needs to improve the security infra.

For how long have I used the solution?

I've been using the solution for three months.

What do I think about the stability of the solution?

In terms of stability, I would rate it at a five out of ten. There were issues like once a version was installed and was not working properly, even the checkpoint team couldn't uninstall it and as a result, we had to format the system. few cases were reported for software installed but was not visible in the control panel.

What do I think about the scalability of the solution?

The scalability is good.

What was our ROI?

Our ROI has been neutral.

What's my experience with pricing, setup cost, and licensing?

Cost-wise it's cheaper than other options.

Which other solutions did I evaluate?

We did evaluate another solution. However, I can't reveal the name.

Which deployment model are you using for this solution?

Private Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: My company has a business relationship with this vendor other than being a customer: SIG Informatics
Flag as inappropriate
HP
Chief Technology Officer at a tech services company with 11-50 employees
Real User
Top 20
Is easy to deploy, cost effective, stable, scalable, and more secure

Pros and Cons

  • "Check Point Harmony Endpoint can be easily deployed and is cost effective and more secure."
  • "Technical support needs to be improved, along with the response time."

What is our primary use case?

Check Point Harmony Endpoint is antimalware and antivirus software, and it also has features such as in firewall autoresponse and autonotification, autoprotection, definition updates, and policies that we can apply.

We have medium-sized companies who use this solution.

What is most valuable?

My customers choose Check Point Harmony Endpoint because deployment is easier and because it's cost effective and more secure.

It is also a stable and scalable solution.

What needs improvement?

Technical support needs to be improved, along with the response time. The technical team or any product team should liaise with us and help to deploy the solution to the first few customers so that we can roll out to the rest of the customers.

They need to improve the licensing process as well so that it is easier for the end user. At present, we have to wait one to two weeks to get a license, which is not productive. The process is not very smooth or convenient for the end user because Check Point Harmony Endpoint provides two login portals. One is for licensing, and the other is for management.

In the future, I would like to the management portal and the licensing portal be integrated or changed to a single sign-on because that will be good for both the panel and the user. If they can make it very convenient for deployment and monitoring, it would be good.

If we could get technical support in Singapore, then it will be helpful for our customers.

For how long have I used the solution?

I've been dealing with this solution for two months.

It's deployed both on cloud and on-premises.

What do I think about the stability of the solution?

The product is very stable.

What do I think about the scalability of the solution?

This solution is scalable. If you have a server or any software deployment tools, you can just push from the server so that the users don't even need to install it on their machines.

How are customer service and technical support?

Technical support needs to improve. Their response time needs to improve too. Also, the only way to contact technical support is through email or international phone calls (for us in Singapore).

How was the initial setup?

The initial setup is much easier compared to that of other solutions because it involves emailing and letting the agent download and then deploy the solution. It's lightweight, not using a lot of system resources compared to the rest of the products. It is the next generation of endpoint agents.

The deployment itself can take a day.

Maintenance is not required because it depends on the policy that you apply on the Check Point portal itself.

What's my experience with pricing, setup cost, and licensing?

Compared to the cost of other solutions, Check Point Harmony Endpoint is cost effective. The cost is not very cheap, but it's fair.

The licensing process is not smooth and can take one to two weeks.

What other advice do I have?

I would recommend this solution because the protection works well, and it is cost is effective.

They also have cloud-based management, so it is like a SaaS service, and we don't need to buy a server to host it and to implement any hardware just for running the management of Check Point Harmony Endpoint.

On a scale from one to ten, I would rate this solution at eight.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
Daphne
Project Manager at Junta de Andalucia
Real User
Top 10
Great value for money, easy to deploy, and is great at detecting threats

Pros and Cons

  • "One of the strengths of Harmony is its power to detect threats and keep us safe."
  • "I still don't have a clear opinion of the possible improvements that the tool may need. There are still functionalities that I have not been able to try completely and I would like to spend more time using the tool before offering an opinion to the IT Central community on this point."

What is our primary use case?

In my organization, we have deployed the Harmony Endpoint Check Point tool with the idea of being able to secure the deployed part of our mobile corporate devices in order to start the security processes at the point as close to the user as possible. 

Using its ease of deployment capacity and its power in detecting malware or insecure elements, this tool provides us with the peace of mind we were looking for in an environment of several thousand terminals deployed on the network in many places and environments.

How has it helped my organization?

By using the Check Point Harmony Endpoint tool we have improved our network visibility, have extensive control of our network and our users, and, above all, have a level of security against cyber attacks that we did not have before. 

Now, we are able to detect and avoid security breaks. We can better understand the use that our users make of the devices, and, most importantly, we can apply security policies that keep our users safe as well as the organization's own systems and data. The personal information of our users is also secure.

What is most valuable?

Right away, we noticed when using Check Point's Harmony Endpoint tool, was the ease of deployment. In our case, it was deployed without too many difficulties, considering the deployment involved several tens of thousands of devices. 

Once deployed, the dashboard and all the inventory information that we had been able to obtain and that we did not know about before proved to be very interesting. 

One of the strengths of Harmony is its power to detect threats and keep us safe. Also the ability to apply policies specifically to users or groups is very useful.

What needs improvement?

I still don't have a clear opinion of the possible improvements that the tool may need. There are still functionalities that I have not been able to try completely and I would like to spend more time using the tool before offering an opinion to the IT Central community on this point. 

Something that is very important to me is the remediation or recovery capabilities after an attack. From what I have seen so far, this tool maintains the quality line of Check Point products and is always ahead of the needs of the market.

For how long have I used the solution?

I've used the solution for seven months.

Which solution did I use previously and why did I switch?

This was the first endpoint tool we use in my organization. We didn't use anything previously.

What's my experience with pricing, setup cost, and licensing?

The only thing I don't like about the solution is the time to pay for the licenses. That said, I really believe that it is a fair price according to the quality of the product offered.

Which other solutions did I evaluate?

What other advice do I have?

After analyzing and comparing other solutions, we determine that Harmony has the best value for money.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
José Javier Dominguez Reina
Project Manager at Junta de Andalucia
Real User
Top 5Leaderboard
Enables us to centralize all the security software used in a console and avoid ransomware

Pros and Cons

  • "The graphical interface is very easy to use and intuitive, which greatly facilitates the work and greatly facilitates the work and the location of threats on the users' computers."
  • "SandBlast Agent had moments in which it had a high load, we escalated it to the CheckPoint support that helped us to stabilize it. We had a problem with the parameterization of the solution. Once corrected by following the CheckPoint instructions, everything worked normally again."

What is our primary use case?

We were looking for a solution as complete as possible to replace the existing antivirus and, if possible, integrate it with other products that we have, such as the CheckPoint firewall.

We decided to use the Check Point SandBlast agent to prevent ransomware on users' computers.

We subsequently expanded the scope of the solution to detect malicious activity on our network.

It is a very complete product but you have to know how to parameterize it well to avoid high CPU consumption.

It is also missed that it does not have a client for Linux.

How has it helped my organization?

Check Point SandBlast Agent allows us to centralize all the security software used in a console and avoid, mainly, ransomware in the company.

Many of our users have laptops to carry out teleworking, with this tool we can secure their web browsing, and in the event of suffering some type of attack, the computer is notified by SandBlast Agent and provides information about it and the security actions carried out. It even allows you to restore files modified during the attack.

You also have the option of performing a forensic analysis of the infected computer by providing a lot of information.

What is most valuable?

What we liked the most about the product, apart from detecting any attempted attack, is the graphical interface.

The graphical interface is very easy to use and intuitive, which greatly facilitates the work and greatly facilitates the work and the location of threats on the users' computers.

We also highly value the anti-ransomware functionality, which creates a copy of the files on the computers and in case of infection by ransomware is able to restore them to a date when the computer was not infected.

What needs improvement?

It is a very complete product but you have to know how to parameterize it well to avoid high CPU consumption.

SandBlast Agent had moments in which it had a high load, we escalated it to the CheckPoint support that helped us to stabilize it. We had a problem with the parameterization of the solution. Once corrected by following the CheckPoint instructions, everything worked normally again.

It is also missed that it does not have a Linux client since some administrators use this type of operating system.

For how long have I used the solution?

I have been using SandBlast for more than six months.

Which solution did I use previously and why did I switch?

Previously, we used third-party antivirus software and switched to Check Point SandBlast Agent for its ease of integration with other Check Point products and to improve protection against ransomware.

What's my experience with pricing, setup cost, and licensing?

The cost of the solution is similar to other products on the market.

Which other solutions did I evaluate?

We have been evaluating other products, such as Bitdefender and Broadcom (Symantec Enterprise).

What other advice do I have?

It is a very complete product but you have to know how to parameterize it well to avoid high CPU consumption.

It is also missed that it has no client for linux.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
GG
Field Services IT Desktop Support Supervisor at a government with 5,001-10,000 employees
Real User
Top 10
Easy to use, very effective, and scales well

Pros and Cons

  • "We have found the stability to be very reliable."
  • "Technical support can be a bit slow at times."

What is our primary use case?

We have this at an enterprise level and we have it for all our endpoints. We use the product for disk encryption, anti-malware, and BPM blades.

What is most valuable?

The solution offers disk encryption, anti-malware, and BPM blades. For example, the Disc Encryption Software Blade is actually a part of this endpoint security solution. The whole thing is good for us.

The product has been proven 100% effective with us. We haven't had anything related to any threats passing to us for the past five years.

The solution is easy to use. It is self updated when there's a new version. It updates seamlessly, no matter what features you have. However, depending on what we use, there are some features that they will not apply in the clinics. We don't have the preview screen. We can customize it in a way that it doesn't disrupt our operation depending on if it is a laptop, it is a desktop.

The security is very good.

The solution is very straightforward.

The solution scales well.

We have found the stability to be very reliable. 

What needs improvement?

The solution is mostly very good. The reason why I'm trying to compare it with FireEye is due to the fact that it's supposed to be a mandate by the State. We are trying to justify the fact that we don't need to change our environment. For example, if the only thing that they want is to provide reports for the State, then that's a different story. We can customize the reports based on what they're asking for. We don't need to change or want to, however, the State may require us to.

Technical support can be a bit slow at times. 

For how long have I used the solution?

We've dealt with the solution for ten years.

What do I think about the stability of the solution?

The solution is very stable. There are no bugs or glitches. Its performance is good. It doesn't crash or freeze.

What do I think about the scalability of the solution?

The scalability of the product is very good.

How are customer service and support?

The solution offers very good technical support. While they may be a bit slow, they always come through with a solution. 

How was the initial setup?

The initial setup is very straightforward. It's not a problem at all. 

What's my experience with pricing, setup cost, and licensing?

I have no information in terms of the pricing. I'm not involved with neither the purchase, maintenance, contract, or anything that has to do with licensing.

Which other solutions did I evaluate?

The company may be interested in trying to change to FireEye. I'm looking at it now to see what differences and advantages are at play. 

What other advice do I have?

We're just a customer and an end-user.

I'd rate the solution at a ten out of ten. We've had no problems with it at all.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PRAPHULLA  DESHPANDE
Associate Consult at Atos
Real User
Top 5Leaderboard
Helps us to detect running malicious activity in our network

Pros and Cons

  • "It helps us to detect running malicious activity in our network and after the COVID situation, most users are working from home where it becomes very difficult for IT admin to maintain security so such type of solution definitely helps us to prevent cyber attacks."
  • "We know that Check Point has a very good database about threats even Check Point tries to make this EDR stable still there are some issues we were facing after upgrading or taking TAC to help its got resolved but Check Point really needs to work on metadata."

What is our primary use case?

Previously, one of our clients was using Symantec and we provided POV to them with Check Point SandBlast agent after that customer found that it's very easy and stable to use after E83 version released.

There were many bugs or cosmetic issues that Check Point rectified and provided the stable version.

It helps us to detect running malicious activity in our network and after the COVID situation, most users are working from home where it becomes very difficult for IT admin to maintain security so such type of solution definitely helps us to prevent cyber attacks.

How has it helped my organization?

Compliance check, anti-malware, Media Encryption Full disc encryption, Forensic behavioral ransomware protection are some type of feature that Check Point provides with a single dashboard console. It gives overall host information about when any malicious activity has found and what action by which security blade has taken. So starting from firewall bladed to forensic / ransomware blade it gives us finite detail information on the host. So most of the security load has been transferring to the endpoint which is perfectly doing their work.

What is most valuable?

Most of EDR solutions which detect malware based on AI or ML. Check Point provides the most sophisticated attack vector information by combining these two. The forensic analysis gives detail information about host compromised how exact payload was executed and bots were communicating and how it prevents them.

Anti-ransomware createS a copy of your entire disk in case any suspicious activity founded then it automatically restored all files to its last backup file date so even after the system gets compromised by ransomware still we get hope to get all data safely.

What needs improvement?

Stability.

We know that Check Point has a very good database about threats even Check Point tries to make this EDR stable still there are some issues we were facing after upgrading or taking TAC to help its got resolved but Check Point really needs to work on metadata.

Check Point agent to Server communication many times got interrupted or cloud-managed infinity portal dashboard gives many issues while creating policy or installing uninstalling agent or packages.

Heavy load on the system gives issue which can be in a different manner.

For how long have I used the solution?

2 years.

What do I think about the stability of the solution?

Needs to work better.

What do I think about the scalability of the solution?

can be scaled upto high value

How are customer service and technical support?

TAC team is helpful.

Which solution did I use previously and why did I switch?

Symantec to Check Point.

How was the initial setup?

Not too easy. Need to have basic understanding and require to take local Check Point engineers to help sometimes.

What about the implementation team?

We are a vendor.

Which other solutions did I evaluate?

Cisco  AMP.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Check Point Harmony Endpoint Report and get advice and tips from experienced pros sharing their opinions.