Check Point Harmony Endpoint Reviews

We started using the solution during the pandemic. We have a distributed team globally. We have different devices like PCs, mobile phones, and tablets. We can easily connect with our employees and users across the globe. Our priority is to secure our devices and the end systems of the clients.

Security is a major concern. We want to secure our tools and products because we generally get emails of financial transactions from our customers. It contains personal details. We wanted a solution in which any malicious or suspicious emails or threats could be identified. So, we implemented Check Point Harmony Endpoint for our customers and employees.

The solution protects us from imminent threats like ransomware, phishing, and malware. It has the fastest recovery features. The tool minimizes the impact of a breach with autonomous detection and response. The best features are vulnerability and patch management. It helps us ensure optimal endpoint security posture. It also provides browser security when using Microsoft Edge, Google Chrome, or Mozilla Firefox. The solution is compatible with almost all browsers. It enables secure and fast private internet connectivity and browsing experience.

The patch management and upgrades are not timely. It doesn’t require downtime, though. We want to enable continuous email services without any downtime. The product must provide integration with emerging technologies like AI and machine learning. It will help predict and minimize security threats, malware, and phishing attacks.

I have been using the solution for more than three years.

The tool is stable.

The tool is scalable. If we increase our user base and the number of clients, we can scale the solution accordingly.

Check Point has a solution architecture and consulting team. The team provides excellent support over the phone and through emails. The team also provides on-site support.

Positive

The solutions we previously used were not focused on securing emails. We have used Microsoft, Google, Cisco, and Palo Alto Networks.

It is a cloud-based solution. The initial setup is quite easy.

The pricing is reasonable.

Check Point is a good solution if an organization needs a secure end-to-end security and malware protection solution. I recommend the tool to others. It is a big competitor for Palo Alto and Cisco. It is fully optimized in terms of cost and features for any organization. Overall, I rate the product a nine out of ten.

Our use case for SandBlast Agent is that our team is set up in multiple geographies, such as, India, Sri Lanka, UK, North America, and Australia (where we have a bit of business). We have courses for an educational client which need go to market, schools, instructors for hire, and students. Given that there was COVID-19 and a lockdown, there was an increase in the digital demand for learning courses. So, we wanted to secure our courses from cyber attacks. Thus, we wanted an end-to-end security system in place that would prevent/save us from cyber attacks and protect our sensitive data.

Systems can be accessed on multiple devices, whether they be laptops, Macs, Windows, or mobile devices. Those devices could be connected to a home or public network on a platform, like a Chrome browser, Mozilla Firefox, or Safari. We have been able to track this through reports by seeing how vulnerable those agents are to attacks. Then, we determine how they can become more secure, so we can stay on the cloud and mobile devices. These are the areas where we are trying to use their reports and tighten our security, putting more systems in place to prevent attacks.

Cognizant had a malware attack recently, as the threat of cyber attacks has increased, and a lot of customer data was compromised. However, because this Check Point SandBlast technology was there in place, we were able to thwart the cyber attacks that were attempted. Most of the time, these attacks are college kids trying to do some phishing attacks or look into sensitive data. With SandBlast, it is possible to identify those attacks at the very source, preventing those attacks and keeping us secure.

Going forward, we are planning to extend it to authors and professors who are helping us author our content. For example, if there is an author who will be taking help from various professors in university or instructors in schools, then they will need to get their inputs. What happens is they expose their course to those authors on their networks, devices, laptops, mobiles, or tablets. They access the course through an application. Now, those authors and professors don't have an app login because they might be a third-party vendor. So, we are trying to have the SandBlast Mobile version on this site as well, based on the impressive performance of SandBlast, so our data remains secure and more users are able to utilize our systems and access our data. This will make it more valuable for our end users.

On the coverage part, there are malware, phishing, operating system exploitations, denial-of-service attacks, and man-in-the-middle attacks (MITM), so we have classified the attacks that can happen on a learning, educational system, like ours into five to six categories. With SandBlast Agent deployed in the cloud, we have good coverage to cover these attacks, as it is very extensive. The best part is (through our reports) we were able to identify the type of attacks. So far, our security has been 100 percent. We have not felt that a data breach has happened, so we are pretty happy with SandBlast Agent.

SandBlast Agent is always working in the background collecting sensitive data, forensics, and notifying users whenever there is a chance of a brute-force attack into our systems. Otherwise, it has been protecting our data at various geographies along with the endpoints that we set up on the cloud. They have been able to filter out or thwart any attacks from the very word, "Go," and make our work very safe and smooth. 

We set up reports, which were weekly or biweekly. Then, our admins, who are mainly working with SandBlast Agent, were able to look at daily reports or even more granular reports, hourly or daily, based on their customizations.

The automated part keeps it running in the background. It only gives us notifications when there have been major attempts to breach data. We also have reports that show logs for what external, unauthorized systems tried to access the data. Through those reports, which are automated in the background, we are able to do what we want in order to keep our systems secure. We feel the automation part is pretty good with this application.

It needs more documentation and better ease of deployment. For documentation, it needs more information about integrating the endpoints on SandBlast Agent mobile as well as on desktop platforms.

I have been using this solution for six to eight months.

The SandBlast Agent is stable. Our users can work on a laptop, remote device, or tablet with this app running in the background. If an attack event is triggered, then the user and administrator both get alerts. The impact of this application running in the background on the battery life or on any other application is negligible; the battery performance is not impacted. It is such a digital world. Users are always now online and on social media, so they need to feel that their personal data is also not compromised. 

Our key 15 users maintain the solution.

We have around 15 key users, but it is being used to monitor over 1,000 users across the globe. We are planning to scale it up to 1,500 users/authors in North America alone for Q4. We have also certain authors who are coming up in Sri Lanka and Australia.

We are looking to scale this up on mobile devices and tablets. We want to see how the performance will be there. With portable devices, people are sitting in a Starbucks, cafeteria, or in a public area, and we want to see how the security is established on a public network. So far, we have seen that it has been quite good during these COVID lockdowns. People who have been working from home have it also installed on shared networks with two neighbors or a group of people, which is prone to attacks. So far, it has been good, but we want to see the performance when we roll out to more users.

We had a legacy system in place before using SandBlast Agent. The features, efficiency, and our pre-existing relationship with Check Point drove us to going with SandBlast Agent.

When we were working with their team, it was easy to go ahead with the setup. However, once we started doing it for our users on our own, we found it to be a little complex and needed more help. So, we came back to the SandBlast support team for help.

When we had to do a second deployment, including the next 10 members from the team of 15, we found that the documentation for the initial setup wasn't thorough. Our team had to reach out to the customer support, and they were good. However, from a deployment point of view, a little more documentation would have been helpful.

The deployment took approximately three months.

Our deployment strategy was that we wanted to be digital and do things on the cloud.

We worked with the SandBlast team for deployment and that was completed in under three months. We had our initial trial period for two weeks. We had a team of four to five members who worked with the SandBlast teams from a deployment point of view. Everything went pretty smoothly. 

Our experience with the Check Point support team was pretty good. They were able to help us with the deployment and integration for collaboration apps, like Slack, Microsoft Teams, or Jira. They also were able to help us with internal apps. So, they were able to help us with all those integration points, which was really helpful.

The staff involved was four to five members. However, we felt that if the SandBlast team was onboard, then we didn't need that many people. We could do the deployment with two members from our side and somebody helping from the SandBlast side.

If we have to look in terms of qualitative value, there has been good ROI. That is why we are planning to go ahead with the scaling of bringing more users onboard and having our security being taken care by SandBlast.

The solution has reduced the number of security analysts we have needed, enabling them to work on things they didn’t have time for before. From the automated reports point of view, we always used to feel that for whatever legacy system that we had in place we had to do more work to capture the area we wanted in our reports. With SandBlast Agent, we are able to do that through automated reports and its inbuilt functionality for reporting.

Due to a combination of factors, we now have three security analysts instead of six. So, we are almost down to 50 percent of team strength from the point when we started using SandBlast Agent. We have been able to cut down the cost after starting to use this platform.

One of the key factors that made us go with this solution was the pricing. 

On the licensing part, there was an initial complementary set of licenses offered in the initial onboarding package, either 15 or 20. Then, we had some complementary licenses in the initial purchase of the package. That was pretty useful.

We did explore one more option, which was an offering from Microsoft. The features, efficiency, price point, and pre-existing relationship that we had with Check Point made us go with SandBlast Agent. 

Some of SandBlast's features include ease of deployment on cloud and mobile device coverage, which is our future coverage area. We found that it gave us good operational efficiency on mobile devices. It runs in the background, providing coverage for various parameters in the logs and triggering alerts to users and administration only when there is an attack. Otherwise, it is able to block the attack, URL, or user in the background before notifying them. These are some of the features that stood out and differentiated it from Microsoft Windows Defender.

In this digital ecosystem, we need to secure our data at every moment and have something in place, like SandBlast, to keep our networks scanned at each moment. You never know where the next attack is coming from: malware, phishing, denial-of-service attacks, man-in-the-middle attacks, etc. Therefore, we need to be on the lookout for these type of attacks and any other unauthorized URLs trying to get into our systems to access data for any purpose. 

Have a system in place to keep your data secure. You should definitely give SandBlast Agent a try. It is worth it. The solution is very secure and has very impressive features.

I would rate this solution as an eight out of 10. We are very impressed and happy with the features, its stability, reports, and the parameters covered in the reports. 

We were searching for a next-generation antivirus solution, and this was the best choice on the market.

We have 25 users who work from home and the office.

All computers have Windows Professional version 10 or 11 installed.

We implemented a policy in which every client (either PC or mobile) has to have the Endpoint protection software installed with all the available blades.

Our company's cyber security monitoring process includes centralized product monitoring. 

The product improved the overall security of our organization with the features like sandboxing and phishing prevention.

We have centralized monitoring of the security of the clients even if they are not connected to our VPN network.

The e-mail and office solution is a great add-on to our existing Office 365 protection on our company's e-mails.

I also have to mention that we did not have our mobile devices protected before the implementation of Harmony mobile. That was really the next step in securing our company's overall IT security.

The sandboxing is good. We didn't have any file ransomware attacks since implementation.

The phishing protection works. It prevented a lot of nasty situations with fake websites.

Using this solution in e-mail and Office, we recognized how many man-in-the-middle attacks have been started to get some credential information from our employees.

In mobile, we didn't realize before how much harm can be done from the mobile devices in the network.

It replaced the ESET solutions we used before in our company.

We need a higher maximum file size in the sandboxing feature.

Maybe the exceptions could be made much more understandable and easy to use.

There should be an option added to temporarily disable the protection of all or some blades for testing reasons.

The email and Office solution could have some options for exceptions, for example: don't scan e-mails sent to the local PDF scanner e-mail address.

Maybe an option to auto-upgrade the client version to the next stable release of the client software would be nice.

We have been using this solution for more then two years.

We didn't have any stability issues. We always use the stable releases of the client software.

The solution offers very good scalability.

So far, support is very good. I recommend them.

Positive

We used ESET, which was not satisfying.

It was straightforward.

We implemented through a local implementor.

The protection it gives to the clients is priceless.

Get in contact with your local Check Point solution provider to give you an offer regarding the implementation.

We evalute the Fortinet solution.

We use the solution in hospitals. 

The tool's most valuable feature is its ability to support Windows 7 and other legacy products. We still have users for such systems in the Philippines. I also like its threat-handling and forensic capabilities. The tool is easy to navigate, read, and digest, and its detection capabilities are also good. The solution has good reports that are easy to read. 

Check Point Harmony Endpoint's GUI is old. It needs to have a modern dashboard for logging activities. Compared to other products, the solution is slow in terms of deep scanning. 

I have been working with the product for three months. 

I rate the solution's stability an eight-point five out of ten.

The tool has many modules and is scalable. I rate it an eight-point five out of ten. 

I rate the tool's deployment ease an eight out of ten. The process takes less than a day. In our case, however, it required at least three hours because we were doing a demo for Windows 7. We also needed to update the endpoint, which involved some installation requirements.

I rate the solution's pricing a five out of ten. It costs around ₱2,200 per endpoint. 

Our customers are mostly medium enterprises. You need to be patient with the scanning. The solution will help you with prevention and detection. I rate the overall product a nine out of ten. 

When it comes to Check Point Harmony Endpoint, I have not dealt with any of our company's clients yet since I am still in the discovery phase.

The most valuable features of the solution are web protection and threat prevention.

A little change in the product's user interface is required since it is one of the areas where the product has certain shortcomings. Sometimes the product's page doesn't load at all, and sometimes it does. The position of the tabs and the other stuff on the product page needs to change a little bit.

I think the product's deployment process is much quicker in Mac devices, and it takes a bit more steps for Windows and the area, which needs a bit of improvement so that some balance is created when it comes to the steps in the deployment phase.

Considering last year, the pace at which the technical support team is progressing is a bit slow, making it an area where improvements are required.

I have been using Check Point Harmony Endpoint for a year. My company has a partnership with Check Point Harmony Endpoint.

Stability-wise, I rate the solution a ten out of ten.

Scalability-wise, I rate the solution a nine out of ten.

My company mostly caters to the needs of small companies where the solution is used.

I rate the technical support an eight out of ten.

Positive

I rate the product's initial setup phase a ten on a scale of one to ten, where one is a difficult setup phase, and ten is an easy setup process.

The solution is deployed on the cloud.

The solution can be deployed in around ten minutes.

I recently started to look for the prices of other products in the market and found out that Check Point Harmony Endpoint is cheaper than most of the other available solutions in my country. Price-wise, the product is affordable. There are no additional costs apart from the licensing charges that are attached to the product.

Check Point Harmony Endpoint is a really good endpoint security solution because it comes as a full package. With the solution, there are not many additional costs for add-on features, especially when compared to the costs of the add-ons offered by other solutions in the market.

I rate the solution a ten out of ten.

I use Check Point Harmony Endpoint in my company to secure the endpoint devices, including computers, servers, and every single endpoint in the environment.

Check Point Harmony Endpoint offers customers enterprise-level security for all their devices, including servers, laptops, and desktops. The IT personnel can ensure that with the product, all of the devices in an environment are protected with Check Point's enterprise-based solution. The customers who buy the product need not worry about their devices being exposed to threats. In fact, if you check the reports for Check Point in Gartner Magic Quadrant, you will see that the reports are all related to Check Point's endpoint security solutions. Customers try to get information on the value they can derive, along with the other potential prospects in the market, before trying to get or onboard Check Point Harmony Endpoint in their environment.

For IT personnel, Check Point Harmony Endpoint is easy to manage since they don't need to have any expert in order to deploy or monitor devices with the help of the product, and it also allows you to try out different actions on different devices. Whenever there is an attack on any device, Check Point Harmony Endpoint has the capability to isolate the affected device from the environment. Suppose there is an attack on one computer. In that case, the security of the other computers operating in the same environment is compromised, so Check Point Harmony Endpoint isolated the affected computer and notified the required department in the company to look into it while allowing for the other computers to work properly. The product offers good value to the companies that deploy it in their environment.

I would have to describe what I feel is valuable in Check Point as a whole. Check Point provides users with a central point from where they can manage all the devices across a workplace. Whether users use Check Point Harmony, Check Point Quantum, or Check Point CloudGuard, they don't have to log into different portals or solutions since they can manage everything from one central point. I like the fact that products from Check Point are very easy to deploy. Even if a user has 1,000 endpoints in an environment, Check Point can take care of the deployment in minutes. Check Point Harmony Endpoint is a very easy solution to deploy and requires very little maintenance or technical expertise.

I would like to see improvements in Check Point Harmony Endpoint in general because some people use it since it is available at a competitive price. Due to the competitive pricing strategy of Check Point Harmony Endpoint, it is not considered to be a good product, like Fortinet, Palo Alto, or F5. Check Point Harmony Endpoint needs to consider that people should feel that Check Point doesn't compromise on quality even though the price at which Harmony Endpoint is offered is good. People who claim that Check Point Harmony Endpoint is a cheap product don't necessarily mean that it is not a good solution. Fortinet is a very expensive product that offers good value to its customers. If Check Point can work on the value proposition it offers to customers and make them understand that even though the solution is affordable, it is not a bad solution compared to its competitors, then it would be fantastic. The potential customers can opt for Check Point products, considering that they are offered good products at the cheapest price in its categories. It is important for Check Point to ensure that people don't have a wrong perception about the products it has launched in the market.

I don't think there are any features I would like to include, and the tool offers updates when compared with the products from competitors, which I think is a good way to do it. The only challenge is that for many organizations where there is an MDM solution in the environment and an endpoint security tool, my company needs to educate such organizations to convey the message that endpoint and MDM solutions are different products for different purposes, so they are not the same. If Check Point Harmony Endpoint can incorporate MDM into the solution, it can be a fantastic enhancement. Customers need not buy endpoint and MDM solutions if both are made available together in Check Point Harmony Endpoint. My company will have to put extra effort into educating the customers and making them understand the two different solutions. MDM is used to manage your mobile devices, and Check Point Harmony Endpoint is the security for your endpoints.

I have been using Check Point Harmony Endpoint for over three years.

It is a stable solution. My company has not received any complaints regarding the product's stability from our customers who use the solution.

It is a very scalable solution.

My company had to contact Check Point's technical team for the installations that my company carried out when we had to deal with around 40 devices that had firewalls from Check Point, which had reached the end of life. For Check Point Harmony Endpoint, my company never had any reason to contact Check Point's technical team.

Starting with the pros, I would say that Check Point Harmony Endpoint provides value for money. After purchasing Check Point Harmony Endpoint, you need to consider the fact that the cost you pay for the solution and the value you derive from the product is very proportional. When it comes to Check Point Harmony Endpoint, I can say that a user does not pay high prices for a poor solution. A user pays a decent fee for a very good product. I think the first pro is that the value you get from the solution is made available at a very competitive price. The product is seamless and easy to use. With the centralized portal, a user can manage all Check Point products, including Check Point Harmony, Check Point Quantum, or Check Point CloudGuard, from a single point, which is also a fantastic pro for Check Point. Regarding the cons of the solution, I would say that it stems from people's perception of the solution since they feel that an affordable product may not be good enough. There is a need to work around people's wrong perception of Check Point products. Still, I don't know if such a negative perception is something that is widespread across the globe or whether it is exclusive to Nigeria or the markets in Africa. Check Point needs to work in areas like branding and other value propositions to make products stand out in the market despite the solutions being more affordable than the ones offered by competitors.

The product's initial setup phase was straightforward. The product's deployment was done in minutes, so it didn't take long, as there was no need to do any special configurations. There was no need for the people involved in the deployment to have any special skills. The deployment process was seamless and straightforward. The product's deployment was never an issue. The IT department need not worry too much about whether they need to learn new skills to manage the product as it is easy to use and deploy and a product that can be used seamlessly. The product's deployment takes around 30 to 40 minutes.

I work with the solution's SaaS version.

I don't think Check Point Harmony Endpoint is difficult to maintain. I think there is a possibility of scheduling your updates in Check Point Harmony Endpoint, even if you want it to happen outside your working hours, like somewhere between eight o'clock in the evening and midnight. I don't think maintenance is stressful because it can be scheduled outside of working hours.

I would recommend others to use the product since the deployment process is seamless, so you don't need any specialized skills to use the portal provided by Check Point to monitor your devices. There are no specialized skills required to support or maintain the solution. It is also very easy to implement the product. You can keep a tab using the centralized portal offered by the product. In general, the product makes the life of the IT department easier since you need not worry about a lot of the technical stuff related to the solution.

From my point of view, I need to put in extra effort to convince my company's customers to use the solution. In terms of the features and the product's ability to deliver the promised value to its customers, especially when compared to other solutions in the market, I rate the overall product an eight out of ten.

Check Point Harmony Endpoint Detection and Response is a very useful tool in combating vulnerabilities and threat actors. We have rolled it out across the business to all systems in our estate. 

It is very easy to perform vulnerability scans, view present vulnerabilities, and understand the ratings applied by the software. This allows us to focus on which areas are most at risk across the company. 

It was easy to install the agents to our physical and cloud devices and enabled targeted response to zero days.

As an IT infrastructure and security team we are now able to prioritize and target specific, higher-risk vulnerabilities, making our environment more secure. 

The ratings allow us to get a feel for the urgency of a vulnerability and apply it to our use case. We are also able to mitigate lower-priority vulnerabilities with suggested fixes and can add exemptions for false positives or acceptable risks. 

We are able to report current cyber security posture to the board and we are able to assign remediation tasks to team members. 

Resource overheads have been reduced and we are overall more secure as a business.  

We have found the combination of vulnerability scanning, rating, and remediation most valuable in the platform and the feature is vital to our everyday security hardening. 

We can effectively target vulnerabilities with suggested fixes and automate patches where relevant. 

There is a constant flow of newly added features and improved functionality is regularly made available by the Check Point team. 

Customer communication around zero days and other emerging threats is a great addition to the service.  

There are a number of features behind paywalls which can be frustrating when you are already paying a premium. 

The support is limited at times and can be quite slow, you are often directed to articles in the support center to read solutions for yourself. As a result, a lot of time has been spent reading Check Point articles on the online platform to increase knowledge around the product and further cyber security awareness in the team. It would be good to have a more direct route to remote support and demonstration.  

We have been using Check Point Harmony Endpoint for around one year within our company. 

We have had very few, if any, stability issues with the solution.

We previously used Rapid7. It was costly and had limited agent scanning timescales.

The setup is nice and straightforward with a lot of hand-holding from the team.

We would try to add exceptions for false positives or mitigate threats earlier to clean up the experience.

Our primary use case is to enhance the organization's security posture against attacks like phishing, and malware especially zero-day threats, with low false positives. The product must be able to integrate with the existing infrastructure with relative ease. 

We need detailed reporting and forensics analysis tools for incident response, and the management console must be user-friendly.

We need to improve operational efficiencies in managing endpoints and thousands of users, given the increasing number of remote workforce. There should be minimal impact on endpoints.

The management interface of the product is relatively user-friendly and easy to navigate.

The product manages to block most zero-day attacks and unknown threats in real-time, thus reducing the manual overhead by being the first layer of protection against unknown attacks, easing the workload on the monitoring team, and enabling the team to focus on other tasks simultaneously.

Overall, the product enhances our organization's cybersecurity posture with its comprehensive set of features, supported by a leaner monitoring team.

The product is quite easy to configure and can be deployed in under half an hour.

It has a centralised management console, single panel to triage, escalate, mitigate and respond.

The agent is lightweight on the endpoints and operates seamlessly in the background with minimal impact on the performance of the endpoints.

It has features like firewalling, removable device control, VPN, app control, DLP, file sandboxing, ransomware protection. which can be turned on or off per endpoint, groups, employees.

It should reduce CPU and memory usage. Its technical support could be more timely though it is still acceptable.

It is painful to get deep informational logs to be exported to a SIEM as Check Point requires a user to use its tooling Horizon.

At times, it repeatedly scans the same files without any effective results.

It lacks granular management and configuration.

Additionally, users may encounter challenges with the product's components not performing as anticipated, necessitating the manual addition of exclusions across various areas.

We have been using Check Point Harmony Endpoint for less than three months.

The stability is acceptable.

The scalability is okay.

The support could be faster.

Neutral

The setup could be done in less than 30 minutes.

The licensing is pricy, so weigh the pros and cons.

We looked at CrowdStrike and Palo Alto.