Check Point Harmony Endpoint Room for Improvement
I would like to see improvements in Check Point Harmony Endpoint in general because some people use it since it is available at a competitive price. Due to the competitive pricing strategy of Check Point Harmony Endpoint, it is not considered to be a good product, like Fortinet, Palo Alto, or F5. Check Point Harmony Endpoint needs to consider that people should feel that Check Point doesn't compromise on quality even though the price at which Harmony Endpoint is offered is good. People who claim that Check Point Harmony Endpoint is a cheap product don't necessarily mean that it is not a good solution. Fortinet is a very expensive product that offers good value to its customers. If Check Point can work on the value proposition it offers to customers and make them understand that even though the solution is affordable, it is not a bad solution compared to its competitors, then it would be fantastic. The potential customers can opt for Check Point products, considering that they are offered good products at the cheapest price in its categories. It is important for Check Point to ensure that people don't have a wrong perception about the products it has launched in the market.
I don't think there are any features I would like to include, and the tool offers updates when compared with the products from competitors, which I think is a good way to do it. The only challenge is that for many organizations where there is an MDM solution in the environment and an endpoint security tool, my company needs to educate such organizations to convey the message that endpoint and MDM solutions are different products for different purposes, so they are not the same. If Check Point Harmony Endpoint can incorporate MDM into the solution, it can be a fantastic enhancement. Customers need not buy endpoint and MDM solutions if both are made available together in Check Point Harmony Endpoint. My company will have to put extra effort into educating the customers and making them understand the two different solutions. MDM is used to manage your mobile devices, and Check Point Harmony Endpoint is the security for your endpoints.
AO
reviewer2049771
Business Manager at MN World Enterprise Private Limited
I would like to see them add features where we can use this license for mobile browsers, too - as we had a container kind of product under MDM. This can give us more confidence that when on the go, a user still has full access to our important and crucial data. They should be fearless while accessing this through our VPN tunnel.
Mobile handsets are now used for 40% of work to send mail or forward any kind of document. Securing users on mobile will give more confidence to users and higher authorities that will sometimes need to have access outside of the office for doing their financial or confidential transactions.
YK
reviewer1625493
Chief Information Security Officer at a consultancy with 1-10 employees
The tool is not too intuitive if you want to monitor and see the results to investigate in a layer. It's not easy to investigate an incident that you find in the company. Users often face trouble when downloading files, so it is very slow in terms of how it works. The tool is not very supportive of all the versions when it comes to the part of loading hash codes, so it may support SHA-1 but not SHA-256, meaning it doesn't support all the formats. Calling the support team for the solution doesn't help.
The support team of the solution lacks etiquette. The technical team of the product told our company that we need to get Check Point products through an official vendor only. Technical support for the solution is an area with issues where improvements are needed.
Buyer's Guide
Check Point Harmony Endpoint
March 2024
Learn what your peers think about Check Point Harmony Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
763,955 professionals have used our research since 2012.
Some areas of improvement could be :
1. Making the user interface on the server more intuitive and user-friendly.
2. Making it easier for the user to do tuning and configuration to the server or the client application. For example, to turn off notifications, the user should be able to do that with some clicks on the user interface instead of searching and reading about how to do it in the knowledge base first and then trying to do it.
3. Our application version is quite old, and Check Point already released a newer version for endpoint protection, which includes a cloud version. After doing some trials, we see that Check Point already made many improvements to the features and user interface.
View full review »We would love to have more endpoint hardware and software inventory, as well as tools to perform troubleshooting directly on the endpoint remotely.
A further point of improvement would be to be able to optimize the consumption of resources on the device.
We would also like the application control module to be further developed in future versions to include applications commonly used or maintained by Check Point in order to be able to configure blocking policies more quickly.
View full review »There are some "weak points" that have to be mentioned, including:
1) If the IT department is used to "cloning" endpoints (making images) you are going to have a hard time trying to install the product and you are going to end up reading a lot of Check Point documents.
2) If you are used to the granularity of roles features in Check Point Quantums products you are going to be a little bit disappointed. You can't set customized roles with customized read/write permissions.
3) You need a mature security team to manage this solution in order to get the most value from it.
View full review »GB
reviewer1957878
IT Manager at First National Bank in Philip
The Infinity Portal login is "iffy" at times. I would like to restrict it to only US traffic, however, due to the hosting in the cloud, it sometimes retrieves data from the EU and across seas.
Also, if there was a way to simplify the SmartConsole login more, there could be an opportunity to take away some clicks to log in. Navigating back to the browser to log in through that portal site just makes for a more extended login transition. Just have the MFA capability right there on the local application and be done with it.
View full review »Some problems that I have had with this and other Check Point tools in the cloud is when entering the portal since it stops responding or takes a long time to process a query and this causes delays and efficiency.
They should also add new functions such as threat hunting.
Finally, it should be able to implement with and have a good integration and interaction with Azure in the management of vulnerabilities, and data management that between the two can be integrated 100% with Check Point Harmony Endpoint and thus be able to make good automated management.
View full review »A robust threat intelligence integration could elevate proactive defense, offering real-time insights to anticipate and thwart emerging threats more effectively.
Enhanced behavioral analytics would provide a deeper understanding of endpoint activities, fortifying our defenses against sophisticated cyber adversaries.
Streamlined incident response tools within the platform would empower security teams to react swiftly and decisively in the face of potential breaches. Integration with emerging technologies, such as artificial intelligence and machine learning, could usher in a new era of adaptive and self-learning security protocols.
Furthermore, a user-friendly interface for custom reporting and analytics would empower organizations to derive actionable insights from security data. In this ongoing narrative of cybersecurity evolution, the inclusion of these features in the next release would undoubtedly fortify Check Point Endpoint Security as an even more comprehensive and dynamic guardian in the ever-expanding digital frontier.
View full review »VP
Vinod Perera
Sales Manager, Checkpoint at South Asian Technologies
I have clients who use very old Windows versions, so I have a few issues when attempting to install Harmony on some of the machines. At times, even with the latest Windows versions, the machines' performance gets slower. We still don't have a clear idea of what has been happening. If you take 100 PCs, two, three, or four are still troublesome when you attempt to install Harmony.
Also, the price could come down slightly, and I am not saying by a huge gap, but slightly. Even Sri Lanka's smaller customers have to buy a minimum quantity, and with Harmony Connect, they have to buy 50 licenses at once. If they could come down to 20, 30, or something like that, I should be able to sell much more. Some customers would like to have Harmony, but they have to buy a minimum quantity of 50. That's a bit troublesome for me as a salesperson.
CS
reviewer1954029
Head of Security and Operational Risk at Medianet
It would also be great to include DLP capabilities for the endpoint so that we do not have to deploy additional agents on servers or PCs or use additional products.
It would also be great to include FIM capabilities for the Endpoint so that we do not have to deploy additional agents on servers or PCs or use additional products.
It would be great if we could have additional DLP capabilities to identify personal information or any kind of information to comply with regulations that require information protection.
View full review »KS
Kuber Shukla
Senior Security Specialist at Tech Mahindra Limited
The solution has limitations if it's hosted on-premise or as a SaaS. You need to plan accordingly on the model that suits the organization. On-Premise, for example, does not support threat hunting. Hosting on the cloud will have an impact on the user who is connecting to a central location for internet access as it will add infra cost.
We also need to look over the expertise of the support executives who require more training and focus as well in this service area and if we can think over the cost of the product.
View full review »SJ
reviewer1853499
IT Security Manager at a manufacturing company with 1,001-5,000 employees
Unfortunately, the web (cloud) management system and log search performance are quite bad. Sometimes it takes longer to perform simple tasks and scrolling the results of the log is annoying due to frequent refreshes.
The exception management was always the Achilles' heel of Check Point products. It was a bit improved in Harmony, still, you can't for example exclude a site from anti-phishing form checks (which could take a few secs) while not excluding it from attachment scanning.
The forensics module still doesn't allow for HTTPS URLs entered by users. You are limited to DNS search or IP lookup. This doesn't make sense from a technical standpoint as the URLs are passing Harmony checks so they are known to the solution.
Anti-phishing cannot scan a form located inside an HTML e-mail attachment (which is a common practice in real-life attacks).
We did have some early compatibility issues, which I hope Check Point has since resolved.
As each project varies, anything that may be missing, in terms of features, would become obvious during a POC. Check Point has pretty much everything, however, it could be better in terms of working with Mac products. However, this is typical of other solutions and Apple.
View full review »FG
reviewer1853898
Engineer at Harbers ICT
It would be useful if you could also mark blocks as safe from a client. Now users always have to ask an admin to make exclusions.
In addition, it is also very desirable that there is support for Windows Server core machines.
In addition, it would also be useful if administrators could create exclusions directly from logging into the admin portal, instead of only being told where and how to add the exclusion. This will save work.
It would also perhaps be useful if you could connect from one endpoint directly to another tenant. Instead of having to roll out the endpoint again.
View full review »BW
reviewer2005803
Digital Coordinator at Modis
The current performance of Check Point Harmony Endpoint has impressed all the sectors in the organization.
Configuration with some applications did not take place effectively due to setup complications.
Interpreting the threat intelligence sensors may lead to poor data tabulation and slow performance.
The cost of deployment and maintenance is high, and many small enterprises may not be able to afford premium subscriptions.
The set security enhancement objectives have been achieved, and internet threats have been blocked effectively. I totally recommend this software to other organizations for reliable endpoint protection.
With Check Point, you will get your all required value-added features as per your requirements. That said, they need to focus on more scalability (as much as possible) so that the solution can run across all supported OS.
There are legacy OS concerns. It would be really helpful for them if legacy OS support could be extended up to Windows XP.
Aside from that, Check Point Harmony will be a suitable option for any type of organization.
View full review »JR
reviewer2037513
Project Manager at Digitas APAC
The system has comprehensive data management features that have saved us from incurring unplanned losses.
Timely updates and suitable configurations can block malware attacks and provide effective reports on security situations.
The setup process was complicated, however, when the customer service team came in, they provided productive guidelines that have kept the system working efficiently.
The next release should consider a strong threat detection mechanism that can categorize various levels of attacks for faster analysis.
VC
reviewer1961277
Implementation Specialist at NTT Security
Check Point is the best in the marketplace. As the EDR [Endpoint Harmony] there is a lot of enhancement in fixing the solution. We have observed some policies are not working as expected. We have observed a few cosmetic issues as well, however, it's fine.
Minor release should improve the stability and overall performance of the endpoint solution. Consumption of the endpoint solution should have clear visibility on day-to-day operation tasks that are being carried out also we should monitor the malicious IP address and URL for blocking the same.
View full review »Overall, my experience with the product is great, and it's a perfect endpoint solution for multiple purposes.
The solution can be made lightweight in order to keep the systems more effective during the background operations of the scanning and security checks.
The user interface of reporting dashboard needs to improve for a better understanding of the end users and the administrators.
The pricing of Check Point Harmony Endpoint can also be reduced. They are quite expensive at the moment.
View full review »SF
reviewer2008410
Software Engineer at Doddle
It has full performance capability to execute the given duties.
It blocks safe URLs sometimes when there are network interruptions.
The cost of deployment varies with the existing working conditions and the organization's size.
The cloud networking infrastructure can be attacked if there are limited security features and poor monitoring capacity from the IT team.
The overall performance impressed my team. Check Point Harmony Endpoint is the sure deal for enterprise security coverage and computing device control.
View full review »MK
reviewer1958124
CEO / direktor at S3Next
We need a higher maximum file size in the sandboxing feature.
Maybe the exceptions could be made much more understandable and easy to use.
There should be an option added to temporarily disable the protection of all or some blades for testing reasons.
The email and Office solution could have some options for exceptions, for example: don't scan e-mails sent to the local PDF scanner e-mail address.
Maybe an option to auto-upgrade the client version to the next stable release of the client software would be nice.
LD
Leo Diaz
Cloud Support at a tech company with 1-10 employees
We have few disadvantages or improvement points. However, the Infinity Portal sometimes requires more performance. It is a small detail. However, it could be improved.
On the other hand, it is also essential that the manufacturer improves the public documentation so that users can better understand how it can be implemented with best practices.
Finally, at the support level, we believe that Check Point can improve. Sometimes the answers are provided at dawn, which makes it more challenging to solve.
View full review »Mobile users are reluctant to actually use the solution.
Check Point should focus on providing more compliant solutions, such as compliant for cloud-specific solutions. The digital footprint can be minimized, and then the Legacy VPNs can also be streamlined. As of now, most of the connectivity partners use Legacy VPNs to connect to their DC or their service partners. Legacy VPNs and digital footprints should be minimized.
AD
reviewer1866651
Brand Manager at Corporation Sekiura S.A.C.E.I.
The Check Point Harmony Endpoint is a very complete solution. Even in the most basic version, it already includes EDR, which today is very important and something that all endpoint solutions should consider having from the most basic versions. We would like to have one more step and that's to give and have full-disk encryption.
Compared to other brands, we would like a dedicated anti-spam to be included in order to close the full circle. We could have it with Check Point Endpoint, mobile, cloud, or firewall. An all-in-one console would be great.
View full review »Check Point offers solutions with only a few features for our company's customers' sites. My company hasn't found any bugs or didn't find the solution to be complex. Features like zero phishing, sandboxing, threat emulation and extractions, malware detection, and EDR solution capabilities need to be included in the product. My company expects more granular EDR functionalities in Check Point Harmony Endpoint.
BK
Babu Kp
Technical Support at Hitachi Systems, Ltd.
The heartbeat interval must be improved. Sometimes, when we change the policy in the console, it does not reflect in the endpoint. Sometimes, we find it difficult to change the policy. The tool lags sometimes.
When we change the user password in the Infinity Portal, the password does not sync on time. There is a one-minute heartbeat interval from the server to the console. We have a graphical UI in threat hunting in which we can see the attacks. If audit logs have a similar graphical UI, it will be easier to analyze the logs.
In terms of improvement, the ticketing system could be better.
View full review »It is one of the best, however, with respect to its support on iOS and Android, it can improve a little more.
Something worth mentioning is the need for support in Spanish and better representation for teams in the Latin American area, where there is a growing demand for these IT services and new technologies.
Its guides are identical to the existing ones. These guides should be updated, and they should improve their design.
Let people try it, and it will quickly remote users.
View full review »NJ
reviewer1822314
Head of Infrastructure and Networks at a insurance company with 51-200 employees
There are a number of features behind paywalls which can be frustrating when you are already paying a premium.
The support is limited at times and can be quite slow, you are often directed to articles in the support center to read solutions for yourself. As a result, a lot of time has been spent reading Check Point articles on the online platform to increase knowledge around the product and further cyber security awareness in the team. It would be good to have a more direct route to remote support and demonstration.
View full review »The improvements that can be mentioned are few. The solution and its architecture are very well done.
The Check Point Infinity Portal sometimes has some latency or performance issues that are slightly worse, affecting user management. It cannot be improved by the customer.
We would also like to make the documentation for more modern solutions like the Harmony family easier to find. That way, we can implement these solutions with the best practices recommended by the manufacturer.
View full review »This is one of the most innovative solutions due to the fact that it includes many real-time content filtering features, management, and assurance of the transactions of what went in or out of our peripherals. That said, it is important to integrate other solutions to continue innovating in the market.
I would very much like to have the opportunity to see applications access at the web level and have applications from different brands and devices give simplicity to the management that we are going to need in the future.
The patch management and upgrades are not timely. It doesn’t require downtime, though. We want to enable continuous email services without any downtime. The product must provide integration with emerging technologies like AI and machine learning. It will help predict and minimize security threats, malware, and phishing attacks.
View full review »SP
reviewer1850805
Sr. Data Scientist at a tech vendor with 10,001+ employees
More development in Linux may help, however, the fact that the product could also have some more documentation as suggestions on what to do may also help.
The product may take some time to navigate at first but apart from that the log ingesting and working on getting a client installed may take some time.
I would like to see more automation.
Also, encryption management is not made available in all versions but if it could be extended that would be great. Sometimes it may take some slight delay, however, it's nothing too bad.
View full review »A little change in the product's user interface is required since it is one of the areas where the product has certain shortcomings. Sometimes the product's page doesn't load at all, and sometimes it does. The position of the tabs and the other stuff on the product page needs to change a little bit.
I think the product's deployment process is much quicker in Mac devices, and it takes a bit more steps for Windows and the area, which needs a bit of improvement so that some balance is created when it comes to the steps in the deployment phase.
Considering last year, the pace at which the technical support team is progressing is a bit slow, making it an area where improvements are required.
Perhaps the software could be made more resource-efficient. While many improvements come to mind, I don't have them readily available. Essentially, I aim to enhance the software's efficiency so that it places fewer demands on computer resources.
View full review »
BM
reviewer1777338
Supervisor Tecnico at Grupo MCoutinho
Customization of UI should be a little better in terms of application UI and messages that are displayed when something is blocked or non-compliant. URL filtering should allow for time-based rules, for example, don't allow media streaming during work hours yet allow it on weekends.
The same applies to application control. When in our headquarters, we can solve this on the Check Point Firewall. However, the Harmony client does not support this type of condition, and we had to find a "middle ground" between policies and usability for our clients.
View full review »MA
reviewer1821144
IT Security Officer at a tech services company with 1,001-5,000 employees
Sometimes the portal loads slowly which should be improved.
There should be an easy option for the administrator to turn off or disable malware protection on a specific asset or computer instead of adding a specific asset in a Disable group as that will make it easy for the admin to disable if and when required for some testing purpose. I would like this feature to be added.
Logs searching also needs to be more quick and enhanced and more metadata should be stored in the logs for Endpoint for a better view for admins.
View full review »I would like to see this same solution being able to link with the services of different corporate networks as if they were a remote access VPN extension and thus not require additional licenses. We'd like to be able to integrate several products and services into one to be more efficient and user-friendly within the infrastructure.
View full review »MB
reviewer1835919
CISO at a financial services firm with 51-200 employees
Everything can always be improved. Specifically, there are gaps when it comes to security.
View full review »For the future, I would like to see maybe a content-filtering emulation feature in Harmony Endpoint. It would already be cataloged in the app. It would help filter other types of characteristics that we have in our equipment, and allow us to see the ones that are also very vulnerable. We'd like to have everything integrated into a single solution that communicates with the cloud.
View full review »Check Point Harmony Endpoint could improve by allowing it to work on older systems by reducing the system requirements. Since our systems are dated we can only use the antivirus module features.
The price of the product could be more friendly.
View full review »Check Point Harmony Endpoint's agent is a bit heavy.
Check Point Harmony Endpoint should probably support more in Linux as well.
View full review »Check Point Harmony Endpoint could improve mobile device management (MDM).
View full review »RF
reviewer2300304
Virtualization & Workplace Consultant at Outscope
The solution needs better reports and centralized logs. They need to take up fewer resources for consumption.
View full review »Buyer's Guide
Check Point Harmony Endpoint
March 2024
Learn what your peers think about Check Point Harmony Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
763,955 professionals have used our research since 2012.