Check Point Harmony Endpoint Reviews

My primary use case for Check Point Harmony EDR would be to get broader visibility in the environment. For instance, a pre-detection was done by Check Point Harmony when there was an attack happening. It pre-detected and remediated immediately before it got spread in the environment. The best part is the system was not in the office network but still got detected and remediated automatically.                                                                                                     

The insight and visibility of the detection is good.  

As such there is nothing I can think of additional features.

The services of EDR consumption should be reduced and the support needs to be improved.

I have using Harmony for the past two years.

Stability is impressive.

Scalability is good.

Support is good.

Positive

The setup was straightforward.

The implementation happened in-house team.

The licensing and costs are good. 

We primarily use it to provide security solutions for small to medium-sized companies with ten to fifty employees.

The standout features are primarily EDR and MDR. These functionalities are crucial because they specifically target the most common attack vectors, such as email phishing and downloading unknown software. EDR provides a solution for monitoring and responding to these threats effectively. Additionally, MDR ensures round-the-clock monitoring by skilled personnel from Check Point's team. They promptly alert us to any significant events, allowing us to take necessary actions swiftly.

Improvements are required in two key areas: notifications and setup simplification. Notification integration primarily relies on software, which is not commonly used by most small companies. Additionally, the setup process within the dashboard is overly complex, with numerous checkboxes and options that necessitate at least a week of training to comprehend fully. Simplifying this process through a wizard or a more intuitive interface would greatly benefit smaller companies.

I have been working with it for several months.

It provides outstanding reliability. I would rate it ten out of ten.

Scalability is a challenge due to the need for different appliances to accommodate varying user counts and traffic levels. When businesses experience growth or sudden increases in users, acquiring and deploying new appliance packages can be cumbersome. Availability of stock and deployment timelines vary, sometimes resulting in delays of days or even weeks to implement new hardware appliances. I would rate it six out of ten. We serve approximately five or six customers, with the largest having around fifty endpoints, which is considered small to medium-sized in scale.

The technical support provided is excellent, earning a rating of ten out of ten.

Positive

The initial setup was complex, with a rating of three out of ten in terms of difficulty. Implementing the entire solution, covering everything from networking to setting up Office 365, proved to be intricate and challenging.

The deployment time varies depending on the complexity of the case. For simple installations, we estimate approximately one week for completion. However, for more intricate setups involving thorough configuration and fine-tuning, the timeframe extends to three to four weeks. Our deployment process begins with in-depth analysis and discussions with the customer to understand their specific needs and infrastructure, including any special features they utilize, such as on-premise email with Exchange. We initially deploy a standard version with a standardized setup, followed by a review period to assess its effectiveness. Subsequently, we fine-tune the configuration based on feedback and requirements, which typically takes about a week. Finally, we roll out the refined setup to endpoints, servers, and other relevant components.

In comparison to other software solutions available on the market, it comes at a higher price point. However, the price is justified considering the robust features it offers. I would rate it nine out of ten. They provide fixed packages based on the number of users.

Overall, I would rate it eight out of ten.

The solution is used for port protection and media encryption.

Our customers are satisfied with the Harmony environment. The remote support is good. If the users forget their passwords, the remote support helps them reset the password. It is a good feature. We only need an internet connection for it.

The heartbeat interval must be improved. Sometimes, when we change the policy in the console, it does not reflect in the endpoint. Sometimes, we find it difficult to change the policy. The tool lags sometimes.

When we change the user password in the Infinity Portal, the password does not sync on time. There is a one-minute heartbeat interval from the server to the console. We have a graphical UI in threat hunting in which we can see the attacks. If audit logs have a similar graphical UI, it will be easier to analyze the logs.

I have been using the solution for seven months.

I rate the tool’s stability an eight out of ten.

The scalability and integrity are above average. I rate the scalability an eight or nine out of ten. We have deployed the product for 500 endpoints. We have deployed it on 300 to 400 endpoint machines in other places.

Initially, we had some issues installing the agent on the endpoint machines. We didn't know the prerequisites of the endpoint machines. We had blue screen and red screen issues. It was new for us, and we were stuck. The support was very helpful. The team identified the issue and asked us to update Windows. We had to have the recommended version of Windows for deploying the agent. Now, we do not face any issues. If we face any problems, we easily recognize the issue. We are a bit autonomous.

Neutral

The initial deployment was very challenging because I was new to the product. Later on, I got used to it. It was very easy. I ensured everything was according to the customers’ requirements. It took hardly two weeks to deploy.

The pricing is reasonable. It is very good for security. We are focused on security. If the security is strong, we do not mind the price. The customers blindly trust the product.

Our customers were using Trend Micro.

We haven’t deployed the antivirus yet. We’re trying to implement AV on Windows. Currently, AV is deployed on a Linux machine. When I implemented it, I didn't have any idea about the product. I just went through some documents. People who want to use the solution must go through the documents and understand the concepts. Overall, I rate the product a nine out of ten.

We deployed this product to harmonize our products and have one central access point. 

It helps us to set security features that protect the computing devices from malware attacks. 

It gives me an opportunity to manage applications that works on various workflows centrally. 

Integration with all employee devices has enabled my team to monitor the security situation and put in place emergency measures in case of any threat. 

Team members can connect their working devices from a central networking connection that is secure and reliable.

The high-level security provided by Check Point Harmony Endpoint has given my team all the required tools for setting up a central network control platform. It provides solutions to challenges that affect workflows slowing down performance. 

There is improved business work processes agility that keeps all the sectors functional. 

There has been improved security compliance and risk management in all the business transactions that we undertake since we deployed this application. 

Laptops and mobile devices that operate within the enterprise have been secured, and teams can easily focus on more productive roles without fear of being attacked.

Data security analytics enable us to prepare and take suitable precautions before landing in trouble and exposing confidential information. 

The cloud management system provides security to hybrid information and saved files. 

The customer support services are efficient and always reliable when reached for any consultation. 

It supports operating systems that are deployed in computers and mobile devices. 

New users familiarize themselves easily with the operation of UI since it has flexible dashboards. 

The faster data processing capability saves time and costs for accomplishing given tasks.

It has full performance capability to execute the given duties. 

It blocks safe URLs sometimes when there are network interruptions. 

The cost of deployment varies with the existing working conditions and the organization's size. 

The cloud networking infrastructure can be attacked if there are limited security features and poor monitoring capacity from the IT team. 

The overall performance impressed my team. Check Point Harmony Endpoint is the sure deal for enterprise security coverage and computing device control.

I've used the solution for ten months.

It is stable in the provision of reliable security.

I am impressed by the performance of this product.

The customer support staff is ever supportive.

Positive

I have not used a similar solution previously.

The initial setup procedure was straightforward.

There was high-level expertise from the vendor team during implementation.

There has been a positive ROI since we deployed it.

The setup cost and licensing terms vary according to enterprise size.

I evaluated several options. This platform was the best.

I recommend the implementation of this platform in other organizations.

The main option for which this solution is used is to have all the peripheral equipment protected - avoiding risks due to malware and viruses. The solution can be managed by device, with filtering and analysis of the information of all collaborators available there. 

It's used to analyze emails from key users and for content filtering rules. It does not allow dangerous downloads, which protects the work of the organization outside the main network. It gives tools to the collaborators to make the work outside the installations (home office) easy.

With COVID affecting the world, a solution was needed that could be able to provide security at workstations outside of the organization itself. With the sandblast tool, coverage is made on the equipment that we provide (laptops) and employees can carry out their activities from home. The tool has provided us with security to ensure that the computers are protected while also providing information analysis. It offers easy control and implementation of content filtering rules. Thus, you have control of all the organization's teams outside and within the operational network.

The endpoint agents, which can be installed in one go, are great. The communication with the console is very dynamic and remote, without the need to return to the computer locally. 

From the administration console, we can generate content filtering rules and labels, as well as run an analysis of emails and downloads that the collaborator does to fulfill their functions. Informing the administrator of threats by mail gives us the facility to detect real-time vulnerabilities in order to continue fulfilling the objective of safeguarding the information of the organization.

There needs to be compatibility with the most recent versions of the various operating systems. They need to be up-to-date with the signatures of new viruses and the latest ramsonware. With the encompassing of all its solutions in one platform, there should be artificial intelligence for specific analysis to thus be able to anticipate and detect unique risks to the organization. 

To be able to count on the administration console on any device and online cloud would be ideal. We would like there to be no need to install clients as executables.

I've been using the solution for one year.

We like the idea of ​​continuing to implement more solutions offered by Harmony.

Technical support is good. They comply when we need support or have product questions.

No, Sandblast was chosen as the first option.

The solution meets our business needs. 

We did look at Fortinet solutions.

In my organization, we have selected the Harmony Endpoint tool after an analysis of the market. We wanted to be able to secure the deployed part of our mobile corporate devices in order to start the security processes at the point closest to the user possible. Thanks to its ease of deployment and its power in detecting malware or insecure elements, this tool provides us with the peace of mind we were looking for in an environment of several thousand terminals deployed on the network in very different environments.

By using the Check Point Harmony Endpoint tool we have achieved great visibility, extensive control of our network and our users, and, above all, a level of security against cyber attacks that's more effective than what we had before. Now, we can detect and avoid security incidents and we can better understand the use that our users make of the devices, and, most importantly, we can apply security policies that keep us safe - not only on the organization's own systems but also within the data. The personal information of our users is also very much protected.

When starting to use Check Point's Harmony Endpoint tool, the first thing that strikes us is its great ease of deployment. In our case, it has been a deployment without too many incidents considering that we are talking about a deployment in the tens of thousands of devices. Once deployed, the dashboard and all the inventory information that we have been able to obtain and that we did not know before are very interesting. Of course, one of the key points of Harmony is its great ability to detect threats and keep us safe.

After using Harmony for six months, I still don't have a clear vision of the possible improvements that the tool may need. There are still functionalities that I have not been able to fully test and I would like to spend more time using the tool before offering an opinion to the IT Central community on this point. What is very important, in my opinion, is the remediation or recovery capabilities after an attack. From what I have seen so far, this tool aligns with the quality of Check Point products and the evolution it has is correct and logical. Check Point is always ahead of the needs of the market.

I've been using the solution for 6 months.

No, it is the first tool of this type that we deployed in my organization.

I would advise all organizations to deploy tools of this type for the security they need. As for Harmony, I recommend it 100% for its ease of use, reliability, and reasonable price.

Yes, Microsoft Defender for Endpoint and Cisco Secure Endpoint were evaluated.

With every new firewall that we're purchasing, we're deploying the SandBlast Agent. At the moment we're only running it on about 20 firewalls, just because the licensing isn't retroactive. What we need to do is produce a proof of concept to say, "This is the stuff we're getting." We're looking at it in a learning mode and then we can consider getting into a more aggressive mode of stopping everything. At the moment, we're trying to use it to give us information rather than to fully stop everything.

It's deployed on our physical firewalls, on-prem.

We have seen some attempted ransomware in our network. With the firewall we've already got IPS, but we wanted to integrate the endpoints into that as well. That's something we are seeing. Our IT risk team are getting those reports and seeing them and seeing fewer potential attacks.

It reduces potential downtime through ransomware by reducing risk. I don't think I would go to the CEO and say, "Hey, we've completely eradicated this and that," but it certainly complements other Check Point products that we have. It gives us some more information about what is happening and where it's happening on the network, on-prem, on the applicable firewalls. It's hard to say exactly what it has improved because it just works very well with what we've got. Certainly, with our Windows environment and our VPN, we do see a lot more. But I don't know if there's just more of a focus on the reporting, as a whole, that we're getting.

We have had previous ransomware attacks, and while we can't necessarily quantify any downtime or loss, there certainly was risk around that. This has reduced our risk in that environment. That's one of the big focal points. From a network operational point of view, could you ask, "Well, has it reduced things?" and the answer is "no," but from an IT-risk point of view, our IT risk team have certainly seen less impact from attacks. We're more proactive than reactive, compared to how we were doing things before.

We don't see it leading to a reduced number of security engineers. What we do envisage is information and empowerment. Rather than manually having to check this, that, and the other, we're looking at having these tools available and for them to produce actual results. We definitely see this tool helping us do that.

It's pretty complete for preventing threats to endpoints. Its capabilities are great.

The solution's automated detection and response capabilities are pretty good. It really depends on how aggressive we want to be with it. We've not deployed it in the most aggressive way you can, such as shutting down everything, because we've not deployed it in a greenfield site. It has not been deployed with that in mind. It has been deployed as an add-on service. As such, we don't want to be as aggressive as some top security firms would recommend we should be.

We do like the product, although there are quite a few things that we're asking our Check Point account team to enhance, where we think we probably could get more features from it.

We use a couple of Check Point products, like SmartEvent, and SandBlast Agent is not really integrated into that. We haven't gotten the reports working yet. We are working with the account team and trying. As I said, it's still relatively new in terms of what we're trying to achieve. We probably should have had more Professional Services come and help us. But, from our company's point of view, especially at this time in the market, the finances are just not there. But from what I've seen so far, I don't think there's enough integration into SmartEvent. That's something that I've asked our account team to try to focus on in the next versions or as an enhancement request.

Integration and deployment are probably the weakest points, and maybe service as well, although they are still at the high end. Would we go out to market and buy this on its own? Probably not, is the honest answer. But because it is a Check Point product and the licensing comes as part of it, it gives us this time to go and prove that, when it's together with all the other products that we have from Check Point, it certainly integrates very well. Would I go and buy this just as a standalone service if we didn't have Check Point firewalls? Probably not.

We're relatively new to Check Point SandBlast Agent, once they put it onto their firewall platform with the new environment. It comes built-in for the first year, including the cost. We've sampled it, starting about four months ago.

We had seen it work before. We had demos with it, but it was always something that seemed would be a nice feature to use, but not something the business wanted to buy into, per se. Now that it comes as part of the package for the first year, we thought we'd give it a go and see how it gets on.

I've had no problems from a stability point of view. It just seems to work.

It's definitely scalable. It's whether there is a business appetite. When we get a new firewall, we'll enable it and run it through the service. It's scalable to retrofit. We could do that and we could run that very easily, but that would involve a commercial spend, which at the moment, no one wants to do. We understand that, but the solution is certainly something that is of interest to various people.

If we get approval then it will move from a PoC to across-the-board. At that point, there would be between 100 and 200 people using it and thousands of agents. It could be scaled out to our whole organization. Again, it's funding-dependent.

We have Diamond Support, so it's very good, but we pay for the privilege. We have one engineer and a separate TAC team.

We had a solution but it wasn't really a similar solution. This is the first of its kind for us, for what it does. We do have antiviruses, so that the machines aren't just dead, and we do have our own hybrid package of something that, if you add four of them together, maybe adds up to half of this, but no similar package.

It's relatively easy to set up. There's plenty of documentation out there for how you do it. The way we've done it is probably the easiest way of doing it. We're not going all-out. We've gone with a small approach, mainly due to commercial reasons.

Our implementation strategy is just to switch it on in our new firewalls and see what happens, honestly. That's not always the best approach, but we switch it on in learning mode to give us information on what's out there and to see what we didn't know.

It took us about three weeks with the first two firewalls, and that doesn't include the firewall build time. That's just setting up everything else and the integration piece. There were two of us involved, me and a colleague. There were "dotted lines" into others, such as our IT risk team where we were asking, "Hey, is this what you want to see?" We're not really offering it as a full service, it's a PoC. If it goes live with a view to deploy it to all of our firewalls and all of our endpoints, I wouldn't say we would need any more people. It would be part of our operational team. The same is true for the risk team. I don't think we would need to get more people, although we see the IT risk team having more of an input.

We did it ourselves.  Potentially, if I had an open wallet and a blank cheque book, would we use a third-party? Yes, of course we would, but at the moment that option is just not there.

Return on investment would be not being attacked. Have we seen any? No. Has it identified certain things? Yes. The way we've got to look at return on investment is, all of a sudden we're less vulnerable to attacks. That's a hard measurement to define. Ultimately, not being attacked, and our reputation, is worth a lot more than just a dollar figure.

The cost-effectiveness of SandBlast is knowledge and understanding what is happening on our network. Do we have some infections? Are we seeing certain things which, without this tool, we would be exposed to? Yes, we are seeing that.

Licensing comes free in that first year or is included in the base package. From a commercial point of view, it really just is the renewal cost, rather than a one-time fixed cost or buy-in. That's for new firewalls. For existing firewalls, we haven't even gotten to that point yet. They don't even want us to look at the pricing. First, we need to think about what the product does. Does it do what it says on the tin? And if it does, then it's a commercial thing. We have quite a good commercial model with Check Point, so we don't really need to worry about that too much. The pricing should be good.

The licensing, the way they've changed it, is a positive and a negative. Ultimately, Check Point has changed how it operates and now we have to go back and retrofit.

If this does everything it says it does, I don't see any reason that we would use a different product, because this integrates so well with existing Check Point products.

What we've gained is more of an understanding of what's on our network. If I were to go and do this again from scratch, I probably would have looked to integrate more with our Check Point sales team and would have gotten more help from them.

My advice would be to involve your SE. He can help you through a lot more of the options when you deploy.

We don't use the solution’s Management Platform for the creation of virtual endpoint management services in the cloud. We haven't got to that cloud point yet. It's something we could do, potentially. We're going to work with our account team about that. But that's the one of the lessons learned: We did it by just playing around with it rather than doing a full deployment.

I would rate it at nine out of 10. What comes to mind is its effectiveness. Normally, I don't get involved in the costing too much. Is it doing everything that it said it was going to do? Yes it is, at the moment. Could it be enhanced more? Sure. But we have a relationship with Check Point and they do deliver on the RFEs for us. If we say we want it to do this, they'll get their engineering team looking at that.

We use the product at the perimeter. Since we do not have a branch, only one area is protected by the solution. The networks we have are in a compact area.

I love the product’s flexibility. We can manage the blade without changing the protocols. It is easy to manage how the tool runs the network. The product is easy to deploy. It’s a good firewall. It supports most of our OS, such as Linux and Windows. We can use it even on mobile devices. The browser and data protection are good. The solution has good threat intelligence features.

The network monitoring features must be improved. If my ISP says that they gave me 300 Mbps, I would like to see where the network is used the most and where we are underutilizing it. I need features to monitor the bandwidth. I want features to monitor the upload and download speeds.

I have been using the solution for the last three years.

The technical support is good. I was working on some backups of a hospital management system to the cloud. Check Point provided us with very good support.

Positive

The pricing is very high. The tool’s cost has increased by almost 300% in two years.

I will recommend the tool to others. Overall, I rate the solution eight and a half out of ten.