Check Point Harmony Endpoint Reviews

Check Point Harmony Endpoint Detection and Response is a very useful tool in combating vulnerabilities and threat actors. We have rolled it out across the business to all systems in our estate. 

It is very easy to perform vulnerability scans, view present vulnerabilities, and understand the ratings applied by the software. This allows us to focus on which areas are most at risk across the company. 

It was easy to install the agents to our physical and cloud devices and enabled targeted response to zero days.

As an IT infrastructure and security team we are now able to prioritize and target specific, higher-risk vulnerabilities, making our environment more secure. 

The ratings allow us to get a feel for the urgency of a vulnerability and apply it to our use case. We are also able to mitigate lower-priority vulnerabilities with suggested fixes and can add exemptions for false positives or acceptable risks. 

We are able to report current cyber security posture to the board and we are able to assign remediation tasks to team members. 

Resource overheads have been reduced and we are overall more secure as a business.  

We have found the combination of vulnerability scanning, rating, and remediation most valuable in the platform and the feature is vital to our everyday security hardening. 

We can effectively target vulnerabilities with suggested fixes and automate patches where relevant. 

There is a constant flow of newly added features and improved functionality is regularly made available by the Check Point team. 

Customer communication around zero days and other emerging threats is a great addition to the service.  

There are a number of features behind paywalls which can be frustrating when you are already paying a premium. 

The support is limited at times and can be quite slow, you are often directed to articles in the support center to read solutions for yourself. As a result, a lot of time has been spent reading Check Point articles on the online platform to increase knowledge around the product and further cyber security awareness in the team. It would be good to have a more direct route to remote support and demonstration.  

We have been using Check Point Harmony Endpoint for around one year within our company. 

We have had very few, if any, stability issues with the solution.

We previously used Rapid7. It was costly and had limited agent scanning timescales.

The setup is nice and straightforward with a lot of hand-holding from the team.

We would try to add exceptions for false positives or mitigate threats earlier to clean up the experience.

The platform's most valuable features are the ability to build API, which meets our business requirements, and the VPN client, which provides VPN access from a single client. Both features offer significant advantages from different perspectives.

From an improvement perspective, the major challenge we've faced with Harmony is the support. While the technical features and xRail-based aspects are good, support still needs to be improved. However, this concern could be addressed effectively if they focus on improving support.

We have been using Check Point Harmony Endpoint for the last three or four years.

The product is scalable.

Overall, technical support for all Check Point products has been a concern, but improvements have occurred recently. They are making significant changes, and the support is now more stable.

Before implementing Check Point Harmony Endpoint, we used a similar solution called Trend Micro SMAX.

Check Point Harmony Endpoint is easy to integrate with any Avaya platform. The interface is very user-friendly. In terms of promotions, the product is visible in the market.

I rate it a nine out of ten.

We were looking for a solution as complete as possible to replace the existing antivirus and, if possible, integrate it with other products that we have, such as the CheckPoint firewall.

We decided to use the Check Point SandBlast agent to prevent ransomware on users' computers.

We subsequently expanded the scope of the solution to detect malicious activity on our network.

It is a very complete product but you have to know how to parameterize it well to avoid high CPU consumption.

It is also missed that it does not have a client for Linux.

Check Point SandBlast Agent allows us to centralize all the security software used in a console and avoid, mainly, ransomware in the company.

Many of our users have laptops to carry out teleworking, with this tool we can secure their web browsing, and in the event of suffering some type of attack, the computer is notified by SandBlast Agent and provides information about it and the security actions carried out. It even allows you to restore files modified during the attack.

You also have the option of performing a forensic analysis of the infected computer by providing a lot of information.

What we liked the most about the product, apart from detecting any attempted attack, is the graphical interface.

The graphical interface is very easy to use and intuitive, which greatly facilitates the work and greatly facilitates the work and the location of threats on the users' computers.

We also highly value the anti-ransomware functionality, which creates a copy of the files on the computers and in case of infection by ransomware is able to restore them to a date when the computer was not infected.

It is a very complete product but you have to know how to parameterize it well to avoid high CPU consumption.

SandBlast Agent had moments in which it had a high load, we escalated it to the CheckPoint support that helped us to stabilize it. We had a problem with the parameterization of the solution. Once corrected by following the CheckPoint instructions, everything worked normally again.

It is also missed that it does not have a Linux client since some administrators use this type of operating system.

I have been using SandBlast for over 1 year now.

It is a very mature product that provides great stability in service.

It is a very mature product with good performance. Currently we have not needed to use its scalability.

Our experience with customer service and support is very good, the support is totally professional and responds quickly.

Positive

Previously, we used third-party antivirus software and switched to Check Point SandBlast Agent for its ease of integration with other Check Point products and to improve protection against ransomware.

Initial setup is easy, policies and user groups are defined and then applied. Then we adjusted the policies until we got what we needed.

We implemented it with an internal team and when we had doubts, we consulted the manufacturer's support with a totally satisfactory result due to their great experience.

Currently we have not quantified our ROI but we have avoided the loss of information on user computers due to viruses, ransomware, ...

The cost of the solution is similar to other products on the market.

We have been evaluating other products, such as Bitdefender and Broadcom (Symantec Enterprise).

It is a very complete product but you have to know how to parameterize it well to avoid high CPU consumption.

It is also missed that it has no client for linux.

In our organization, we are creating Trusted, Untrusted, and DMZ zones. 

We use URL filtering, antivirus and threat prevention, as well as detect and monitoring of all the outside traffic that enters the organization. 

It downloads the latest signature from the Check Point database for anti-malware and it keeps my laptop clear from malware files and attacks. 

We are now able to regularly scan after implementing this product and now we feel happy. In many ways, it made us feel safe. 

We have installed this tool for every user.

The Harmony vendor is excellent at providing various features and updates regularly. 

The main advantage of the solution is the ability to implement complete security policies for the terminals in order to address how apps are installed on corporate devices. 

It secures our organization from attacks from ransomware, malware, et cetera. 

The most important feature is the file scan capability. It saves us from attacks by modified files. In this way, we secure our internal traffic from outside attackers.

The below features are most valuable:

1) Anti-malware

2) Threat protection with signature

3) Anti-ransomware

4) Anti-phishing (support for all leading browsers)

1) Anti-malware (to detect and prevent malicious activity)

2)  Threat protection with signatures to prevent the threat on the basis of a signature. Signatures are stored in the database. 

I would suggest that the Check Point team always allocates an SME to all the vendors before implementation. This will help when the endpoint agent cannot integrate with another product or third party. It could expand the functionalities too. In addition to security functionality, they could incorporate Mobile Device Management (MDM) functionalities such as remote device management, administration of installed applications, et cetera. 

The solution needs more alerts to warn of attacks. 

I have used this product for the last two years.

We did not use a different solution previously.

The setup is somewhat complex the first time, however, it is not too complicated or difficult.

We implemented this product as per the organization's requirements. We did it ourselves.

Our ROI has definitely improved after installing this product.

It is a fair price and according to the quality of the product offered.

We primarily use it to provide security solutions for small to medium-sized companies with ten to fifty employees.

The standout features are primarily EDR and MDR. These functionalities are crucial because they specifically target the most common attack vectors, such as email phishing and downloading unknown software. EDR provides a solution for monitoring and responding to these threats effectively. Additionally, MDR ensures round-the-clock monitoring by skilled personnel from Check Point's team. They promptly alert us to any significant events, allowing us to take necessary actions swiftly.

Improvements are required in two key areas: notifications and setup simplification. Notification integration primarily relies on software, which is not commonly used by most small companies. Additionally, the setup process within the dashboard is overly complex, with numerous checkboxes and options that necessitate at least a week of training to comprehend fully. Simplifying this process through a wizard or a more intuitive interface would greatly benefit smaller companies.

I have been working with it for several months.

It provides outstanding reliability. I would rate it ten out of ten.

Scalability is a challenge due to the need for different appliances to accommodate varying user counts and traffic levels. When businesses experience growth or sudden increases in users, acquiring and deploying new appliance packages can be cumbersome. Availability of stock and deployment timelines vary, sometimes resulting in delays of days or even weeks to implement new hardware appliances. I would rate it six out of ten. We serve approximately five or six customers, with the largest having around fifty endpoints, which is considered small to medium-sized in scale.

The technical support provided is excellent, earning a rating of ten out of ten.

Positive

The initial setup was complex, with a rating of three out of ten in terms of difficulty. Implementing the entire solution, covering everything from networking to setting up Office 365, proved to be intricate and challenging.

The deployment time varies depending on the complexity of the case. For simple installations, we estimate approximately one week for completion. However, for more intricate setups involving thorough configuration and fine-tuning, the timeframe extends to three to four weeks. Our deployment process begins with in-depth analysis and discussions with the customer to understand their specific needs and infrastructure, including any special features they utilize, such as on-premise email with Exchange. We initially deploy a standard version with a standardized setup, followed by a review period to assess its effectiveness. Subsequently, we fine-tune the configuration based on feedback and requirements, which typically takes about a week. Finally, we roll out the refined setup to endpoints, servers, and other relevant components.

In comparison to other software solutions available on the market, it comes at a higher price point. However, the price is justified considering the robust features it offers. I would rate it nine out of ten. They provide fixed packages based on the number of users.

Overall, I would rate it eight out of ten.

There are many factors that make Check Point Harmony Endpoint as the main solution for our end-to-end system and data security of the organization. 

The primary use case of Check Point Harmony Endpoint, in our case, is to monitor every node against viruses and digital vulnerabilities, which keeps a 24/7 check over the happenings and keep us alerted against any unforeseen. 

The most important benefit of this solution has a single agent for security purposes and offers great stability during any heavy performance activity.

It has improved the overall security of our organizational digital well-being and made things and monitoring processes a lot easier and more straightforward. 

Integration with third-party servers and data endpoints and 24/7 background security checks are very useful for us and has been very instrumental phenomena in keeping things simple and secure for us. 

It has the ability to configure with any type of system and operating environment, which is great and makes it a more useful product for multiple business entities. 

The most important benefit of this solution is having a single agent for security purposes. 

Its stability during any heavy performance activity is excellent. 

It has improved the overall security of our organizational digital well-being and made things and monitoring processes a lot easier and more straightforward.

Integration with third-party servers and data endpoints and 24/7 background security checks are very useful for us and has been very instrumental phenomena in keeping things simple and secure for us. 

It has the ability to configure with any type of system and operating environment, which is great and makes it a more useful product for multiple purposes.

Overall, my experience with the product is great, and it's a perfect endpoint solution for multiple purposes. 

The solution can be made lightweight in order to keep the systems more effective during the background operations of the scanning and security checks. 

The user interface of reporting dashboard needs to improve for a better understanding of the end users and the administrators. 

The pricing of Check Point Harmony Endpoint can also be reduced. They are quite expensive at the moment. 

I've used the solution for two years.

We found it to be 99% stable and smoothly runs in the background.

It is a scalable solution and everything can be easily monitored, and data can be maintained.

Customer service is great and always helping us with quick solutions.

Positive

It was straightforward to set up and deployed over the cloud.

We implemented the solution via in-house teams.

We've witnessed a positive ROI.

It is a great cost with high-end Check Point features within reasonable cost brackets. You must try it.

Overall this is a great solution with a lot of benefits and ease of use. 

We had the need for every employee to be protected inside and outside of the organization and mainly the sales areas, which often are exposed yet constantly have the greatest mobility within our organization. There were uncertainties and needs for security. We have been testing solutions that will allow us to complete this requirement. We opted for and used the Check Point Harmony Endpoint, which gave us easy administration and management of the equipment, ensuring safety in the best possible way. 

Check Point Harmony Endpoint gives our organization and us a solution that we could manage while complying with internal and external policies and regulations. It's been a great ally in the security and internal strategies of our organization. After testing and using it, we have realized that its capacity is not only to secure the devices. It also gives added value in its way of managing and allows us to have control over inventory and management of the equipment that we have.  

The best feature is that it can secure the equipment. It is integrated with a cloud platform that takes advantage of many emulation features in real-time filtering of malicious attacks. It has detection management with all types of computing power used in the equipment and outside of it in the cloud to which it is connected. This comes to give us a complete solution.

For the future, I would like to see maybe a content-filtering emulation feature in Harmony Endpoint. It would already be cataloged in the app. It would help filter other types of characteristics that we have in our equipment, and allow us to see the ones that are also very vulnerable. We'd like to have everything integrated into a single solution that communicates with the cloud.

I've used the solution for a full year.

We were having several difficulties when we were presented with the design that we had to implement for the teams and personnel that had to work outside of the organization due to the pandemic. 

As a result of all this and all these uncertainties, the need to secure the equipment was the reason we adopted the Harmony endpoint solution. It came to protect us inside and outside the institution. The equipment itself does not need to be connected and secured by the perimeter area of ​​our organization.

We have adopted this solution in a quick, simple way. It integrated well based on these three characteristics: 

1. It is minimally invasive. From a single installer, the equipment is protected and secured. 

2. The solution is really not burdened with the need for computing power for the local management of the device, which will prevent the teams from slowing down. 

3. It is integrated with a cloud administration which makes it easy, fast, and simple to manage each of your policies for the security of the equipment. 

Its most outstanding feature is the power to manage everything from a dashboard, a window that is in the cloud, which allows us to manage it from anywhere in the world through any browser, from anywhere. This is a feature that came to give administrators the possibility to work from home. Today many of us are remote workers who are not at the company, on-site. We are not in a single site, and yet we manage well and have the capacity and the assurance of managing everything easily, quickly, and simply.

This is one of the most innovative solutions due to the fact that it includes many real-time content filtering features, management, and assurance of the transactions of what went in or out of our peripherals. That said, it is important to integrate other solutions to continue innovating in the market.  

I would very much like to have the opportunity to see applications access at the web level and have applications from different brands and devices give simplicity to the management that we are going to need in the future.

I've used the solution for about two years.

The solution is really stable. I have had the opportunity to try it on Mac and to try it on Windows. Its functionality, filtering, and execution have been really stable.

It is a fairly scalable solution that is simple to use and quick to install on the devices of each user, that is, on their computers.