Check Point Harmony Endpoint Reviews

Currently, our servers are not protected by a working anti-virus solution that receives updates. These servers & particularly the business are at extreme risk of not only suffering a breach and losing data, but also have a high risk of infecting the rest of the subsidiaries owned by Tyrion.

The solution hinges on the following requirements:

• The ability to be completely managed from a Cloud environment, including the ability to download new signatures whilst not on the corporate network;

• The ability to generate reports based on set criteria (which can help justify the cost);

• Ability to generate alerts or notifications to an administrator in the event an infection is detected so that Security Incident Response can be initiated;

• Where possible, the tool should have the ability to complement existing tools sets, replace already existing toolsets, or bring something beneficial to the table to help strengthen the security posture;

Implementing a fully functioning anti-virus solution gave the company the ability to defend against almost all threats that occur either on or off the network. It has further given the security team the ability to respond to incidents quicker and perform root cause analysis easier, thus reducing the number of man-hours needed to fix a potential outbreak.

Additionally, it will also give the security team greater reporting capabilities to show the business the types of attacks it faces on a monthly basis. This is through a monthly report & it will help the business tailor security training to its end-users so that they can better defend themselves against these attacks.

The most useful feature so far has been having a functioning and up-to-date anti-malware scanner. This has found multiple dormant threats that have existed within the business that other anti-virus products could not detect.

In addition to this, threat extraction & threat emulation have been a big benefit to give the users more autonomy. For example, allowing them to release their own spam emails that were captured by our spam filter, knowing that the files that are released will be scanned and checked for known viruses.

The only two bug bearers of Check Point SandBlast that I have come across are as follows:

Sometimes, the Cloud Management Portal can become unresponsive or take a long time to process a query. This in turn will cause the browser to freeze, which will require closing and reopening of your browser.

The second is that getting useful "administrator" information requires digging into the policy rules via a second management agent installed on your computer. However, once installed, it is easy to navigate and use so is more of a slight inconvenience than a major issue.

So far, the Check Point SandBlast Agent is in the deployment stage, as we have only had the product for one month.

Stability-wise, we are 90% happy. If the web console could be made more stable, this would go to 100%.

In my opinion, this product is extremely scalable.

We have used multiple different anti-virus products including those by McAfee, AVG, and Kaspersky. This project was to centralize the AV to one single platform.

The initial setup is extremely straightforward. After engaging with Professional services and implementing best practices, we have had only one or two teething issues with the product, which can be easily resolved with a rule change.

Our in-house team implemented the tool with vendor support. Vendor support was extremely knowledgeable of the product and its capabilities

The number of man-hours saved administering multiple AV systems has been the biggest ROI.

Initial monies replacing all AVs with a single product is about £10k.

We looked at Kaspersky, CloudStrike, and VMware Carbon Black.

If you have never used a Check Point product before, I would highly recommend engaging with a Professional Services provider to help with the deployment of the tool & ensuring you implement the tool based on best practices.

Additionally completing the training for the Checkpoint Sandblast tool will equally achieve the same goals.

I use it for end point protection, and I am also using full disk encryption Harmony both solutions are adopted. 

One of the advantages is the reporting functionality. For example, if some critical data is available on a laptop and the laptop gets stolen - I can remotely wipe it immediately. Because, at the end of the day, apart from the device, the data is important.

So, the zero-phishing feature of Harmony Endpoint, the one I have used, was very good.

Those features are very good. Then, zero-day protection is also very important to us.

We can map the MITRE attack framework along with the Cyber Kill Chain completely.

Sandboxing is a great functionality.

The only drawback is the integration process. For example, I want to integrate with my source platform. It took some time. That's the only concern regarding the integrations.

Check Point Harmony Endpoint doesn't have any XDR kind of solution. DLP functionality and all are not yet there.

And then, the performance also sometimes gets deep. CPU utilization could be further optimized. 

I have been using it for one year. 

I faced some issues with stability. Stability was good compared to other endpoint protection. The only thing is that in the Zero Phishing future, which I like a lot, we can see when people are entering password content and other things. Phishing is important.

Since it's a SaaS platform, we can upgrade only a license. We can get it.

I have experience with SentinelOne. SentinelOne has a feature; for example, if a ransomware attack happened and a particular file was affected, we can retrieve it. If some known files got corrupted, we can roll back the file to the last known good configuration. We can do that. 

But this particular feature is not there in Check Point Endpoint. And then, importantly, USB blocking on Linux machines is not currently available in Check Point Endpoint. It supports only the scanning part, but I don't think it is supporting USB blocking and device blocking.

DLP functionality and all, they are not yet there.

The installation is very easy. It takes around 20 minutes only. 

It requires maintenance. There are a couple of people who handle more than 4,000 endpoints. So if there are more, then I can publish them. That is a one-time activity. After that, only one person can monitor. The SOC analyst is only one guy. The person who manages the endpoint completely, email as well as the endpoint, both.

We have seen ROI. Time was saved. Since it's manual, we need to pay a lot to our team. The time-saving was very good. We can establish connectivity on each agent within 20 minutes.

The pricing is okay. It is in the enterprise range. It is not middle range. It is not so costly, but it is an enterprise.

Overall, I would rate it a nine out of ten. 

We use the solution for multiple purposes such as endpoint protection, organizational malware attack tracking and maintaining, blocking of IP addresses, domain and URL blocking, and prevention and detection, according to the purposes we follow. 

Check Point is the best in the marketplace for next-generation firewalls. In combination with Endpoint Security, it proves to be stable, error-free, and up-to-date with the latest fixes and solutions available. 

Earlier in our organization there was normally an antivirus which was used to check endpoint protection and policies according to what was applied. However, the detection of endpoints was not up to date with real-time analysis. 

There is a lot of gap in analysis. The malware reports and signatures were not updated in real-time. There was no blocking of Suspicious URLs or domains in real-time. As we using Check Point in DMZ. We purchased the license and implemented it in the UAT zone for the best outcome as per the organization's requirements.

The most valuable aspects of the solution are the real-time endpoint analysis and blocking mechanism, the detection of malware and threats is the best use of this technology. 

As we have the stability of this product and best practices solution is applied to the infrastructure as endpoints have a clear view of the statistics and performance. 

Also, we have monitored the server level where it's been protected from the outside world. The CPU, memory, and hard disk consumption and compromisation are good. 

The dashboard has also been user-friendly and easy to understand.  

Check Point is the best in the marketplace. As the EDR [Endpoint Harmony] there is a lot of enhancement in fixing the solution. We have observed some policies are not working as expected. We have observed a few cosmetic issues as well, however, it's fine. 

Minor release should improve the stability and overall performance of the endpoint solution. Consumption of the endpoint solution should have clear visibility on day-to-day operation tasks that are being carried out also we should monitor the malicious IP address and URL for blocking the same.

I've used the solution for four or more years.

The stability is the best in the marketplace.

The scalability is the best in the marketplace.

Their technical support is the best in the marketplace.

Positive

We did not previously use a different solution.

The initial setup is straightforward.

We handled the setup with an in-house team. I'd rate the experience foud out of five.

The ROI witnessed is the best in the marketplace.

Check Point is the best in the marketplace. It's a good EDR and the cost is minimal.

We did not evaluate other options.

We were looking for a solution as complete as possible to replace the existing antivirus and, if possible, integrate it with other products that we have, such as the CheckPoint firewall.

We decided to use the Check Point SandBlast agent to prevent ransomware on users' computers.

We subsequently expanded the scope of the solution to detect malicious activity on our network.

It is a very complete product but you have to know how to parameterize it well to avoid high CPU consumption.

It is also missed that it does not have a client for Linux.

Check Point SandBlast Agent allows us to centralize all the security software used in a console and avoid, mainly, ransomware in the company.

Many of our users have laptops to carry out teleworking, with this tool we can secure their web browsing, and in the event of suffering some type of attack, the computer is notified by SandBlast Agent and provides information about it and the security actions carried out. It even allows you to restore files modified during the attack.

You also have the option of performing a forensic analysis of the infected computer by providing a lot of information.

What we liked the most about the product, apart from detecting any attempted attack, is the graphical interface.

The graphical interface is very easy to use and intuitive, which greatly facilitates the work and greatly facilitates the work and the location of threats on the users' computers.

We also highly value the anti-ransomware functionality, which creates a copy of the files on the computers and in case of infection by ransomware is able to restore them to a date when the computer was not infected.

It is a very complete product but you have to know how to parameterize it well to avoid high CPU consumption.

SandBlast Agent had moments in which it had a high load, we escalated it to the CheckPoint support that helped us to stabilize it. We had a problem with the parameterization of the solution. Once corrected by following the CheckPoint instructions, everything worked normally again.

It is also missed that it does not have a Linux client since some administrators use this type of operating system.

I have been using SandBlast for over 1 year now.

It is a very mature product that provides great stability in service.

It is a very mature product with good performance. Currently we have not needed to use its scalability.

Our experience with customer service and support is very good, the support is totally professional and responds quickly.

Positive

Previously, we used third-party antivirus software and switched to Check Point SandBlast Agent for its ease of integration with other Check Point products and to improve protection against ransomware.

Initial setup is easy, policies and user groups are defined and then applied. Then we adjusted the policies until we got what we needed.

We implemented it with an internal team and when we had doubts, we consulted the manufacturer's support with a totally satisfactory result due to their great experience.

Currently we have not quantified our ROI but we have avoided the loss of information on user computers due to viruses, ransomware, ...

The cost of the solution is similar to other products on the market.

We have been evaluating other products, such as Bitdefender and Broadcom (Symantec Enterprise).

It is a very complete product but you have to know how to parameterize it well to avoid high CPU consumption.

It is also missed that it has no client for linux.

In our organization, we are creating Trusted, Untrusted, and DMZ zones. 

We use URL filtering, antivirus and threat prevention, as well as detect and monitoring of all the outside traffic that enters the organization. 

It downloads the latest signature from the Check Point database for anti-malware and it keeps my laptop clear from malware files and attacks. 

We are now able to regularly scan after implementing this product and now we feel happy. In many ways, it made us feel safe. 

We have installed this tool for every user.

The Harmony vendor is excellent at providing various features and updates regularly. 

The main advantage of the solution is the ability to implement complete security policies for the terminals in order to address how apps are installed on corporate devices. 

It secures our organization from attacks from ransomware, malware, et cetera. 

The most important feature is the file scan capability. It saves us from attacks by modified files. In this way, we secure our internal traffic from outside attackers.

The below features are most valuable:

1) Anti-malware

2) Threat protection with signature

3) Anti-ransomware

4) Anti-phishing (support for all leading browsers)

1) Anti-malware (to detect and prevent malicious activity)

2)  Threat protection with signatures to prevent the threat on the basis of a signature. Signatures are stored in the database. 

I would suggest that the Check Point team always allocates an SME to all the vendors before implementation. This will help when the endpoint agent cannot integrate with another product or third party. It could expand the functionalities too. In addition to security functionality, they could incorporate Mobile Device Management (MDM) functionalities such as remote device management, administration of installed applications, et cetera. 

The solution needs more alerts to warn of attacks. 

I have used this product for the last two years.

We did not use a different solution previously.

The setup is somewhat complex the first time, however, it is not too complicated or difficult.

We implemented this product as per the organization's requirements. We did it ourselves.

Our ROI has definitely improved after installing this product.

It is a fair price and according to the quality of the product offered.

Harmony Endpoint helps the company to protect devices from phishing attacks. 

It offers instant notification when it senses any form of external threat that can compromise data. 

It can be easily deployed on both mobile and desktop devices. 

The product has saved my team a lot of time and resources during the project implementation process. 

It responds quickly to data threats that can leak internal information into an unsafe environment. We have accomplished many projects and submitted them successfully to our clients without any challenges since deploying Harmony Endpoint.

This solution provides threat intelligence to all sectors to enhance effective planning and decision-making before we get into trouble. 

It monitors data flow across the networking system to enhance comprehensive workflow infrastructure. 

Real-time monitoring provides essential tools for security configurations that cannot be interfered with by ransomware attacks easily. This is the best solution, far from other related software in attack prediction and threat analysis. It is cloud-based, and teams across the organization find it to be more flexible for real-time analytics.

Network monitoring provides the best reports based on real-time performance, which helps our members locate any drawbacks across the workflow system.

The threat response system from the user dashboard blocks malware attacks that can affect email and the flow of information among colleagues. 

Endpoint protection is fundamental in security enhancement; it's effectively protecting our devices from internet viruses.

The application investigation system enables the IT team to come up with reliable reports on the cause and prevention measures that can be adapted to prevent any future attacks.

The system has comprehensive data management features that have saved us from incurring unplanned losses. 

Timely updates and suitable configurations can block malware attacks and provide effective reports on security situations. 

The setup process was complicated, however, when the customer service team came in, they provided productive guidelines that have kept the system working efficiently. 

The next release should consider a strong threat detection mechanism that can categorize various levels of attacks for faster analysis.

I've used the solution for 18 months.

This platform is highly stable, and the performance is awesome.

The scalability has impressed all relevant teams.

The customer service team is passionate about their work, and they provide timely responses.

Positive

I have not worked with other related products.

The setup was straightforward. We had assistance from the customer support team.

implementation took place through the vendor team.

The targeted ROI has been achieved since we deployed the application.

The setup and cost depend on the number of devices that have to be secured.

I evaluated Intercept X Endpoint. However, it did not impress the entire team.

I am satisfied with the current performance and I thoroughly recommend Harmony Endpoint to other business enterprises.

We had the need for every employee to be protected inside and outside of the organization and mainly the sales areas, which often are exposed yet constantly have the greatest mobility within our organization. There were uncertainties and needs for security. We have been testing solutions that will allow us to complete this requirement. We opted for and used the Check Point Harmony Endpoint, which gave us easy administration and management of the equipment, ensuring safety in the best possible way. 

Check Point Harmony Endpoint gives our organization and us a solution that we could manage while complying with internal and external policies and regulations. It's been a great ally in the security and internal strategies of our organization. After testing and using it, we have realized that its capacity is not only to secure the devices. It also gives added value in its way of managing and allows us to have control over inventory and management of the equipment that we have.  

The best feature is that it can secure the equipment. It is integrated with a cloud platform that takes advantage of many emulation features in real-time filtering of malicious attacks. It has detection management with all types of computing power used in the equipment and outside of it in the cloud to which it is connected. This comes to give us a complete solution.

For the future, I would like to see maybe a content-filtering emulation feature in Harmony Endpoint. It would already be cataloged in the app. It would help filter other types of characteristics that we have in our equipment, and allow us to see the ones that are also very vulnerable. We'd like to have everything integrated into a single solution that communicates with the cloud.

I've used the solution for a full year.

We use Check Point on our 500 computers to protect them from viruses and malware. The network is a protected local area network with limited connectivity to the internet. Not all computers are connected to the internet; only users with the necessity to connect can access it. We also increase the protection from viruses/malware by disabling USB ports for mobile storage. With all the protection steps taken, we still see that antivirus is a must to have as standard computer protection.

With all security steps taken to protect the network, viruses and malware still appeared in the network. Check Point Harmony Endpoint (endpoint antivirus) has helped our organization by preventing further damage to the computers and the network by detecting and taking appropriate action (quarantine, clean, delete) to viruses and malware. 

By doing this, our organization's business can maintain its operational state without any significant disturbance, and that is the most important thing to achieve.

Some of the most valuable features from Check Point include:

1. Its ability to run real-time scans in the background and detect all the malware and viruses while taking action to clean the system from the threat.

2. On-premise centralized management, so the client can do signature updates locally and save the internet bandwidth.

3. The reporting feature where we can see and monitor what happened on our client computers. For example, which client has out-of-date signatures, which client is infected by what virus, et cetera. 

Some areas of improvement could be :

1. Making the user interface on the server more intuitive and user-friendly. 

2. Making it easier for the user to do tuning and configuration to the server or the client application. For example, to turn off notifications, the user should be able to do that with some clicks on the user interface instead of searching and reading about how to do it in the knowledge base first and then trying to do it.

3. Our application version is quite old, and Check Point already released a newer version for endpoint protection, which includes a cloud version. After doing some trials, we see that Check Point already made many improvements to the features and user interface.   

I've been using the solution for five years.

Tthis solution runs with good stability.

If we deploy it on-premise, we should see the server hardware requirement first and match it with the number of clients we want to handle.

Customer service gave good support when we needed it. For example, when we need support on renewing the license or when we need to upgrade the client version, they have a quick response time to deal with the problem.

Positive

We did use a different solution previously. We switched as we want to use the same brand for our NGFW and our endpoint protection.

The setup was quite straightforward. We installed the server first and then made the client installer. If you have an active directory on the network, you can install it with push installation. That said, we don't have it, so we needed to install the client by accessing the client directly.

We implemented the product together with the vendor and an in-house team. The vendor team has good knowledge when it comes to implementing the product.

At the time we purchased it, the licensing was separated into some modules. There were antivirus modules, data protection modules, and full modules if I'm not mistaken. You should make sure that the module you choose fits your requirement. 

We evaluated the ESET antivirus.

Check Point has released their new product on endpoint protection, which includes a cloud version. You could try it for free to see if this product matches your needs before purchasing it.