Check Point Harmony Endpoint Valuable Features

Network Technical Specialist at a manufacturing company with 10,001+ employees

It's pretty complete for preventing threats to endpoints. Its capabilities are great.

The solution's automated detection and response capabilities are pretty good. It really depends on how aggressive we want to be with it. We've not deployed it in the most aggressive way you can, such as shutting down everything, because we've not deployed it in a greenfield site. It has not been deployed with that in mind. It has been deployed as an add-on service. As such, we don't want to be as aggressive as some top security firms would recommend we should be.

View full review »
Sumit B.
Consultant at Cognizant

SandBlast Agent is always working in the background collecting sensitive data, forensics, and notifying users whenever there is a chance of a brute-force attack into our systems. Otherwise, it has been protecting our data at various geographies along with the endpoints that we set up on the cloud. They have been able to filter out or thwart any attacks from the very word, "Go," and make our work very safe and smooth. 

We set up reports, which were weekly or biweekly. Then, our admins, who are mainly working with SandBlast Agent, were able to look at daily reports or even more granular reports, hourly or daily, based on their customizations.

The automated part keeps it running in the background. It only gives us notifications when there have been major attempts to breach data. We also have reports that show logs for what external, unauthorized systems tried to access the data. Through those reports, which are automated in the background, we are able to do what we want in order to keep our systems secure. We feel the automation part is pretty good with this application.

View full review »
Basil Dange
Senior Manager at a financial services firm with 10,001+ employees

Harmony Endpoint provides complete EDPR functionality using multiple modules and features that are available with the solution. These include Compliance, Anti-Malware, Media Encryption, Port Protection, Firewall, Application Control, Full Disk Encryption, Remote access VPN, Capsule DOC, URL Filtering, Anti-Bot, Anti-Ransomware, Behaviour Guard, Forensics, Threat Emulation, and Anit-Exploit. This group of features is able to protect the endpoint from any next-generation attack. Any of the modules can be enabled or disabled based on the organization's requirements.

Harmony Endpoint is able to detect, monitor, block, and mitigate attacks on the endpoint and it builds and maintains relevant logs for later inspection. The agent sends telemetry/metadata to the centralized console for forensic purposes.

Policies for endpoints can be created based on the username or endpoint.

Integration with the Threat intel platform is helpful for blocking any attack at an early stage.

The complete solution can be hosted on-premises or SaaS on the cloud.

Remote access VPN is provided as default in the base license.

A different Policy Server can be configured and hosted at each location so that the agent does not have to reach a central location to receive policy updates. Policy servers are created using an OVF file, which can be installed on any Virtual Platform such as VMware.

It has secure communication between the Policy Server and the Management Console using Certificate/SIC communication.

The agent footprint is small on the endpoint.

It supports integration with other security solutions for sharing threat intel within an organization or over the cloud.

The anti-ransomware module is very strong; it's able to detect any ransomware attack at a very early stage.

Host-based firewall policy configuration is simple, which helps to access an endpoint if the machine is not in the organization's network.

View full review »
Learn what your peers think about Check Point Harmony Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: June 2021.
509,820 professionals have used our research since 2012.
Head of IT at a real estate/law firm with 11-50 employees

The biggest value we found was ease of deployment. I haven't really used it much, so I can't really comment beyond that. I haven't used it much, but it's working.

View full review »
Information Security Analyst at The VPS Group

The most useful feature so far has been having a functioning and up-to-date anti-malware scanner. This has found multiple dormant threats that have existed within the business that other anti-virus products could not detect.

In addition to this, threat extraction & threat emulation have been a big benefit to give the users more autonomy. For example, allowing them to release their own spam emails that were captured by our spam filter, knowing that the files that are released will be scanned and checked for known viruses.

View full review »
Jacob Imo-Abasi, Jr
Business Analyst / Developer at a tech services company

The sandboxing feature: I like the entire process. It's one thing for it to detect, but another thing to have a remediation plan. It actually extracts out what we need to make it a clean file. 

View full review »
Team Lead Implementation Services/Systems Integration Engineer at Trinidad Systems Limited

One of the most valuable features is the Threat Emulation and Threat Extraction. These features are able to scan email attachments before the user is able to access the file and then provide a safe copy of the attachment. Malicious files never get to the users' machine. This is a very valuable feature of this solution.

The Zero Phishing feature is also very valuable. This feature has the ability to scan the username and password fields on a website before you enter your credentials and verify if the site is legitimate. This brilliant feature prevents the stealing of account information.

View full review »
José Javier Dominguez Reina
Project Manager at Junta de Andalucia

What we liked the most about the product, apart from detecting any attempted attack, is the graphical interface.

The graphical interface is very easy to use and intuitive, which greatly facilitates the work and greatly facilitates the work and the location of threats on the users' computers.

We also highly value the anti-ransomware functionality, which creates a copy of the files on the computers and in case of infection by ransomware is able to restore them to a date when the computer was not infected.

View full review »
Senior Security Analyst at Atos

Most of EDR solutions which detect malware based on AI or ML. Check Point provides the most sophisticated attack vector information by combining these two. The forensic analysis gives detail information about host compromised how exact payload was executed and bots were communicating and how it prevents them.

Anti-ransomware createS a copy of your entire disk in case any suspicious activity founded then it automatically restored all files to its last backup file date so even after the system gets compromised by ransomware still we get hope to get all data safely.

View full review »
Head of IT at Cosyn Ltd

We used to have Fortigate, the firewall, and endpoints were only protected by an antivirus. We did not have threat management or ransomware protection. We upgraded to Check Point to get this kind of protection at the endpoint level. It covers firewall, availability, VPN, IP security, IPS, application control, URL filtering, antibot, antivirus, anti-spam, and sandblast threat emulation and extraction.

View full review »
CIO / CTO at a financial services firm with 51-200 employees

The most valuable feature is the integration with Check Point's firewalls. You can have one port, and follow the logs from both Endpoint and firewall security.

View full review »
Kirtikumar Patel
Network Engineer at LTTS

The most valuable feature is the Zero-day protection, which covers our on-premises users, and well as those users who are outside of our network. 

With Zero-day protection, we have complied with our customer-specific policies as well.

Most of our users are working on customer-related projects and today, everybody is looking to have zero-day protection at the endpoint level, as well as to protect against unknown threats or viruses.

View full review »
Jane Adams
Information Technology Specialist at RBC

The best thing is that it fits into all environments, which gives any organization a chance to use it intuitively without worrying about the nature of their industry.

View full review »
Engineer at a tech services company with 51-200 employees

The most valuable feature is forensics.

View full review »
Senior Solution Architect at a comms service provider with 51-200 employees

Check Point Endpoint Security helps us ensure device control and security. It helps us make sure users can access only the network resources they should be accessing and keep malware to a minimum.

View full review »
Network Security Assurance Specialist at Visa Inc.

The Sandblast Agent really made a difference for the organization. It integrated well with the existing Check Point environment we had in place. It was used both for threat protection and remote access VPN.

View full review »
Network and Security Engineer at Information Technology Company

The most valuable features are the availability, the ease of checking current logs of blocks,  and the option to update the system easily. 

View full review »
Angela Infante
Pre-Sales Engineer at a tech services company with 51-200 employees

The most valuable features in this solution are the EDR tool and the integration.

View full review »
Owner at Giliam Network & System Solutions

The most valuable feature of this solution is the VPN.

View full review »
Learn what your peers think about Check Point Harmony Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: June 2021.
509,820 professionals have used our research since 2012.