Check Point Harmony Endpoint Reviews

This software enhances the security of our remote workforce. It creates safe collaboration routes that cyber attacks cannot compromise. Data safety and communication infrastructure have been well maintained since we deployed this software. 

Endpoint protection has enabled teams to complete projects faster and monitor workflows efficiently. 

It has automated security protocols to cover the wide networking area in the enterprise. Check Point Harmony Endpoint has deployed comprehensive security that prevents any external attacks that may be a threat to our internal policies.

This software has quashed many security threats that could affect operations and slow down production. 

When sending emails to my colleagues, it detects any virus and blocks any spam that may be shared. It is flexible and gives the IT team full access and control during deployment. 

We have been able to attain security compliance and requirements for an excellent working environment. 

The entire organization has been doing well since we deployed this software due to safe collaboration channels and improved security data awareness.

The total cost of ownership has enabled the company's teams to identify any areas with security weaknesses and appropriately assign security models. 

The log4j-related attacks blocking system detects any vulnerable endpoints in advance. 

Identifying ransomware behaviors has upgraded the security monitoring system and put measures in place to curb such threats. 

When browsing, it blocks phishing sites that may hack personal data and leak to internet cyber criminals. 

The endpoint behavioral guard identifies online threats that easily prevent credential theft that may lead to funding theft.

The current performance of Check Point Harmony Endpoint has impressed all the sectors in the organization.

Configuration with some applications did not take place effectively due to setup complications. 

Interpreting the threat intelligence sensors may lead to poor data tabulation and slow performance. 

The cost of deployment and maintenance is high, and many small enterprises may not be able to afford premium subscriptions. 

The set security enhancement objectives have been achieved, and internet threats have been blocked effectively. I totally recommend this software to other organizations for reliable endpoint protection.

I've used the solution for two years.

This software offers a stable performance.

The performance is good, and I am impressed by the overall output.

We have been served well by customer service since we started engaging them.

Positive

I have no experience with any other product.

The setup was straightforward.

Deployment was done by the vendor team.

The targeted ROI has been achieved, and there is increasing growth.

The setup and pricing are flexible depending on company size and security demands.

I have only worked with Check Point Harmony Endpoint.

Comprehensive security for the company's network infrastructure is essential, and this is what this platform has provided.

In my organization, we have deployed the Harmony Endpoint Check Point tool with the idea of being able to secure the deployed part of our mobile corporate devices in order to start the security processes at the point as close to the user as possible. 

Using its ease of deployment capacity and its power in detecting malware or insecure elements, this tool provides us with the peace of mind we were looking for in an environment of several thousand terminals deployed on the network in many places and environments.

By using the Check Point Harmony Endpoint tool we have improved our network visibility, have extensive control of our network and our users, and, above all, have a level of security against cyber attacks that we did not have before. 

Now, we are able to detect and avoid security breaks. We can better understand the use that our users make of the devices, and, most importantly, we can apply security policies that keep our users safe as well as the organization's own systems and data. The personal information of our users is also secure.

Right away, we noticed when using Check Point's Harmony Endpoint tool, was the ease of deployment. In our case, it was deployed without too many difficulties, considering the deployment involved several tens of thousands of devices. 

Once deployed, the dashboard and all the inventory information that we had been able to obtain and that we did not know about before proved to be very interesting. 

One of the strengths of Harmony is its power to detect threats and keep us safe. Also the ability to apply policies specifically to users or groups is very useful.

I still don't have a clear opinion of the possible improvements that the tool may need. There are still functionalities that I have not been able to try completely and I would like to spend more time using the tool before offering an opinion to the IT Central community on this point. 

Something that is very important to me is the remediation or recovery capabilities after an attack. From what I have seen so far, this tool maintains the quality line of Check Point products and is always ahead of the needs of the market.

I've used the solution for seven months.

This was the first endpoint tool we use in my organization. We didn't use anything previously.

The only thing I don't like about the solution is the time to pay for the licenses. That said, I really believe that it is a fair price according to the quality of the product offered.

We also looked at Panda Security Adaptive Defense, Cisco Secure Endpoint, ESET Endpoint Security, and Microsoft Defender for Endpoint.

After analyzing and comparing other solutions, we determine that Harmony has the best value for money.

We had the need for every employee to be protected inside and outside of the organization and mainly the sales areas, which often are exposed yet constantly have the greatest mobility within our organization. There were uncertainties and needs for security. We have been testing solutions that will allow us to complete this requirement. We opted for and used the Check Point Harmony Endpoint, which gave us easy administration and management of the equipment, ensuring safety in the best possible way. 

Check Point Harmony Endpoint gives our organization and us a solution that we could manage while complying with internal and external policies and regulations. It's been a great ally in the security and internal strategies of our organization. After testing and using it, we have realized that its capacity is not only to secure the devices. It also gives added value in its way of managing and allows us to have control over inventory and management of the equipment that we have.  

The best feature is that it can secure the equipment. It is integrated with a cloud platform that takes advantage of many emulation features in real-time filtering of malicious attacks. It has detection management with all types of computing power used in the equipment and outside of it in the cloud to which it is connected. This comes to give us a complete solution.

For the future, I would like to see maybe a content-filtering emulation feature in Harmony Endpoint. It would already be cataloged in the app. It would help filter other types of characteristics that we have in our equipment, and allow us to see the ones that are also very vulnerable. We'd like to have everything integrated into a single solution that communicates with the cloud.

I've used the solution for a full year.

We use Check Point on our 500 computers to protect them from viruses and malware. The network is a protected local area network with limited connectivity to the internet. Not all computers are connected to the internet; only users with the necessity to connect can access it. We also increase the protection from viruses/malware by disabling USB ports for mobile storage. With all the protection steps taken, we still see that antivirus is a must to have as standard computer protection.

With all security steps taken to protect the network, viruses and malware still appeared in the network. Check Point Harmony Endpoint (endpoint antivirus) has helped our organization by preventing further damage to the computers and the network by detecting and taking appropriate action (quarantine, clean, delete) to viruses and malware. 

By doing this, our organization's business can maintain its operational state without any significant disturbance, and that is the most important thing to achieve.

Some of the most valuable features from Check Point include:

1. Its ability to run real-time scans in the background and detect all the malware and viruses while taking action to clean the system from the threat.

2. On-premise centralized management, so the client can do signature updates locally and save the internet bandwidth.

3. The reporting feature where we can see and monitor what happened on our client computers. For example, which client has out-of-date signatures, which client is infected by what virus, et cetera. 

Some areas of improvement could be :

1. Making the user interface on the server more intuitive and user-friendly. 

2. Making it easier for the user to do tuning and configuration to the server or the client application. For example, to turn off notifications, the user should be able to do that with some clicks on the user interface instead of searching and reading about how to do it in the knowledge base first and then trying to do it.

3. Our application version is quite old, and Check Point already released a newer version for endpoint protection, which includes a cloud version. After doing some trials, we see that Check Point already made many improvements to the features and user interface.   

I've been using the solution for five years.

Tthis solution runs with good stability.

If we deploy it on-premise, we should see the server hardware requirement first and match it with the number of clients we want to handle.

Customer service gave good support when we needed it. For example, when we need support on renewing the license or when we need to upgrade the client version, they have a quick response time to deal with the problem.

Positive

We did use a different solution previously. We switched as we want to use the same brand for our NGFW and our endpoint protection.

The setup was quite straightforward. We installed the server first and then made the client installer. If you have an active directory on the network, you can install it with push installation. That said, we don't have it, so we needed to install the client by accessing the client directly.

We implemented the product together with the vendor and an in-house team. The vendor team has good knowledge when it comes to implementing the product.

At the time we purchased it, the licensing was separated into some modules. There were antivirus modules, data protection modules, and full modules if I'm not mistaken. You should make sure that the module you choose fits your requirement. 

We evaluated the ESET antivirus.

Check Point has released their new product on endpoint protection, which includes a cloud version. You could try it for free to see if this product matches your needs before purchasing it.

The solution should be able to provide next-generation security for endpoints and should be able to monitor, detect, mitigate, and block attacks, as well as provide complete visibility in terms of the chain of events so that forensics can be performed accordingly.

All of the security features should be provided on a single agent and it should be lightweight and should not have a performance impact on the endpoint.

Provide required/relevant logs on the console and also should be able to forward to the SIEM solution. So accordingly, a use case can be created. 

The agent should be tamperproof and the admin should not be able to shut down or stop services without the security team concerned, or by using a password.

We should be able to integrate and share IOC with other security devices.

The Check Point SandBlast solution, also known as Harmony Endpoint, is able to detect, block, monitor, and respond to any malicious activity that happens on the endpoint. With a single agent deployed on the endpoint, it's able to provide complete EDPR functionality, with help of multiple security features and modules.

This agent can be pushed either from the Check Point management console or by using other patch management solutions such as SCCM.

It is able to provide a consolidated security posture for all Windows endpoints on a single dashboard and also provide threat hunter visibility for any security threat on the endpoint, and able to mitigate the same. 

Provide capability of reproducing any security threat and also provide RCA/attack tree. 

File/hash can be swiped across the network using the security console, which provides visibility on the endpoint according to its priority.  

Harmony Endpoint provides complete EDPR functionality using multiple modules and features that are available with the solution. These include Compliance, Anti-Malware, Media Encryption, Port Protection, Firewall, Application Control, Full Disk Encryption, Remote access VPN, Capsule DOC, URL Filtering, Anti-Bot, Anti-Ransomware, Behaviour Guard, Forensics, Threat Emulation, and Anit-Exploit. This group of features is able to protect the endpoint from any next-generation attack. Any of the modules can be enabled or disabled based on the organization's requirements.

Harmony Endpoint is able to detect, monitor, block, and mitigate attacks on the endpoint and it builds and maintains relevant logs for later inspection. The agent sends telemetry/metadata to the centralized console for forensic purposes.

Policies for endpoints can be created based on the username or endpoint.

Integration with the Threat intel platform is helpful for blocking any attack at an early stage.

The complete solution can be hosted on-premises or SaaS on the cloud.

Remote access VPN is provided as default in the base license.

A different Policy Server can be configured and hosted at each location so that the agent does not have to reach a central location to receive policy updates. Policy servers are created using an OVF file, which can be installed on any Virtual Platform such as VMware.

It has secure communication between the Policy Server and the Management Console using Certificate/SIC communication.

The agent footprint is small on the endpoint.

It supports integration with other security solutions for sharing threat intel within an organization or over the cloud.

The anti-ransomware module is very strong; it's able to detect any ransomware attack at a very early stage.

Host-based firewall policy configuration is simple, which helps to access an endpoint if the machine is not in the organization's network.

The Threat Hunting module is not available for on-premises deployment.

The user has to connect using the VPN to take Policy Server updates when the solution is hosted on-premises. This adds overhead, as the user has to connect to the corporate network to get the policy.

In the case of a hybrid setup where the Policy and Management Server is on the cloud, the Sandbox appliance has to be on-premises.

Policy configuration and deployment are complex.

The application control and URL filtering features are not very strong.

Application Control databases are generated locally and it does not provide any visibility to the admin on which applications are installed on the endpoint.

The solution is supported only on Windows and MAC and not any other platform.

So far, the solution is stable.

The solution is scalable we can add multiple policy servers based on requirement and it will be integrated with the central management server (Primary/Secondary). 

In the case of the SaaS offering, it is managed by Check Point. 

Technical support is excellent.

We used McAfee AV but it was not able to provide the next-generation capability that we were looking for.

The solution required the Management Console and Policy server for initial setup and it can be increased based on the requirements.

We had assistance from the vendor during deployment and the service is excellent.

There are three different licensing models including basic, advanced, and complete, and it needs to be selected according to the endpoint. For example, it matters whether it is only required for a Windows endpoint as opposed to providing support for BYOD/Mobile devices.

We evaluated Windows ATP and CrowdStrike.

In case you want to set up the solution on-premises and you want to deploy multiple policy servers, it is complicated. You will need an OVF to be deployed at each location and sometimes, organizations don't have the compute or supporting platform for deployment.

Also, for connecting remote users there is a dependency on the VPN, hence it's again a challenge for users to connect to the policy server for updates.

We're using this for our endpoint protection in terms of antivirus and malware protection, disk encryption, and URL and application filtering on our client computers.

We integrate the VPN feature with Check Point's firewall allowing our clients to access internal resources with security policies enforced and controlled.

The reports given by the software are also a benefit since it allows better management and control of access to all our client computers at any time from anywhere.

The web console is also nice.

We have all our information and policies on one platform for all the features, and we can assign our technicians' several permissions and roles on the product.

Our customers are also better protected, and we can guarantee that security policies are enforced and compliant in each one of them.

Security has been a significant focus for us, and Harmony Endpoint, together with the entire Check Point ecosystem, made it easy for our organization to enforce such policies.

We value the URL and app filtering of the platform.

The URL filtering and application control are very helpful since it's typically hard to block productivity loss apps/URLs on clients when abroad. Harmony made it easy to control the usage of the company resources and bandwidth.

Disk encryption is a nice feature if you don't have other systems. However, since we've already had BitLocker deployed, we saved a few dollars on this licensing type.

The license plans are also very nice and distributed - allowing for a separation between types of users with more basic or more advanced options.

Customization of UI should be a little better in terms of application UI and messages that are displayed when something is blocked or non-compliant. URL filtering should allow for time-based rules, for example, don't allow media streaming during work hours yet allow it on weekends.

The same applies to application control. When in our headquarters, we can solve this on the Check Point Firewall. However, the Harmony client does not support this type of condition, and we had to find a "middle ground" between policies and usability for our clients.

We've been using this solution for two years.

We did use Microsoft Defender. It lacked features, and therefore we moved away from the solution.

I'd advise users to try to implement BitLocker for disk encryption since it's free.

We did not evaluate other options. 

From my point of view, the use cases involved strategy and business opportunities.

The solution is easy to use and easy to manage.

The security in regards to phishing, viruses, and so on, is very powerful. 

For mobile devices, encryption is excellent. 

From our point of view, Check Point is really easy to implement and really easy to manage. From the customer's point of view, the main reason was that the Check Point is the best brand, one of the best brands in our region. When they evaluate in comparison to competitors it comes out on top.

The solution is stable.

It's easy to scale as needed. 

Check Point Harmony covers everything.

We did have some early compatibility issues, which I hope Check Point has since resolved. 

As each project varies, anything that may be missing, in terms of features, would become obvious during a POC. Check Point has pretty much everything, however, it could be better in terms of working with Mac products. However, this is typical of other solutions and Apple. 

I started working with the solution approximately one year ago. We implemented it primarily for the endpoints. 

A large company in our area opened the discussion about endpoint security. During the discussion, we looked at Check Point products as our company at this moment was a distributor for Check Point products.

The solution is very stable and reliable. There are no bugs or glitches and it doesn't crash or freeze. Its performance is good. 

Users can scale the product very easily. If you need more parts from the products added to the running environment, you can buy some more licensing. For the administrators, it is very easy to implement as scalability is one of the strongest parts of Check Point.

Technical support is very good from the vendor. We find that to be very important. 

Positive

I can't speak to the details around deployment or implementation as I was in pre-sales. 

We are able to implement the solution for our client. While we have four people involved in pre-sales activity, we have another team that handles the implementation.

Users can observe an ROI. We worked with the client for a very short time and therefore had no time to calculate the ROI, however, it is my understanding it is there and quite good. 

We had special licensing for a rather sizable project. The project was prepared by Check Point directly and the client had a special negotiated rate. 

My previous company was a partner of Check Point. I no longer work there.

I was involved in pre-sales activities with the client who uses the product. We're a distributor of Check Point. 

I'd rate the solution nine out of ten. We had some problems with implementations during proof of concept with a particular customer with a lot of Apple products, however, it is a small number of problems.

Our primary use case for this solution is Antivirus capabilities. These include Antimalware, Antibot, Anti-Ransomware, and Threat Emulation and Anti Exploit. We have a mixed environment that includes Windows 2012 R2 Windows 7 Windows 10 and macOS 10.xx. We also use VMware. 

The client has been installed on all servers, PC,s, laptops and MAC machines. 

We need all this infrastructure monitored for malicious activity and reporting if something happens in realtime. This solution has worked very well.

In the past, we have experienced virus problems on our network. It has come in through email attachments, USB drives, internet websites, and so on. The current solution was not performing well. Since we implemented  Checkpoint Endpoint Security we have had no infection thus far. It is able to scan all email attachments, lock the ability to use external USB drives, and scan rouge internet traffic. We are very satisfied with this solution. Since its implementation, we have had no loss in data and no loss of revenue.

One of the most valuable features is the Threat Emulation and Threat Extraction. These features are able to scan email attachments before the user is able to access the file and then provide a safe copy of the attachment. Malicious files never get to the users' machine. This is a very valuable feature of this solution.

The Zero Phishing feature is also very valuable. This feature has the ability to scan the username and password fields on a website before you enter your credentials and verify if the site is legitimate. This brilliant feature prevents the stealing of account information.

As I understand there will be a URL filtering feature included with the browser agent in the future. This will allow URL filtering without the need for a Gateway Device. This is something I am looking forward to and would be a great addition to a list of features.

The best improvement to the product that can be made is to make it less resource-intensive so it may work effortlessly on slower systems.

The ability to push the Endpoint Client over the network without the use of 3rd party solutions would be an asset.

I have been using and implementing this solution for about three years.

My impression of the scalability of the this solution is positive. It can be don't with minimal affect on production. 

They attend to your needs in a timely manner. They are well educated in the product.

We did use a different solution in the past. It was not performing well and we were always getting infected by malicious software. they made us switch to Checkpoint Endpoint Security.

The initial setup is straightforward and can be done by less technical staff.

It was done by an in-house team.

Setup costs can be kept to a minimum as Check Point offers Cloud Management which eliminates the need for on-premise hardware cost.

We did evaluate Avast. Which was not performing well. We also evaluated Kaspersky. Their client was a bit to resource-intensive.

Check Point Endpoint Security just works. You will not be disappointed.