Check Point Harmony Mobile Valuable Features

IT Security Manager at a comms service provider with 1,001-5,000 employees

We like the URL content filtering, that is one of the most valuable features. 

It also enables us to see where privacy is a concern, apps that are leaking privacy. Having an idea of how these apps are being protected offers some level of security to the device and back into our corporate network.

The protection provided by the solution for all three threat vectors, application, network, and device, is pretty okay the way they're doing it. Their solution does not work the traditional way that endpoints used to be protected using local resources, when it's doing its scan. Sandblast is comparing the app to the app store and that is a very good feature. It's not resource-intensive. In terms of the networking, it does a pretty okay job. From the device side, we're able to see that backend information, including the app information, into the portal itself. 

It's also very easy to deploy and easy to manage.

When it comes to applications and network specifically, the solution's comprehensiveness and accuracy is pretty good. For applications, it has features pertaining to things like GDPR compliance. It is not leaking an end-user's personal information. There are some good features there. The only way we are able to see a user being identified is if there is a threat. Then that user comes up in that report, but that's only for those incidents. It's a very small minority. But it does a very good job in terms of breadth of protection.

The dashboard is pretty okay in terms of how you go in and you create your policies. And it comes with a very comprehensive policy. You have checkboxes or radio buttons to select the additional features. That's very intuitive. They just recently added some new features to their dashboard as well. It's pretty straightforward when it comes to where you: 

  • look for the threats, versus the administration aspect of it 
  • how do you drill down, the analytics
  • if there are any events, how you go all the way down. 

I find the dashboard is pretty intuitive and simple, compared to how Check Point has been deploying the SmartConsole.

And when it comes to blocking attempted attacks it's also pretty intuitive and simple. Suppose we see an app that has a particular threat. We're able to select and apply policies or rules on that particular app or device, and that can prevent the threat from propagating. We can quarantine it and address the issue. It's pretty simple in being able to manage threats, from a mobile perspective.

View full review »
Systems Administrator at a retailer with 201-500 employees

I would say the most valuable aspect is just the offering itself. We don't have a lot of offerings out there in the mobile world right now to put on cell phones and they filled that gap. Having a really good security control on a mobile device is its greatest asset.

The protection provided by this solution for all three threat vectors, application, network, and device is really good. It's in-depth on all accounts.

It monitors all the URLs that a user goes to on their phone so we can see what they're looking at and we can limit it. Certain topics are not allowed to be accessed. They're monitoring their apps and they rate them based upon how big of a security risk that individual app is based on their ratings. And so we're able to limit apps as well and allow people to have some that may be a low risk, but still a risk, but we may allow that for our users whereas we block medium and high risk.

The device itself checks to see if the device is jailbroken yet and so that's a good security control they have. It also watches your SMS text messages for phishing so that's another way it's securing the device.

The detection and prevention mechanisms seem very accurate. I remember about a year and a half ago, there was an app that had been found to be malicious, it instantly switched its rating, and was reacting to that change in the vulnerability of that app rather swiftly so it seems to be very accurate and in-depth.

It's super comprehensive. The networking part watches all of its networking and it does a man in the middle attack to be able to see that, but it is extremely comprehensive in being able to see everything that the phone is doing network-wise.

It has a pretty good dashboard. You can maneuver around it quickly and be able to see what you want to see and get to the information you need.

The ease of use is good. It does allow you to send email alerts and I get email alerts when something's going on so I don't have to be watching it all the time and then I'm able to go and work with that user to resolve it. It seems to be a pretty well-built tool.

I haven't seen many false positives, they've all seemed to be pretty accurate.

View full review »
Basil Dange
Senior Manager at a financial services firm with 10,001+ employees

Enrollment is based on the user name and the admin needs to create an enrollment policy. The enrollment email goes to users who are entitled to enrollment via Capsule. Each user needs to manually click and add the Token, which is sent via email and used for providing and restricting access.

Licenses are taken from Check Point for the number of users who need to be enrolled via Capsule. 

No additional hardware or setup is required for Capsule configuration, as it can be enabled on the same security gateway. This reduces any additional hardware cost, as well as for setup and connectivity.

Configuration is straightforward and can be controlled on the same NGFW as Capsule. This is used for providing access to users.

View full review »
Learn what your peers think about Check Point Harmony Mobile. Get advice and tips from experienced pros sharing their opinions. Updated: June 2021.
510,534 professionals have used our research since 2012.
Kadeem Channer
IT Security Analyst at a energy/utilities company with 1,001-5,000 employees

I really like the application scanning portion where it scans your current applications and any new applications that you add to the device to let you know if it is malicious.

It does an active scan of all applications.

Time and time again, you read that applications have been removed from the Play Store because they are from a malicious vendor or they have been compromised. Having an extra layer of security where it scans to ensure that your device has a more secure and stable version of the application is very valuable.

View full review »
Oleg Pekar
Senior Network/Security Engineer at Skywind Group

The users in our company like that the VPN client is supported on the different platforms and operational systems, e.g. Android smartphones and tablets, Windows and MacOS PCs and laptops.

The most impressive thing is the SSL VPN Portal. With it, you don't even need any client software, just a browser is enough to connect. We have integrated the SSL VPN Portal with the Microsoft Exchange server, and this covers the needs of 95% of our users regarding remote access to the office.

The authentication is performed via integration with Active Directory, so the employees use the same credentials. It is super easy and everybody likes that.

View full review »
Hans Van Oorschot
Engineer at Caldoo

What I like is that the user experience of your mobile device is not compromised by SandBlast Mobile. The end-user doesn't see anything like an extra app on your device. The app is working in the background, scanning for all kinds of cyberattacks, and seeking out phishing, malware, bots, et cetera. 

Once something is detected, the end-user gets an alert, and can immediately command an action. When they go to open, let's say, a phishing e-mail, they get an alert that says something to the effect of "Beware, this is a phishing mail. Don't open it." The user has the possibility then to open it, however, it would be quite foolish to do so when they are told not to do it. The app gives you very good warnings in terms of malicious attacks.

There is good integration with mobile device management systems.

There is a potential for reporting if you need it.

The solution scales very well.

We've found that the product is quite stable.

Technical support is helpful.

View full review »
José Javier Dominguez Reina
Project Manager at Junta de Andalucia

The Check Point SandBlast Mobile solution supports Android and iOS operating systems and allows for integration with Mobile Device Management (MDM).

It has APIs to carry out operations in applications that connect to mobile terminals and performs the tasks that are specified. For example, avoid activating Wi-Fi or installing applications.

When mobile devices are configured, two profiles are created for each of them. There is the personal profile and the professional profile, which means that different security policies can be applied to each profile.

View full review »
Rodrigo Nalda
Responsable de Ciberseguridad. CISO at a printing company with 501-1,000 employees

The best thing about the product is that it is transparent and does not impact the users. After analyzing the battery consumption and resource load, we found that it is practically negligible.

On some occasions, we have had to contact the user to solve a problem with the system. It is quite simple, which facilitates the resolution of problems.

View full review »
Oleg Pekar
Senior Network/Security Engineer at Skywind Group
  1. The solution has clients for both Android and Apple devices, so all of our employees' devices are protected.
  2. The client allows us to detect the rooting/jailbreaking of the OS and prevents the connection of such devices to the corporate network VPN.
  3. The client detects and prevents the various types of the phishing attacks, malicious sites in the browsers, and checks them with the help of the Check Point database (ThreatCloud).
  4. The centralized management portal is rich in configuration options, monitoring, reporting capabilities.
View full review »
IP LAN and Integrity Specialist at Chevron

I really like the application scanning feature that scans all of the installed applications, and not only what appears in the Add or Remove Apps section, and then reports the results in the console.

The performance of this solution is absolutely impressive, especially in terms of battery consumption. It has less consumption than I was expecting

It is a very stable solution that integrates well with the most standard MDM solutions in the current market.

It offers good support for Apple devices and multiple Android versions, which is quite important if you have a disparate set of devices.

View full review »
Stephen Achi
Security Engineer at DGIT

The anti-phishing and scanning of SMS are the most valuable aspects of the solution. Sometimes we will get some SMS and they will try to redirect you to malicious links. If you have SandBlast Mobile, it helps you prevent clicking on those malicious links.

View full review »
Kirtikumar Patel
Network Engineer at LTTS

In Check Point Mobile access, we are using the SSL VPN for our onsite/work from home users/employees, and in this scenario, we have to secure our organization as well as our users.

In this SSL VPN, multifactor authentication (MFA) is one of the very good and valuable features for us. We have applied MFA so that no one can bypass this security and the users/employees can access their resources very easily, securely, and seamlessly. This feature is the most valuable for Remote Access

View full review »
Swapnil Talegaonkar
Technology consultant at a tech services company with 501-1,000 employees

First, the granular visibility of apps & traffic which we get through Check Point SandBlast Mobile is good. We can see each & every installed app & information for each app about severity & risk.

URL filtering has a wide variety of URL categories to choose from. We can also add whitelist & blacklist domains as per our requirements.

Another great thing about Check Point SandBlast Mobile is the ease of deployment. We can deploy a solution in an hour or two. 

Check Point SandBlast Mobile android application is very easy and simple. The interface & all processes are automated.

View full review »
Business Tranformation Project Manager at a financial services firm with 501-1,000 employees

The usability is the most valuable feature. It's really easy to use. It's a durable solution. I don't have any breaches. It is a good solution from that angle. 

View full review »
Simone Buonopane
Senior Engineer at Spacertron

The most valuable features of this solution are the: 

  • Filtering 
  • Interface configuration
  • Threat management. 
View full review »
Learn what your peers think about Check Point Harmony Mobile. Get advice and tips from experienced pros sharing their opinions. Updated: June 2021.
510,534 professionals have used our research since 2012.