Check Point Harmony Endpoint Reviews

Our primary use case is to enhance the organization's security posture against attacks like phishing, and malware especially zero-day threats, with low false positives. The product must be able to integrate with the existing infrastructure with relative ease. 

We need detailed reporting and forensics analysis tools for incident response, and the management console must be user-friendly.

We need to improve operational efficiencies in managing endpoints and thousands of users, given the increasing number of remote workforce. There should be minimal impact on endpoints.

The management interface of the product is relatively user-friendly and easy to navigate.

The product manages to block most zero-day attacks and unknown threats in real-time, thus reducing the manual overhead by being the first layer of protection against unknown attacks, easing the workload on the monitoring team, and enabling the team to focus on other tasks simultaneously.

Overall, the product enhances our organization's cybersecurity posture with its comprehensive set of features, supported by a leaner monitoring team.

The product is quite easy to configure and can be deployed in under half an hour.

It has a centralised management console, single panel to triage, escalate, mitigate and respond.

The agent is lightweight on the endpoints and operates seamlessly in the background with minimal impact on the performance of the endpoints.

It has features like firewalling, removable device control, VPN, app control, DLP, file sandboxing, ransomware protection. which can be turned on or off per endpoint, groups, employees.

It should reduce CPU and memory usage. Its technical support could be more timely though it is still acceptable.

It is painful to get deep informational logs to be exported to a SIEM as Check Point requires a user to use its tooling Horizon.

At times, it repeatedly scans the same files without any effective results.

It lacks granular management and configuration.

Additionally, users may encounter challenges with the product's components not performing as anticipated, necessitating the manual addition of exclusions across various areas.

We have been using Check Point Harmony Endpoint for less than three months.

The stability is acceptable.

The scalability is okay.

The support could be faster.

Neutral

The setup could be done in less than 30 minutes.

The licensing is pricy, so weigh the pros and cons.

We looked at CrowdStrike and Palo Alto.

We primarily use it to provide security solutions for small to medium-sized companies with ten to fifty employees.

The standout features are primarily EDR and MDR. These functionalities are crucial because they specifically target the most common attack vectors, such as email phishing and downloading unknown software. EDR provides a solution for monitoring and responding to these threats effectively. Additionally, MDR ensures round-the-clock monitoring by skilled personnel from Check Point's team. They promptly alert us to any significant events, allowing us to take necessary actions swiftly.

Improvements are required in two key areas: notifications and setup simplification. Notification integration primarily relies on software, which is not commonly used by most small companies. Additionally, the setup process within the dashboard is overly complex, with numerous checkboxes and options that necessitate at least a week of training to comprehend fully. Simplifying this process through a wizard or a more intuitive interface would greatly benefit smaller companies.

I have been working with it for several months.

It provides outstanding reliability. I would rate it ten out of ten.

Scalability is a challenge due to the need for different appliances to accommodate varying user counts and traffic levels. When businesses experience growth or sudden increases in users, acquiring and deploying new appliance packages can be cumbersome. Availability of stock and deployment timelines vary, sometimes resulting in delays of days or even weeks to implement new hardware appliances. I would rate it six out of ten. We serve approximately five or six customers, with the largest having around fifty endpoints, which is considered small to medium-sized in scale.

The technical support provided is excellent, earning a rating of ten out of ten.

Positive

The initial setup was complex, with a rating of three out of ten in terms of difficulty. Implementing the entire solution, covering everything from networking to setting up Office 365, proved to be intricate and challenging.

The deployment time varies depending on the complexity of the case. For simple installations, we estimate approximately one week for completion. However, for more intricate setups involving thorough configuration and fine-tuning, the timeframe extends to three to four weeks. Our deployment process begins with in-depth analysis and discussions with the customer to understand their specific needs and infrastructure, including any special features they utilize, such as on-premise email with Exchange. We initially deploy a standard version with a standardized setup, followed by a review period to assess its effectiveness. Subsequently, we fine-tune the configuration based on feedback and requirements, which typically takes about a week. Finally, we roll out the refined setup to endpoints, servers, and other relevant components.

In comparison to other software solutions available on the market, it comes at a higher price point. However, the price is justified considering the robust features it offers. I would rate it nine out of ten. They provide fixed packages based on the number of users.

Overall, I would rate it eight out of ten.

Check Point Harmony Endpoint has one of the most user-friendly dashboards I've seen.

Check Point Harmony Endpoint's agent is a bit heavy.

Check Point Harmony Endpoint should probably support more in Linux as well.

I have been working with Check Point Harmony Endpoint for one and a half years.

Check Point Harmony Endpoint is a scalable solution.

Check Point Harmony Endpoint's pricing is more competitive than any other vendor. Since it is growing, the solution gives better prices than any other in the market.

It is easy to integrate Check Point Harmony Endpoint with other vendors.

Check Point Harmony Endpoint is easy to implement. I recommend Check Point Harmony Endpoint to other users.

Check Point Harmony Endpoint is a good product. Check Point Harmony Endpoint and SentinelOne are the only two products that can compete in the endpoint space.

Majorly, we push Check Point Harmony Endpoint to our customers. Other than Check Point, if something comes up, we go with SentinelOne. We only sell CrowdStrike when the customer asks for it. We position Check Point Harmony Endpoint and SentinelOne depending on the customer's requirement.

Sentinel One has a bit better breach prevention rate. If a customer needs a consolidated security solution and anti-ransomware protection with ransomware 2.0, then Check Point Harmony Endpoint is the best solution over SentinelOne.

Overall, I rate Check Point Harmony Endpoint ten out of ten.

There are many factors that make Check Point Harmony Endpoint as the main solution for our end-to-end system and data security of the organization. 

The primary use case of Check Point Harmony Endpoint, in our case, is to monitor every node against viruses and digital vulnerabilities, which keeps a 24/7 check over the happenings and keep us alerted against any unforeseen. 

The most important benefit of this solution has a single agent for security purposes and offers great stability during any heavy performance activity.

It has improved the overall security of our organizational digital well-being and made things and monitoring processes a lot easier and more straightforward. 

Integration with third-party servers and data endpoints and 24/7 background security checks are very useful for us and has been very instrumental phenomena in keeping things simple and secure for us. 

It has the ability to configure with any type of system and operating environment, which is great and makes it a more useful product for multiple business entities. 

The most important benefit of this solution is having a single agent for security purposes. 

Its stability during any heavy performance activity is excellent. 

It has improved the overall security of our organizational digital well-being and made things and monitoring processes a lot easier and more straightforward.

Integration with third-party servers and data endpoints and 24/7 background security checks are very useful for us and has been very instrumental phenomena in keeping things simple and secure for us. 

It has the ability to configure with any type of system and operating environment, which is great and makes it a more useful product for multiple purposes.

Overall, my experience with the product is great, and it's a perfect endpoint solution for multiple purposes. 

The solution can be made lightweight in order to keep the systems more effective during the background operations of the scanning and security checks. 

The user interface of reporting dashboard needs to improve for a better understanding of the end users and the administrators. 

The pricing of Check Point Harmony Endpoint can also be reduced. They are quite expensive at the moment. 

I've used the solution for two years.

We found it to be 99% stable and smoothly runs in the background.

It is a scalable solution and everything can be easily monitored, and data can be maintained.

Customer service is great and always helping us with quick solutions.

Positive

It was straightforward to set up and deployed over the cloud.

We implemented the solution via in-house teams.

We've witnessed a positive ROI.

It is a great cost with high-end Check Point features within reasonable cost brackets. You must try it.

Overall this is a great solution with a lot of benefits and ease of use. 

We use Check Point on our 500 computers to protect them from viruses and malware. The network is a protected local area network with limited connectivity to the internet. Not all computers are connected to the internet; only users with the necessity to connect can access it. We also increase the protection from viruses/malware by disabling USB ports for mobile storage. With all the protection steps taken, we still see that antivirus is a must to have as standard computer protection.

With all security steps taken to protect the network, viruses and malware still appeared in the network. Check Point Harmony Endpoint (endpoint antivirus) has helped our organization by preventing further damage to the computers and the network by detecting and taking appropriate action (quarantine, clean, delete) to viruses and malware. 

By doing this, our organization's business can maintain its operational state without any significant disturbance, and that is the most important thing to achieve.

Some of the most valuable features from Check Point include:

1. Its ability to run real-time scans in the background and detect all the malware and viruses while taking action to clean the system from the threat.

2. On-premise centralized management, so the client can do signature updates locally and save the internet bandwidth.

3. The reporting feature where we can see and monitor what happened on our client computers. For example, which client has out-of-date signatures, which client is infected by what virus, et cetera. 

Some areas of improvement could be :

1. Making the user interface on the server more intuitive and user-friendly. 

2. Making it easier for the user to do tuning and configuration to the server or the client application. For example, to turn off notifications, the user should be able to do that with some clicks on the user interface instead of searching and reading about how to do it in the knowledge base first and then trying to do it.

3. Our application version is quite old, and Check Point already released a newer version for endpoint protection, which includes a cloud version. After doing some trials, we see that Check Point already made many improvements to the features and user interface.   

I've been using the solution for five years.

Tthis solution runs with good stability.

If we deploy it on-premise, we should see the server hardware requirement first and match it with the number of clients we want to handle.

Customer service gave good support when we needed it. For example, when we need support on renewing the license or when we need to upgrade the client version, they have a quick response time to deal with the problem.

Positive

We did use a different solution previously. We switched as we want to use the same brand for our NGFW and our endpoint protection.

The setup was quite straightforward. We installed the server first and then made the client installer. If you have an active directory on the network, you can install it with push installation. That said, we don't have it, so we needed to install the client by accessing the client directly.

We implemented the product together with the vendor and an in-house team. The vendor team has good knowledge when it comes to implementing the product.

At the time we purchased it, the licensing was separated into some modules. There were antivirus modules, data protection modules, and full modules if I'm not mistaken. You should make sure that the module you choose fits your requirement. 

We evaluated the ESET antivirus.

Check Point has released their new product on endpoint protection, which includes a cloud version. You could try it for free to see if this product matches your needs before purchasing it.

It provides encryption for operating systems and protects browsers against malware, benefiting both new and old customers.

When using Check Point Harmony Endpoint, performance issues may occur, although not necessarily a ransomware attack. The endpoint might consume excessive resources from the machine, which can impact its performance.

We have partnered with Check Point Harmony Endpoint.

We have 25 endpoints using this solution.

Email support works fine, but it needs to be on the phone.

Positive

The deployment is not complex if you have to manage it. The installation can be done directly if the customer has a good knowledge of Microsoft systems. However, we have to install it manually, which can be difficult, especially when replacing all the old agents.

If the customer doesn't have an IP directory, we only put one person in it. We are deploying up to 1500 endpoints with only one person, maybe in two weeks. If the customer doesn't have an active directory and has 100-200 endpoints to install, we normally have to use three security engineers.

I rate the initial setup a nine out of ten, where one is difficult and ten is easy.

We have a particular case where today's endpoint provides complete security against ransomware. It runs effectively from work. It is about eighty to ninety percent effective.

The pricing is high because we lost several customers to Trend Micro and Symantec. Latin America and Columbia particularly have high prices. It was probably fifty percent more.

As a partner, Check Point provides us with the best protection. We can also arrange a demo or discussion to showcase the protection features and advantages to our customers.

Overall, I rate the solution an eight out of ten.

I work as a consultant for a company where the solution is needed as an EDR solution. After my company made comparisons between a few companies, we felt Check Point Harmony Endpoint won, considering the pricing model that it offered in the market. The company that uses the product wants to set up a big business for some local authorities with the help of the EDR functionalities provided by Check Point Harmony Endpoint, which is why Check Point is also trying to push its product into the market.

The most valuable features of the solution stem from the EDR functionalities it provides to users, as it does its work properly.

The tool is not too intuitive if you want to monitor and see the results to investigate in a layer. It's not easy to investigate an incident that you find in the company. Users often face trouble when downloading files, so it is very slow in terms of how it works. The tool is not very supportive of all the versions when it comes to the part of loading hash codes, so it may support SHA-1 but not SHA-256, meaning it doesn't support all the formats. Calling the support team for the solution doesn't help.

The support team of the solution lacks etiquette. The technical team of the product told our company that we need to get Check Point products through an official vendor only. Technical support for the solution is an area with issues where improvements are needed.

I have been using Check Point Harmony Endpoint for two years. I work as a consultant for a company where the solution is used.

It is not a stable solution because if users find a problem with it, they have to disable the product.

Stability-wise, I rate the solution a six out of ten.

It is easy to use the scalability feature of the product since users just need to acquire more licenses.

Scalability-wise, I rate the solution a ten out of ten.

The product is used mostly by small-sized businesses.

I rate the technical support a four out of ten.

Neutral

CrowdStrike, SentinelOne, Cynet, and Fortinet FortiGate are a few of the solutions that I have worked with in the past. Among all the solutions that I have used to date, CrowdStrike is the best.

I rate the product's initial setup phase a seven out of ten on a scale of one to ten. Compared to Check Point Harmony Endpoint, the deployment process of CrowdStrike was much easier.

Compared to Check Point Harmony Endpoint, the deployment process of CrowdStrike was much easier as it could be deployed in hundreds of locations in two hours. Check Point Harmony Endpoint's deployment process takes a week to be completed. Check Point Harmony Endpoint's deployment process takes time since there are many troubles, as my company has to meet with the client to conduct certain checks, owing to which it cannot be deployed through a central management process.

The number of people required to take care of Check Point Harmony Endpoint's deployment process depends on the organization's size. One good engineer is enough to take care of the product's deployment process. Having ten engineers without knowing the product or issue cannot help a user deal with the tool's deployment area, and it is usually the same for each product deployed in any company.

I rate the product price a four on a scale of one to ten, where one is low, and ten is high.

The problem with the product is that Check Point tries to push it to the market. FortiGate, a firewall solution I purchased for the first time around twelve years ago, was very cheap because Fortinet had to push the product into the market. Users can get it for good prices only during the beginning phase of the tool.

Our company has to make yearly payments towards the licensing charges attached to the solution. There are no additional charges attached to the product apart from the licensing costs attached to the solution.

The maintenance of the product is difficult since it is something to be done online.

To those who plan to use the solution of the future, I would say that they get the support involved in the contract before purchasing the product.

I rate the overall tool an eight out of ten.

With every new firewall that we're purchasing, we're deploying the SandBlast Agent. At the moment we're only running it on about 20 firewalls, just because the licensing isn't retroactive. What we need to do is produce a proof of concept to say, "This is the stuff we're getting." We're looking at it in a learning mode and then we can consider getting into a more aggressive mode of stopping everything. At the moment, we're trying to use it to give us information rather than to fully stop everything.

It's deployed on our physical firewalls, on-prem.

We have seen some attempted ransomware in our network. With the firewall we've already got IPS, but we wanted to integrate the endpoints into that as well. That's something we are seeing. Our IT risk team are getting those reports and seeing them and seeing fewer potential attacks.

It reduces potential downtime through ransomware by reducing risk. I don't think I would go to the CEO and say, "Hey, we've completely eradicated this and that," but it certainly complements other Check Point products that we have. It gives us some more information about what is happening and where it's happening on the network, on-prem, on the applicable firewalls. It's hard to say exactly what it has improved because it just works very well with what we've got. Certainly, with our Windows environment and our VPN, we do see a lot more. But I don't know if there's just more of a focus on the reporting, as a whole, that we're getting.

We have had previous ransomware attacks, and while we can't necessarily quantify any downtime or loss, there certainly was risk around that. This has reduced our risk in that environment. That's one of the big focal points. From a network operational point of view, could you ask, "Well, has it reduced things?" and the answer is "no," but from an IT-risk point of view, our IT risk team have certainly seen less impact from attacks. We're more proactive than reactive, compared to how we were doing things before.

We don't see it leading to a reduced number of security engineers. What we do envisage is information and empowerment. Rather than manually having to check this, that, and the other, we're looking at having these tools available and for them to produce actual results. We definitely see this tool helping us do that.

It's pretty complete for preventing threats to endpoints. Its capabilities are great.

The solution's automated detection and response capabilities are pretty good. It really depends on how aggressive we want to be with it. We've not deployed it in the most aggressive way you can, such as shutting down everything, because we've not deployed it in a greenfield site. It has not been deployed with that in mind. It has been deployed as an add-on service. As such, we don't want to be as aggressive as some top security firms would recommend we should be.

We do like the product, although there are quite a few things that we're asking our Check Point account team to enhance, where we think we probably could get more features from it.

We use a couple of Check Point products, like SmartEvent, and SandBlast Agent is not really integrated into that. We haven't gotten the reports working yet. We are working with the account team and trying. As I said, it's still relatively new in terms of what we're trying to achieve. We probably should have had more Professional Services come and help us. But, from our company's point of view, especially at this time in the market, the finances are just not there. But from what I've seen so far, I don't think there's enough integration into SmartEvent. That's something that I've asked our account team to try to focus on in the next versions or as an enhancement request.

Integration and deployment are probably the weakest points, and maybe service as well, although they are still at the high end. Would we go out to market and buy this on its own? Probably not, is the honest answer. But because it is a Check Point product and the licensing comes as part of it, it gives us this time to go and prove that, when it's together with all the other products that we have from Check Point, it certainly integrates very well. Would I go and buy this just as a standalone service if we didn't have Check Point firewalls? Probably not.

We're relatively new to Check Point SandBlast Agent, once they put it onto their firewall platform with the new environment. It comes built-in for the first year, including the cost. We've sampled it, starting about four months ago.

We had seen it work before. We had demos with it, but it was always something that seemed would be a nice feature to use, but not something the business wanted to buy into, per se. Now that it comes as part of the package for the first year, we thought we'd give it a go and see how it gets on.

I've had no problems from a stability point of view. It just seems to work.

It's definitely scalable. It's whether there is a business appetite. When we get a new firewall, we'll enable it and run it through the service. It's scalable to retrofit. We could do that and we could run that very easily, but that would involve a commercial spend, which at the moment, no one wants to do. We understand that, but the solution is certainly something that is of interest to various people.

If we get approval then it will move from a PoC to across-the-board. At that point, there would be between 100 and 200 people using it and thousands of agents. It could be scaled out to our whole organization. Again, it's funding-dependent.

We have Diamond Support, so it's very good, but we pay for the privilege. We have one engineer and a separate TAC team.

We had a solution but it wasn't really a similar solution. This is the first of its kind for us, for what it does. We do have antiviruses, so that the machines aren't just dead, and we do have our own hybrid package of something that, if you add four of them together, maybe adds up to half of this, but no similar package.

It's relatively easy to set up. There's plenty of documentation out there for how you do it. The way we've done it is probably the easiest way of doing it. We're not going all-out. We've gone with a small approach, mainly due to commercial reasons.

Our implementation strategy is just to switch it on in our new firewalls and see what happens, honestly. That's not always the best approach, but we switch it on in learning mode to give us information on what's out there and to see what we didn't know.

It took us about three weeks with the first two firewalls, and that doesn't include the firewall build time. That's just setting up everything else and the integration piece. There were two of us involved, me and a colleague. There were "dotted lines" into others, such as our IT risk team where we were asking, "Hey, is this what you want to see?" We're not really offering it as a full service, it's a PoC. If it goes live with a view to deploy it to all of our firewalls and all of our endpoints, I wouldn't say we would need any more people. It would be part of our operational team. The same is true for the risk team. I don't think we would need to get more people, although we see the IT risk team having more of an input.

We did it ourselves.  Potentially, if I had an open wallet and a blank cheque book, would we use a third-party? Yes, of course we would, but at the moment that option is just not there.

Return on investment would be not being attacked. Have we seen any? No. Has it identified certain things? Yes. The way we've got to look at return on investment is, all of a sudden we're less vulnerable to attacks. That's a hard measurement to define. Ultimately, not being attacked, and our reputation, is worth a lot more than just a dollar figure.

The cost-effectiveness of SandBlast is knowledge and understanding what is happening on our network. Do we have some infections? Are we seeing certain things which, without this tool, we would be exposed to? Yes, we are seeing that.

Licensing comes free in that first year or is included in the base package. From a commercial point of view, it really just is the renewal cost, rather than a one-time fixed cost or buy-in. That's for new firewalls. For existing firewalls, we haven't even gotten to that point yet. They don't even want us to look at the pricing. First, we need to think about what the product does. Does it do what it says on the tin? And if it does, then it's a commercial thing. We have quite a good commercial model with Check Point, so we don't really need to worry about that too much. The pricing should be good.

The licensing, the way they've changed it, is a positive and a negative. Ultimately, Check Point has changed how it operates and now we have to go back and retrofit.

If this does everything it says it does, I don't see any reason that we would use a different product, because this integrates so well with existing Check Point products.

What we've gained is more of an understanding of what's on our network. If I were to go and do this again from scratch, I probably would have looked to integrate more with our Check Point sales team and would have gotten more help from them.

My advice would be to involve your SE. He can help you through a lot more of the options when you deploy.

We don't use the solution’s Management Platform for the creation of virtual endpoint management services in the cloud. We haven't got to that cloud point yet. It's something we could do, potentially. We're going to work with our account team about that. But that's the one of the lessons learned: We did it by just playing around with it rather than doing a full deployment.

I would rate it at nine out of 10. What comes to mind is its effectiveness. Normally, I don't get involved in the costing too much. Is it doing everything that it said it was going to do? Yes it is, at the moment. Could it be enhanced more? Sure. But we have a relationship with Check Point and they do deliver on the RFEs for us. If we say we want it to do this, they'll get their engineering team looking at that.