Check Point Harmony Endpoint Reviews

We use the solution for multiple purposes such as endpoint protection, organizational malware attack tracking and maintaining, blocking of IP addresses, domain and URL blocking, and prevention and detection, according to the purposes we follow. 

Check Point is the best in the marketplace for next-generation firewalls. In combination with Endpoint Security, it proves to be stable, error-free, and up-to-date with the latest fixes and solutions available. 

Earlier in our organization there was normally an antivirus which was used to check endpoint protection and policies according to what was applied. However, the detection of endpoints was not up to date with real-time analysis. 

There is a lot of gap in analysis. The malware reports and signatures were not updated in real-time. There was no blocking of Suspicious URLs or domains in real-time. As we using Check Point in DMZ. We purchased the license and implemented it in the UAT zone for the best outcome as per the organization's requirements.

The most valuable aspects of the solution are the real-time endpoint analysis and blocking mechanism, the detection of malware and threats is the best use of this technology. 

As we have the stability of this product and best practices solution is applied to the infrastructure as endpoints have a clear view of the statistics and performance. 

Also, we have monitored the server level where it's been protected from the outside world. The CPU, memory, and hard disk consumption and compromisation are good. 

The dashboard has also been user-friendly and easy to understand.  

Check Point is the best in the marketplace. As the EDR [Endpoint Harmony] there is a lot of enhancement in fixing the solution. We have observed some policies are not working as expected. We have observed a few cosmetic issues as well, however, it's fine. 

Minor release should improve the stability and overall performance of the endpoint solution. Consumption of the endpoint solution should have clear visibility on day-to-day operation tasks that are being carried out also we should monitor the malicious IP address and URL for blocking the same.

I've used the solution for four or more years.

The stability is the best in the marketplace.

The scalability is the best in the marketplace.

Their technical support is the best in the marketplace.

Positive

We did not previously use a different solution.

The initial setup is straightforward.

We handled the setup with an in-house team. I'd rate the experience foud out of five.

The ROI witnessed is the best in the marketplace.

Check Point is the best in the marketplace. It's a good EDR and the cost is minimal.

We did not evaluate other options.

Endpoints have always been a network's weak point, as they are the main interface users use daily. A good endpoint security product must be able to be flexible in both deployments and across multiple OS versions. 

Check Point Harmony Endpoint does that for us. With multiple blades that add security to these weak points, I can be assured that threats are being mitigated in real-time. Also, Harmony Endpoint works seamlessly with Check Point's new MDR product, so logging, detecting, and responding couldn't be easier. 

With the new Harmony interface, I don't have to worry about a local endpoint management server anymore, making my deployments and updating of endpoints so much easier across the board. 

I haven't had issues with anti-malware updates anymore, and I can manage my endpoints from one Infinity Cloud portal. 

Being short-staffed in my department, this solution has absorbed some of the daily tasks of monitoring endpoint products to ensure they are up and running. Also, reporting services/blades that aren't running lets me use my time more freely. 

Deploying new versions of the endpoint are easy. It was a hassle before with a local management server, and now it's as easy as selecting the version you want from a drop-down menu. 

The options for removing/adding blades with the click of a button from the portal are great. The built-in VPN blade makes it so easy to deploy on my endpoints if I need employee remote access to my LAN. 

The installation is so easy with the simple MSI deployment packages, and I can watch the deployment process in real-time from the Cloud Portal. 

The Infinity Portal login is "iffy" at times. I would like to restrict it to only US traffic, however, due to the hosting in the cloud, it sometimes retrieves data from the EU and across seas. 

Also, if there was a way to simplify the SmartConsole login more, there could be an opportunity to take away some clicks to log in. Navigating back to the browser to log in through that portal site just makes for a more extended login transition. Just have the MFA capability right there on the local application and be done with it. 

I've been using Check Point's endpoint solution for five years, however, just recently moved to the Harmony interface this summer. 

The stability makes it easy to move up or down. 

The scalability makes it easy to move up or down. 

Support could be improved. I'd give them a 7/10 before COVID, and maybe a 5/10 post-COVID. If you know who to ask for, it's more an 8/10. 

Neutral

We did not use a different solution previously.

The setup is straightforward. Check Point assists the whole way, so it was very easy. 

I handled the deployment in-house, myself. 

I'm not sure if we have seen an ROI. 

Our rep has been great to work with concerning quotes/licensing. The setup is relatively easy, being in the cloud. A new customer could be up and running on a new Harmony install within days. 

CrowdStrike was the main one we evaluated against this product. 

It is a great product. Check Point could work on their Technical Assistance Center (TAC) to assist customers, however, they usually get the job done in the end. 

We primarily use it for end-to-end security for endpoints and the co-relation of events from one single console. We have been able to protect our endpoints with Harmony. The user experience is also good and there is not too much to be done with respect to the endpoint changes (the best part). Features like Threat Emulation/Threat Extraction, Antibot, Anti- Exploit, Anti Ransomware protection, UBA, Zero-day Phishing protection, Behavioral Guard, Encryption, VPN, and compliance makes it more powerful and helpful to our security team in order to protect the environment.

Our organization's overall security posture has improved with Harmony Endpoint protection. This has helped to secure against all modern age threats and risks that came in during the pandemic. 

During the pandemic, the users, for example, have been forced to work from home and that's been forcing the IT to do overtime to protect the endpoints. After introducing Harmany Endpoint we have seen the incident levels going down to close to zero. 

The single dashboard provides complete visibility over endpoint security and the administration can view the actionable tasks to follow up easily without searching across multiple reports/consoles. 

All of the available features are good (for example Threat Emulation/Threat Extraction, Antibot, Anti-Exploit, Anti-Ransomware protection, UBA, Zero-day Phishing protection, Behavioral Guard, Encryption, VPN, and compliance), however, the one I have thought to be very valuable is the Ransomware Protection Feature which has been used widely during the pandemic. It protects as well as saves original file copies to prevent data loss.

Forensic Analysis provides a complete analysis of threats via detailed reports. The threat prevention, which includes a detailed threat landscape is very good.

The VPN connectivity and compliance check are also very good features.

Support's service and the response times can be improved. The triaging of the tickets takes a long time and the tickets are only resolved with escalations. 

With respect to the product, we feel Endpoint vulnerability management is one of the modules that is missing and it is something that is required. Adding this will strengthen the product and help in taking proactive steps towards protecting the environment.

DLP Module & Patching are required from an endpoint perspective. It would be good to add those in an upcoming release/version.

I've used the solution for more than 6 months.

We have deployed it on the cloud which helps it to be scalable and cost-effective.

We were using multiple solutions to protect the environment in the past. These include solutions such as McAfee, Websence DLP, encryption, etc. however, now it is all happening with this one tool and console 

Easy to set up and start using.

A single administrator can manage the complete solution. It's easy to deploy and does not require any additional effort. We're able to have multiple solutions within a single solution.

We implemented the product with the help of our OEM and our in-house team. There were no major challenges during implementation or even in day-to-day operations.

Harmony Endpoint, in terms of the deployment, integration, and setup, costs less than other solutions.

Yes, we evaluated other products as well, however, with respect to feature price and integration availability, we selected this product.

Harmony Endpoint is a good product and scalable with business growth. 

We are using Check Point Endpoint security to protect our remote users, as well as our roaming users that are accessing our on-premises resources externally.

We have come to know that our remote and roaming users are completely secure with Check Point Endpoint Security. With this confidence, we are now planning to roll out this solution for our on-premises resources, including machines and devices, as well. This will give us complete endpoint security.

Check Point Endpoint Security has improved our organization with features that include Security, Management, and Reporting. We have not yet rolled it out for all users, but that is our intention.

With this product, the data accessible by our endpoints is secure.

We have zero-day protection, which is not available with our other endpoint protection solution. That is the reason we preferred to implement Check Point Endpoint Security.

Finally, from a management perspective, the single point of control makes it more manageable.

The most valuable feature is the Zero-day protection, which covers our on-premises users, and well as those users who are outside of our network. 

With Zero-day protection, we have complied with our customer-specific policies as well.

Most of our users are working on customer-related projects and today, everybody is looking to have zero-day protection at the endpoint level, as well as to protect against unknown threats or viruses.

As of now, product-wise, we haven't found any major concern that needs to improve, although it does not support full MDM and this is something that should be there.

We have been using Check Point Endpoint Security for the last six months.

Scalability is very good and there is no such concern for this solution.

The cost is huge compared to other products that are available on market.

We haven't evaluated other products but we know there are many that are cheaper than Check Point.

In my opinion, it is a very good solution for organizations with a complex environment. We can secure it. From a security perspective, we trust only Check Point endpoint security. This product is a market leader.

The platform is our anti-ransomware agent, where it helps us prevent any cyber-attack. We find it intuitive, as it unpacks files and decrypts any hidden malware, thus enabling us to work in a safe environment and keep our own data, as well as that of our customers, safe and secure.

Our work environment is the banking industry and on a daily basis, we handle lots of customer data. This makes us a potential target for malware attacks but with the platform in place, we are able to shun all of that.                       

The platform works on its own and it does not need to have an assigned employee to monitor how it's working, thus bringing efficiency into our company.

It fit well into our environment, allowing us to fight any attempt to corrupt computer resources.

The best thing is that it fits into all environments, which gives any organization a chance to use it intuitively without worrying about the nature of their industry.

Some of the less tech-savvy users sometimes find it difficult in adjusting and learning how to use the platform.

In some areas, the user-communities that ought to help are not readily available. Perhaps in the future, the vendor ought to send a sales representative or a knowledgeable person to each buyer to assess how they are using the platform. In case of any challenges, they should help them in using the platform efficiently.

I have been using Check Point SandBlast Agent for more than five years. 

This platform has been reliable, through and through, since we started using it.

The vendor offers reliable customer support services to users who may be stuck somewhere in using the platform. This ensures that one continues to receive stable services from the platform.

My primary use case for Check Point Harmony EDR would be to get broader visibility in the environment. For instance, a pre-detection was done by Check Point Harmony when there was an attack happening. It pre-detected and remediated immediately before it got spread in the environment. The best part is the system was not in the office network but still got detected and remediated automatically.                                                                                                     

The insight and visibility of the detection is good.  

As such there is nothing I can think of additional features.

The services of EDR consumption should be reduced and the support needs to be improved.

I have using Harmony for the past two years.

Stability is impressive.

Scalability is good.

Support is good.

Positive

The setup was straightforward.

The implementation happened in-house team.

The licensing and costs are good. 

We primarily use it to provide security solutions for small to medium-sized companies with ten to fifty employees.

The standout features are primarily EDR and MDR. These functionalities are crucial because they specifically target the most common attack vectors, such as email phishing and downloading unknown software. EDR provides a solution for monitoring and responding to these threats effectively. Additionally, MDR ensures round-the-clock monitoring by skilled personnel from Check Point's team. They promptly alert us to any significant events, allowing us to take necessary actions swiftly.

Improvements are required in two key areas: notifications and setup simplification. Notification integration primarily relies on software, which is not commonly used by most small companies. Additionally, the setup process within the dashboard is overly complex, with numerous checkboxes and options that necessitate at least a week of training to comprehend fully. Simplifying this process through a wizard or a more intuitive interface would greatly benefit smaller companies.

I have been working with it for several months.

It provides outstanding reliability. I would rate it ten out of ten.

Scalability is a challenge due to the need for different appliances to accommodate varying user counts and traffic levels. When businesses experience growth or sudden increases in users, acquiring and deploying new appliance packages can be cumbersome. Availability of stock and deployment timelines vary, sometimes resulting in delays of days or even weeks to implement new hardware appliances. I would rate it six out of ten. We serve approximately five or six customers, with the largest having around fifty endpoints, which is considered small to medium-sized in scale.

The technical support provided is excellent, earning a rating of ten out of ten.

Positive

The initial setup was complex, with a rating of three out of ten in terms of difficulty. Implementing the entire solution, covering everything from networking to setting up Office 365, proved to be intricate and challenging.

The deployment time varies depending on the complexity of the case. For simple installations, we estimate approximately one week for completion. However, for more intricate setups involving thorough configuration and fine-tuning, the timeframe extends to three to four weeks. Our deployment process begins with in-depth analysis and discussions with the customer to understand their specific needs and infrastructure, including any special features they utilize, such as on-premise email with Exchange. We initially deploy a standard version with a standardized setup, followed by a review period to assess its effectiveness. Subsequently, we fine-tune the configuration based on feedback and requirements, which typically takes about a week. Finally, we roll out the refined setup to endpoints, servers, and other relevant components.

In comparison to other software solutions available on the market, it comes at a higher price point. However, the price is justified considering the robust features it offers. I would rate it nine out of ten. They provide fixed packages based on the number of users.

Overall, I would rate it eight out of ten.

The solution is used for port protection and media encryption.

Our customers are satisfied with the Harmony environment. The remote support is good. If the users forget their passwords, the remote support helps them reset the password. It is a good feature. We only need an internet connection for it.

The heartbeat interval must be improved. Sometimes, when we change the policy in the console, it does not reflect in the endpoint. Sometimes, we find it difficult to change the policy. The tool lags sometimes.

When we change the user password in the Infinity Portal, the password does not sync on time. There is a one-minute heartbeat interval from the server to the console. We have a graphical UI in threat hunting in which we can see the attacks. If audit logs have a similar graphical UI, it will be easier to analyze the logs.

I have been using the solution for seven months.

I rate the tool’s stability an eight out of ten.

The scalability and integrity are above average. I rate the scalability an eight or nine out of ten. We have deployed the product for 500 endpoints. We have deployed it on 300 to 400 endpoint machines in other places.

Initially, we had some issues installing the agent on the endpoint machines. We didn't know the prerequisites of the endpoint machines. We had blue screen and red screen issues. It was new for us, and we were stuck. The support was very helpful. The team identified the issue and asked us to update Windows. We had to have the recommended version of Windows for deploying the agent. Now, we do not face any issues. If we face any problems, we easily recognize the issue. We are a bit autonomous.

Neutral

The initial deployment was very challenging because I was new to the product. Later on, I got used to it. It was very easy. I ensured everything was according to the customers’ requirements. It took hardly two weeks to deploy.

The pricing is reasonable. It is very good for security. We are focused on security. If the security is strong, we do not mind the price. The customers blindly trust the product.

Our customers were using Trend Micro.

We haven’t deployed the antivirus yet. We’re trying to implement AV on Windows. Currently, AV is deployed on a Linux machine. When I implemented it, I didn't have any idea about the product. I just went through some documents. People who want to use the solution must go through the documents and understand the concepts. Overall, I rate the product a nine out of ten.