Check Point Harmony Endpoint OverviewUNIXBusinessApplication

Check Point Harmony Endpoint is the #7 ranked solution in our list of EDR tools. It is most often compared to Microsoft Defender for Endpoint: Check Point Harmony Endpoint vs Microsoft Defender for Endpoint

What is Check Point Harmony Endpoint?

Check Point Harmony is the industry’s first unified security solution for users, devices and access.

The solution protects devices and internet connections from the most sophisticated attacks while ensuring Zero-Trust Access to corporate applications.

Check Point Harmony Endpoint is also known as Check Point Endpoint Security, Endpoint Security, Check Point SandBlast Agent.

Check Point Harmony Endpoint Buyer's Guide

Download the Check Point Harmony Endpoint Buyer's Guide including reviews and more. Updated: September 2021

Check Point Harmony Endpoint Customers

Boston Properties, Independence Care System, Melbourne Convention and Exhibition Centre (MCEC), Courtagen Life Sciences, Carmel Partners

Check Point Harmony Endpoint Video

Pricing Advice

What users are saying about Check Point Harmony Endpoint pricing:
  • "Licensing comes free in that first year or is included in the base package. From a commercial point of view, it really just is the renewal cost, rather than a one-time fixed cost or buy-in."
  • "One of the key factors that made us go with this solution was the pricing. On the licensing part, there was an initial complementary set of licenses offered in the initial onboarding package, either 15 or 20. Then, we had some complementary licenses in the initial purchase of the package. That was pretty useful."
  • "There are three different licensing models including basic, advanced, and complete, and it needs to be selected according to the endpoint."
  • "I bought them for 12 months and I genuinely cannot remember what I paid for them. I think it's about 100 pounds per user per year, so about 10 pounds a month per person."
  • "Initial monies replacing all AVs with a single product is about £10k."
  • "In terms of licensing, have a buffer zone around your projects in terms of the amount of endpoints that you want to have. You can always have more, but it is best to leave room for a little increase or growth."
  • "The solution is too pricey."

Filter Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
NC
Network Technical Specialist at a manufacturing company with 10,001+ employees
Real User
Top 20
Enables us to integrate endpoints into our IPS and we are seeing things which, without this tool, we would be exposed to

What is our primary use case?

With every new firewall that we're purchasing, we're deploying the SandBlast Agent. At the moment we're only running it on about 20 firewalls, just because the licensing isn't retroactive. What we need to do is produce a proof of concept to say, "This is the stuff we're getting." We're looking at it in a learning mode and then we can consider getting into a more aggressive mode of stopping everything. At the moment, we're trying to use it to give us information rather than to fully stop everything. It's deployed on our physical firewalls, on-prem.

Pros and Cons

  • "It's pretty complete for preventing threats to endpoints. Its capabilities are great."
  • "We use a couple of Check Point products, like SmartEvent, and SandBlast Agent is not really integrated into that. We haven't gotten the reports working yet. We are working with the account team and trying. As I said, it's still relatively new in terms of what we're trying to achieve."

What other advice do I have?

What we've gained is more of an understanding of what's on our network. If I were to go and do this again from scratch, I probably would have looked to integrate more with our Check Point sales team and would have gotten more help from them. My advice would be to involve your SE. He can help you through a lot more of the options when you deploy. We don't use the solution’s Management Platform for the creation of virtual endpoint management services in the cloud. We haven't got to that cloud point yet. It's something we could do, potentially. We're going to work with our account team about…
Sumit B.
Consultant at Cognizant
Consultant
Top 20
Protects against malware, phishing, DDoS and MITM attacks

What is our primary use case?

Our use case for SandBlast Agent is that our team is set up in multiple geographies, such as, India, Sri Lanka, UK, North America, and Australia (where we have a bit of business). We have courses for an educational client which need go to market, schools, instructors for hire, and students. Given that there was COVID-19 and a lockdown, there was an increase in the digital demand for learning courses. So, we wanted to secure our courses from cyber attacks. Thus, we wanted an end-to-end security system in place that would prevent/save us from cyber attacks and protect our sensitive data. Systems… more »

Pros and Cons

  • "SandBlast Agent is always working in the background collecting sensitive data, forensics, and notifying users whenever there is a chance of a brute-force attack into our systems. Otherwise, it has been protecting our data at various geographies along with the endpoints that we set up on the cloud. They have been able to filter out or thwart any attacks from the very word, "Go," and make our work very safe and smooth."
  • "It needs more documentation and better ease of deployment. For documentation, it needs more information about integrating the endpoints on SandBlast Agent mobile as well as on desktop platforms."

What other advice do I have?

In this digital ecosystem, we need to secure our data at every moment and have something in place, like SandBlast, to keep our networks scanned at each moment. You never know where the next attack is coming from: malware, phishing, denial-of-service attacks, man-in-the-middle attacks, etc. Therefore, we need to be on the lookout for these type of attacks and any other unauthorized URLs trying to get into our systems to access data for any purpose. Have a system in place to keep your data secure. You should definitely give SandBlast Agent a try. It is worth it. The solution is very secure and…
Learn what your peers think about Check Point Harmony Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: September 2021.
535,544 professionals have used our research since 2012.
Basil Dange
Senior Manager at a financial services firm with 10,001+ employees
Real User
Top 5Leaderboard
Good logging facilitates forensics, but policy configuration and deployment are complex

What is our primary use case?

The solution should be able to provide next-generation security for endpoints and should be able to monitor, detect, mitigate, and block attacks, as well as provide complete visibility in terms of the chain of events so that forensics can be performed accordingly. All of the security features should be provided on a single agent and it should be lightweight and should not have a performance impact on the endpoint. Provide required/relevant logs on the console and also should be able to forward to the SIEM solution. So accordingly, a use case can be created. The agent should be tamperproof and… more »

Pros and Cons

  • "Harmony Endpoint is able to detect, monitor, block, and mitigate attacks on the endpoint and it builds and maintains relevant logs for later inspection."
  • "The application control and URL filtering features are not very strong."

What other advice do I have?

In case you want to set up the solution on-premises and you want to deploy multiple policy servers, it is complicated. You will need an OVF to be deployed at each location and sometimes, organizations don't have the compute or supporting platform for deployment. Also, for connecting remote users there is a dependency on the VPN, hence it's again a challenge for users to connect to the policy server for updates.
TonyPegrum
Head of IT at a real estate/law firm with 11-50 employees
Real User
Top 20
Very easy to deploy and has good stability

What is our primary use case?

We use it primarily for mobile phones. That is it. We really aren't using it in depth at all. We're using it just with basic configuration.

Pros and Cons

  • "The biggest value we found was ease of deployment. I haven't really used it much, so I can't really comment beyond that. I haven't used it much, but it's working."
  • "I'd also love to see them add full MDM support, but I appreciate that that's not the product market. If it did come in, I'd be more than happy to look at additional modules. It was probably one of the easiest products I've ever had to deploy it, but if it's not capable of doing MD, then that's going to impact its usefulness to us."

What other advice do I have?

It's very basic from what I see. It's not a full MDM solution and it's restricted with other MDM provisions. If you want to use an MDM with it to do other things like your email provisioning to mobile devices, you don't have very many options. I think it's AirWatch, MobileIron, Intune, or SOTI: only the most expensive products. If you want to look at something a little bit cheaper, you've got to pay through the nose. You can't have a cheaper solution as an MDM and run this concurrently. That's why they need to look at integrating with more MDM vendors. Other than that, it's okay. It does what…
reviewer1521789
Information Security Analyst at The VPS Group
Real User
Top 20
Good reporting, straightforward to set up, and the features give our users more autonomy

What is our primary use case?

Currently, our servers are not protected by a working anti-virus solution that receives updates. These servers & particularly the business are at extreme risk of not only suffering a breach and losing data, but also have a high risk of infecting the rest of the subsidiaries owned by Tyrion. The solution hinges on the following requirements: * The ability to be completely managed from a Cloud environment, including the ability to download new signatures whilst not on the corporate network; * The ability to generate reports based on set criteria (which can help justify the cost); * Ability to… more »

Pros and Cons

  • "The most useful feature so far has been having a functioning and up-to-date anti-malware scanner."
  • "Sometimes, the Cloud Management Portal can become unresponsive or take a long time to process a query. This in turn will cause the browser to freeze, which will require closing and reopening of your browser."

What other advice do I have?

If you have never used a Check Point product before, I would highly recommend engaging with a Professional Services provider to help with the deployment of the tool & ensuring you implement the tool based on best practices. Additionally completing the training for the Checkpoint Sandblast tool will equally achieve the same goals.
Jacob Imo-Abasi, Jr
Business Analyst / Developer at a tech services company
Real User
Top 20
Reduces malicious attacks and restricts users from accessing sites via our network

What is our primary use case?

We use it to manage our entire network and protect network traffic in terms of files that go out and come in. This protects our network between any platform we access or interactions between our clients and us. Also, it helps to monitor and block malicious applications, then it prevents these sites from accessing our stuff. We use it for the endpoints and all the additional points which access the network in the organization. It protects everything across the board, from the server to the many other devices, like your phones and laptops.

Pros and Cons

  • "In terms of network usage, it actually reduced the amount of malicious attacks that we had. Before, we really didn't have a secure network. Each endpoint had to protect itself and probably most of them were not actually protected. Now, it's an entire process in which we've been able to cut down significantly the amount of malicious attacks by 60 percent that we get in the organization. It helps us to adequately monitor what has been going on with our network traffic and stopping individual attacks from accessing certain sites where we want to have restrictions or limitations."
  • "There should be some way of managing this solution outside the organization's network, possibly with some type of remote access. For example, if I'm the admin of Check Point who manages the entire network, I would like to have access on my home device or maybe a mobile app to get reports, etc."

What other advice do I have?

It is a great fit for any organization. I would rate the solution a 10 out of 10.
Mantu Shaw
Project Manager at Incedo Inc.
Real User
Top 5
Endpoint security Solution

What is our primary use case?

It's a very good solution and it is a complete endpoint security solution. We get almost all the features we need, including features like Threat Emulation/Threat Extraction, Antibot, Anti- Exploit, Anti Ransomware protection, UBA, Zero-day Phishing protection, Behavioral Guard, Encryption, VPN, compliance, and many more. It's well integrated with Check Point Threat Cloud, as well as other Check Point solutions. The product provides complete visibility of threats with forensics analysis. There is direct Integration with all well-known SIEM solutions as well as the support of standard SIEM… more »

Pros and Cons

  • "Forensic Analysis provides a complete analysis of threats via detailed reports."
  • "Endpoint vulnerability management is one of the modules I believe is missing and it is something that is required."

What other advice do I have?

It's a very good product. Over the past year, the team has been improving it day by day and we're now more focused on endpoint security with the latest features on offer.
T. BalaMuruganandhan
Sr. Manager at Incedo Inc.
MSP
Top 20
Good security with a useful single dashboard and centralized management capabilities

What is our primary use case?

We primarily use it for end-to-end security for endpoints and the co-relation of events from one single console. We have been able to protect our endpoints with Harmony. The user experience is also good and there is not too much to be done with respect to the endpoint changes (the best part). Features like Threat Emulation/Threat Extraction, Antibot, Anti- Exploit, Anti Ransomware protection, UBA, Zero-day Phishing protection, Behavioral Guard, Encryption, VPN, and compliance makes it more powerful and helpful to our security team in order to protect the environment.

Pros and Cons

  • "Forensic Analysis provides a complete analysis of threats via detailed reports."
  • "Support's service and the response times can be improved. The triaging of the tickets takes a long time and the tickets are only resolved with escalations."

What other advice do I have?

Harmony Endpoint is a good product and scalable with business growth.
See 20 more Check Point Harmony Endpoint Reviews
Buyer's Guide
Download our free Check Point Harmony Endpoint Report and get advice and tips from experienced pros sharing their opinions.