Check Point Harmony Endpoint Room for Improvement

Network Technical Specialist at a manufacturing company with 10,001+ employees

We do like the product, although there are quite a few things that we're asking our Check Point account team to enhance, where we think we probably could get more features from it.

We use a couple of Check Point products, like SmartEvent, and SandBlast Agent is not really integrated into that. We haven't gotten the reports working yet. We are working with the account team and trying. As I said, it's still relatively new in terms of what we're trying to achieve. We probably should have had more Professional Services come and help us. But, from our company's point of view, especially at this time in the market, the finances are just not there. But from what I've seen so far, I don't think there's enough integration into SmartEvent. That's something that I've asked our account team to try to focus on in the next versions or as an enhancement request.

Integration and deployment are probably the weakest points, and maybe service as well, although they are still at the high end. Would we go out to market and buy this on its own? Probably not, is the honest answer. But because it is a Check Point product and the licensing comes as part of it, it gives us this time to go and prove that, when it's together with all the other products that we have from Check Point, it certainly integrates very well. Would I go and buy this just as a standalone service if we didn't have Check Point firewalls? Probably not.

View full review »
Sumit B.
Consultant at Cognizant

It needs more documentation and better ease of deployment. For documentation, it needs more information about integrating the endpoints on SandBlast Agent mobile as well as on desktop platforms.

View full review »
Basil Dange
Senior Manager at a financial services firm with 10,001+ employees

The Threat Hunting module is not available for on-premises deployment.

The user has to connect using the VPN to take Policy Server updates when the solution is hosted on-premises. This adds overhead, as the user has to connect to the corporate network to get the policy.

In the case of a hybrid setup where the Policy and Management Server is on the cloud, the Sandbox appliance has to be on-premises.

Policy configuration and deployment are complex.

The application control and URL filtering features are not very strong.

Application Control databases are generated locally and it does not provide any visibility to the admin on which applications are installed on the endpoint.

The solution is supported only on Windows and MAC and not any other platform.

View full review »
Learn what your peers think about Check Point Harmony Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: June 2021.
510,534 professionals have used our research since 2012.
Head of IT at a real estate/law firm with 11-50 employees

It isn't exactly the cheapest, but then it's Check Point. The price could be improved.

I'd also love to see them add full MDM support, but I appreciate that that's not the product market. If it did come in, I'd be more than happy to look at additional modules. It was probably one of the easiest products I've ever had to deploy it, but if it's not capable of doing MD, then that's going to impact its usefulness to us.

View full review »
Information Security Analyst at The VPS Group

The only two bug bearers of Check Point SandBlast that I have come across are as follows:

Sometimes, the Cloud Management Portal can become unresponsive or take a long time to process a query. This in turn will cause the browser to freeze, which will require closing and reopening of your browser.

The second is that getting useful "administrator" information requires digging into the policy rules via a second management agent installed on your computer. However, once installed, it is easy to navigate and use so is more of a slight inconvenience than a major issue.

View full review »
Jacob Imo-Abasi, Jr
Business Analyst / Developer at a tech services company

There should be some way of managing this solution outside the organization's network, possibly with some type of remote access. For example, if I'm the admin of Check Point who manages the entire network, I would like to have access on my home device or maybe a mobile app to get reports, etc.

View full review »
Team Lead Implementation Services/Systems Integration Engineer at Trinidad Systems Limited

As I understand there will be a URL filtering feature included with the browser agent in the future. This will allow URL filtering without the need for a Gateway Device. This is something I am looking forward to and would be a great addition to a list of features.

The best improvement to the product that can be made is to make it less resource-intensive so it may work effortlessly on slower systems.

The ability to push the Endpoint Client over the network without the use of 3rd party solutions would be an asset.

View full review »
José Javier Dominguez Reina
Project Manager at Junta de Andalucia

It is a very complete product but you have to know how to parameterize it well to avoid high CPU consumption.

SandBlast Agent had moments in which it had a high load, we escalated it to the CheckPoint support that helped us to stabilize it. We had a problem with the parameterization of the solution. Once corrected by following the CheckPoint instructions, everything worked normally again.

It is also missed that it does not have a Linux client since some administrators use this type of operating system.

View full review »
Senior Security Analyst at Atos


We know that Check Point has a very good database about threats even Check Point tries to make this EDR stable still there are some issues we were facing after upgrading or taking TAC to help its got resolved but Check Point really needs to work on metadata.

Check Point agent to Server communication many times got interrupted or cloud-managed infinity portal dashboard gives many issues while creating policy or installing uninstalling agent or packages.

Heavy load on the system gives issue which can be in a different manner.

View full review »
Head of IT at Cosyn Ltd

The entire industry may move to the cloud, where we don't have to worry.

View full review »
Novell, Microsoft, and UNIX Network Administration at GDDC

The antivirus is not as friendly as other solutions and can be improved. 

We would like to have the ability to stop and restart the service remotely, which is something that we can do easily with Symantec but have a hard time with when using Check Point.

View full review »
CIO / CTO at a financial services firm with 51-200 employees

The solution could improve VPN functionality and the VPN user-interface.

View full review »
Kirtikumar Patel
Network Engineer at LTTS

As of now, product-wise, we haven't found any major concern that needs to improve, although it does not support full MDM and this is something that should be there.

View full review »
Jane Adams
Information Technology Specialist at RBC

Some of the less tech-savvy users sometimes find it difficult in adjusting and learning how to use the platform.

In some areas, the user-communities that ought to help are not readily available. Perhaps in the future, the vendor ought to send a sales representative or a knowledgeable person to each buyer to assess how they are using the platform. In case of any challenges, they should help them in using the platform efficiently.

View full review »
Engineer at a tech services company with 51-200 employees

We cannot integrate this product with other solutions, which is something that should be improved. I believe that it is in the roadmap.

Other vendors have some non-security-related features in their endpoint protection solutions that should be implemented in this one.

View full review »
Senior Solution Architect at a comms service provider with 51-200 employees

I would like to see simple sandboxing for malware analysis. But, they are not the leaders in this market. I would like to see virtual tasking as a feature.

View full review »
Network Security Assurance Specialist at Visa Inc.

I think some work needs to be done to improve the integration with other third-party products, namely SIEM solutions. We found it quite challenging.

We found out the hard way that the configuration was lost when we version upgraded the management console.

View full review »
Network and Security Engineer at Information Technology Company

The solution could be improved in the future with a way to provide online training to customers for free, as other providers do. Ideally, it would be not only for this solution but for all of their systems.

I found that there is no Check Point online training center and I think that is something vital for most of us as customers.

View full review »
Angela Infante
Pre-Sales Engineer at a tech services company with 51-200 employees

The solutions agent could have better performance, it is a little slow sometimes.

View full review »
Owner at Giliam Network & System Solutions

I would like to see support for a policy in the appliance that will refuse to create a connection if it does not detect an active virus scanner.

Two-factor authentication is missing from this solution.

View full review »
Learn what your peers think about Check Point Harmony Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: June 2021.
510,534 professionals have used our research since 2012.