Check Point Harmony Endpoint Reviews

We are an international systems integrator company for Check Point Endpoint Security software solutions.

It's easy to deploy Check Point. If you try to download files or if you try to access any website, Endpoint will secure the activity. The malware will not be permitted to enter from the internet or USB drives. 

The SandBlast agent is the most valuable feature for Check Point Endpoint Security. We've found that the Check Point SandBlast agent is mature.

The remote deployment with Check Point Endpoint Security requires improvement. We have to depend on some of their deployment tools. 

I would like a dependable system endpoint protection management tool or remote deployment tool. The deployment on the remote client needs some type of tool to implement it.

The stability of Check Point Endpoint Security is quite good. One single install is enough. You can forget about it. Then it just takes care of scanning and updates. 

The beauty of Check Point Endpoint Security is the forensics. The forensics are very complicated too and it is easy to understand if some malware has entered into your PC. 

With Check Point forensics, they provide a pictorial diagram in the materials when malware is downloaded, when it is activated, when it is trying to contend with it, and when it is quarantined. 

Across the entire Check Point Endpoint Security software package, the network reports are really good.

For maintenance, one or two employees is more than enough. We have about 30 users total in our company.

The technical support from Check Point is really awesome. They initiate a call once they find a result. From the charts, alerts, and reports, you can reach out to support. 

If you share your phone number, they will call. Check Point provides us with really great support. Unless the issue is resolved, they will not disconnect the phone.

We also used Symantec and some of their anti-malware products. Once we tested Check Point, we realized that it's a lot better. 

The initial setup of Check Point Endpoint Security was very easy. What we found was that they redesigned the entire UI, now called Infinity. Infinity is the new platform they evolved.

The Infinity platform gives us good results and is easy to manage. The entire process is straightforward. The deployment did not take much time, maybe close to three hours.

With Check Point Endpoint Security, you can go with the Suite license or you can go with the individual Blade license. I recommend the Full Suite license.  

Check Point Endpoint Security is not 100% compatible with Kaspersky and Symantec products. You can go only with Endpoint, i.e. you cannot mix with a competitor's solution.

It could be a good solution because they have multiple ways to handle the licensing model. If someone requires an encryption license, it is extra and not included in the base license. If you have any intellectual property, then the financial investment will be worth it. 

If you compare Check Point Endpoint Security to Kaspersky, Kaspersky has two types of suites. One is the Select plan and one is the Advanced plan. If you go with their Advanced plan, then that will collect all of the web confidence reports, many of which vary. 

Check Point Endpoint Security is easier for the administrator compared to Kaspersky, in terms of alerts and reporting. The admin receives regular reports and each report says how many total Windows versions are there, how many Office instances there are, etc.

Each product will have a unique set of advantages and different backgrounds, but when it comes to security, we are happy to go with Check Point Endpoint Security.

We also looked at Kaspersky. 

The anti-malware we found very good on Check Point Endpoint Security. Mainly we observe the overall deployment and then maintenance is easy. It is only one click and you can deploy everything.

Whoever wants their data secure, and they want to have peace of mind, make sure to go with the anti-malware capabilities on the SandBlast Agent. 

We consider Check Point Endpoint Security to be one of the best systems for SAP. 

The zero-day anti-exploit solutions should be there with Check Point Endpoint Security. Because of the budget, people keep the software, but my advice is that it is also a must-have software. You should have SandBlast Agent along with the anti-malware capabilities installed. 

I would rate it a ten out of ten. 

We use the solution for multiple purposes such as endpoint protection, organizational malware attack tracking and maintaining, blocking of IP addresses, domain and URL blocking, and prevention and detection, according to the purposes we follow. 

Check Point is the best in the marketplace for next-generation firewalls. In combination with Endpoint Security, it proves to be stable, error-free, and up-to-date with the latest fixes and solutions available. 

Earlier in our organization there was normally an antivirus which was used to check endpoint protection and policies according to what was applied. However, the detection of endpoints was not up to date with real-time analysis. 

There is a lot of gap in analysis. The malware reports and signatures were not updated in real-time. There was no blocking of Suspicious URLs or domains in real-time. As we using Check Point in DMZ. We purchased the license and implemented it in the UAT zone for the best outcome as per the organization's requirements.

The most valuable aspects of the solution are the real-time endpoint analysis and blocking mechanism, the detection of malware and threats is the best use of this technology. 

As we have the stability of this product and best practices solution is applied to the infrastructure as endpoints have a clear view of the statistics and performance. 

Also, we have monitored the server level where it's been protected from the outside world. The CPU, memory, and hard disk consumption and compromisation are good. 

The dashboard has also been user-friendly and easy to understand.  

Check Point is the best in the marketplace. As the EDR [Endpoint Harmony] there is a lot of enhancement in fixing the solution. We have observed some policies are not working as expected. We have observed a few cosmetic issues as well, however, it's fine. 

Minor release should improve the stability and overall performance of the endpoint solution. Consumption of the endpoint solution should have clear visibility on day-to-day operation tasks that are being carried out also we should monitor the malicious IP address and URL for blocking the same.

I've used the solution for four or more years.

The stability is the best in the marketplace.

The scalability is the best in the marketplace.

Their technical support is the best in the marketplace.

Positive

We did not previously use a different solution.

The initial setup is straightforward.

We handled the setup with an in-house team. I'd rate the experience foud out of five.

The ROI witnessed is the best in the marketplace.

Check Point is the best in the marketplace. It's a good EDR and the cost is minimal.

We did not evaluate other options.

Check Point Harmony Mobile was provided through an installed agent which has very light protection against malware and ransomware, among others. 

In our country, many ransomware threats have been generated at the country level, for which it was worrying that we had kidnapping or encryption of our data. At the management level, the request was given to provide additional security to protect us. The tool has been very good.

We tested this Check Point tool to assess the performance of our endpoints, and shield them safely while increasing the protection of our platforms.

Our company wanted to provide an additional layer of security for our endpoints. We already manage Check Point with different tools, We have done very well with them and we have validated how Check Point Harmony Endpoint works to protect our endpoint equipment. So far, it works quite well.

We have seen the reports of attempted attacks and we have been able to provide a solution to these vulnerabilities. There is less malware in our infrastructure.

Its characteristics are quite good.

The characteristic that most attracts our attention is the administration portal. It doesn't require a management server since its licensing and management are through the Check Point Infinity Portal. It is very intuitive and easy to implement.

The way in which the agent is installed on the computers is very easy, it does not consume almost any performance of the server or final computers, in this way there is no need to worry about increasing resources to be able to protect them with Check Point Harmony Endpoint.

We love the reports and monitoring they provide. It helps us quickly see what vulnerabilities we have on our endpoints.

We have few disadvantages or improvement points. However, the Infinity Portal sometimes requires more performance. It is a small detail. However, it could be improved.

On the other hand, it is also essential that the manufacturer improves the public documentation so that users can better understand how it can be implemented with best practices.

Finally, at the support level, we believe that Check Point can improve. Sometimes the answers are provided at dawn, which makes it more challenging to solve.

The solution is a very good security tool. It was used this year at a test level and everything works very well.

Previously we only had or used Microsoft's antivirus or endpoint, however, we had all non-centralized security. Through this tool, we can centralize everything in the Infinity Check Point Portal.

Licensing is per endpoint, which is why we think is good. The cost is competitive, and its features are very good.

We validated several manufacturers, however, we did not want to have separate solutions. It seems to us a better option to have only Check Point.

I recommend this security tool, it is always important to test the tool at the test level to decide if it is what you are looking for.

We use Harmony on every PC to add additional protection primarily to file downloads. We use it alongside our classic AV solution (non-Check Point). Every file is scanned via Threat Emulation (virtual sandboxing) and Threat Extraction (sanitizing files by removal of active content).

The anti-phishing module scans every new web form, that the user is trying to enter data in. Based on visual similarities to known sign-in websites (like Microsoft Azure's) it blocks the phishing ones that are similar.

The forensics module allows us to retrospectively search for a wide number of events on all PCs (for example for now-known malicious URLs or files)

Harmony mainly filled the gap in e-mail security, allowing us to check what the user has clicked (and blocks it when needed).

It also has a nice phishing form detection blocking users from entering their credentials on many real-life phishing websites.

The forensic log search (as described above) allows us to quickly do a retrospective search for a file or URL that we found malicious.

The features come in handy during Covid-related extended remote work times, when we were able to provide better security to our employees working off-premises.

The most valuable features are threat emulation and threat extraction. Despite some false positives, it gives quite good security for file downloading.

Phishing form detection based on on-site similarity (not only on URL) has at least 50% efficiency in real-life examples that passed our antispam systems (and most of the false negatives are pretty general forms, which are not so convincing to the user).

The forensics allows us to search retrospectively for an URL or file opened by users, for example, when you need to quickly check who else has clicked on a phishing link.

Unfortunately, the web (cloud) management system and log search performance are quite bad. Sometimes it takes longer to perform simple tasks and scrolling the results of the log is annoying due to frequent refreshes.

The exception management was always the Achilles' heel of Check Point products. It was a bit improved in Harmony, still, you can't for example exclude a site from anti-phishing form checks (which could take a few secs) while not excluding it from attachment scanning.

The forensics module still doesn't allow for HTTPS URLs entered by users. You are limited to DNS search or IP lookup. This doesn't make sense from a technical standpoint as the URLs are passing Harmony checks so they are known to the solution.

Anti-phishing cannot scan a form located inside an HTML e-mail attachment (which is a common practice in real-life attacks).

I've used the solution for one year.

Cloud management performance is sometimes quite bad for day-to-day tasks, although it is not related to the number of endpoints.

If you limit browser extension via GPO, there might be conflicts with Harmony's that generally overwrites your config in some modes (per user vs per device enforcement).

Pricing isn't cheap, especially if you want to extend forensic log retention period from default one week.

It's still being actively developed and still needs some improvement.

In general, it's quite good now regarding security and might get even better.

We primarily use the solution for protecting our endpoints from malware. We've provided features to group the endpoints and apply specific policies by including or excluding them in a certain policy group. 

It's great for endpoint security and protection. We are using the VPN feature as well to connect to the corporate network of our organization, which is a good feature. It's used for scanning malware and other malicious files on endpoints which greatly enhances our security posture for endpoints, including Windows and Macs and other operating systems as well. 

Check Point Harmony Endpoint benefits a lot to organizations by providing endpoint protection. There is centralized management through the Harmony portal, which is really nice. 

It is quite easy to use and deploy the agent on endpoints to protect them from bad actors. 

Daily signatures updates are really good and helpful in protecting against zero day vulnerabilities and exploits. 

The firewall and application control greatly improves our security posture. End users are unable to install any suspicious or malicious apps in our environment. 

The sandblast agent, policies implementation, and logs are quite valuable aspects of the solution. 

Threat emulation and anti-exploits are great features to protect the endpoints. 

The remote access VPN within the endpoint agent is quite easy to set up and use. 

The Harmony portal allows us to do a single sign-on using our active directory which makes the life of admins easy. 

Harmony Endpoint scans all website before opening and also scans fields on the website that protects from XSS and CSRF attacks which is really an advanced level feature. 

The endpoint scanning tools are quite enhanced and detect most malicious files. 

Sometimes the portal loads slowly which should be improved. 

There should be an easy option for the administrator to turn off or disable malware protection on a specific asset or computer instead of adding a specific asset in a Disable group as that will make it easy for the admin to disable if and when required for some testing purpose. I would like this feature to be added. 

Logs searching also needs to be more quick and enhanced and more metadata should be stored in the logs for Endpoint for a better view for admins. 

I've been using the solution for two years.

We started using the product months before the start of the pandemic. It is a robust solution for the protection of endpoints. It contains the classic antivirus, however, it has anti-bot and disk encryption functions (FDE) as well as the integration of a sandboxing for the consultation and download of files in a safe way (whether they are downloaded from a page or from an email).

It is a very complete tool for users who need to be able to connect from home or some other public access point since it has a VPN service, in addition to different layered-in security solutions.

The addition of Check Point's Harmony Endpoint as the main security tool for the company's collaborators has represented a reliable source of security since updates can be executed automatically or manually, as may be required. 

There's the possibility of being able to do the administration from the Check Point portal, maintaining control and visibility of the different security events at all times. 

Admin users are able to access an adjustable dashboard that shows the most relevant information about the status of the endoints and the statistics of threats found.

Without a doubt, the best security feature is Full Disk Encryption (FDE). In cases where the endpoint is stolen or lost, you are sure that the information will not be accessible without the access password being the correct, maintaining the confidentiality of files at all times.

In addition, if someone tries to extract the physical disk and places it as a removable disk in a PC, they will not have access to the information either, since the files are still encrypted, ensuring that this method of extracting the information does not work without the decryption key. 

They could be focused on the analysis of USB devices. It has the ability to block the use of USB storage memories until it is completely scanned for any virus or threat. We need to ensure that the USB device will not be available until the scan has been completed, however, this may represent a malfunction when using other tools such as Rufus, as, by blocking access to USB drives, Harmony Endpoint will block access to these drives, thus Rufus will not be properly detecting USB drives and therefore it cannot operate properly.

I've used the solution for one year and eight months.

I have had almost no problems with the execution of the software agent and it is very useful when I need to do research on the internet.

It is fully scalable by scheduling updates from the console. When the agent is updated it will be necessary to update the PC, however.

As a user, I have not had contact with the manufacturer's technical support.

Neutral

We did not use a different solution.

Although it is an intuitive configuration, due to the variety of blades available, it may take some time to complete the configuration. Everything will depend on the number of blades a company needs to configure.

We handled the implementation in-house.

Licensing is based on sizing and based on the number of users and the desired security blades. All versions include access to the Check Point web portal for administration.

We did not evaluate other options.

By acquiring this tool, companies will have a robust and reliable solution for endpoint protection.

Kaspersky is suitable for small and medium-sized businesses (SMB), while Harmony is for enterprise segments. There are different requirements for enterprises versus SMBs. At an SMB, one administrator handles the firewall, network, and endpoints. You have more specialization in an enterprise. So at a larger scale, where you have a 5,000 or 10,000 users use case, Harmony helps pinpoint where security is lacking on a particular machine. 

Harmony's endpoint sandboxing is really good.

I haven't had any difficulty deploying Harmony for up to 5,000 users.

Check Point support is really good.

Harmony is very easy to deploy.

Check Point Harmony is definitely pricier compared to other endpoints.

I rate Check Point Harmony 10 out of 10. It's a unique product. It's the best in this class. I feel that Harmony is better than Crowd Strike or any other similar solution in that class. However, I would like to see more competitive pricing and better training for partners. 

Previously, one of our clients was using Symantec and we provided POV to them with Check Point SandBlast agent after that customer found that it's very easy and stable to use after E83 version released.

There were many bugs or cosmetic issues that Check Point rectified and provided the stable version.

It helps us to detect running malicious activity in our network and after the COVID situation, most users are working from home where it becomes very difficult for IT admin to maintain security so such type of solution definitely helps us to prevent cyber attacks.

Compliance check, anti-malware, Media Encryption Full disc encryption, Forensic behavioral ransomware protection are some type of feature that Check Point provides with a single dashboard console. It gives overall host information about when any malicious activity has found and what action by which security blade has taken. So starting from firewall bladed to forensic / ransomware blade it gives us finite detail information on the host. So most of the security load has been transferring to the endpoint which is perfectly doing their work.

Most of EDR solutions which detect malware based on AI or ML. Check Point provides the most sophisticated attack vector information by combining these two. The forensic analysis gives detail information about host compromised how exact payload was executed and bots were communicating and how it prevents them.

Anti-ransomware createS a copy of your entire disk in case any suspicious activity founded then it automatically restored all files to its last backup file date so even after the system gets compromised by ransomware still we get hope to get all data safely.

Stability.

We know that Check Point has a very good database about threats even Check Point tries to make this EDR stable still there are some issues we were facing after upgrading or taking TAC to help its got resolved but Check Point really needs to work on metadata.

Check Point agent to Server communication many times got interrupted or cloud-managed infinity portal dashboard gives many issues while creating policy or installing uninstalling agent or packages.

Heavy load on the system gives issue which can be in a different manner.

2 years.

Needs to work better.

can be scaled upto high value

TAC team is helpful.

Symantec to Check Point.

Not too easy. Need to have basic understanding and require to take local Check Point engineers to help sometimes.

We are a vendor.

Cisco  AMP.