Check Point Harmony Endpoint Reviews

We primarily use this solution as the main firewall for the perimeter of the hospital. We use the firewall itself for URL filtering, application filtering, and identity awareness.

Before we used this solution, our mail used to have a lot of spam and most of the time our main email account was blacklisted. Now it works well; we are whitelisted by all organizations, including Google. Also, the security of our institution has really improved.

They should provide bandwidth regulation so we can monitor and regulate bandwidth.

It's 100% stable. It has never failed me in all the years I've used it.

I do not think I have had any higher scale than now. Initially, we used the R77.3, but I have just upgraded to the Gaia R80 operating system. For the amount of user we need, it usually works well. We have 5,000 users on it and it is still running okay.

Actually, we have already ordered two more boxes. We are waiting for them to arrive in the hospital. They are both from the 15400 series.

The technical support is fine. We've got a good relationship with the company. If there is any problem, they respond very well and fast.

For maintenance, we have a service agreement with the vendor who brought it to our institution.

We had SonicWall, but it was not stable. With the number of users we needed, SonicWall became a bit overwhelmed.

When we started it the initial setup was very complex. I have never been given any training on Check Point. I had to learn on the job.

The deployment did not take long, the guys who came to the place from Check Point did it very fast, it was a fast thing, within a day or two.

Return on investment was the first thing we checked. We are okay in that regard. We are not complaining.

We pay on an annual basis. There are no additional fees, they mostly tell us what we have to pay. We have budgeted for it.

We looked at firewalls from Fortinet and Barracuda. We even brought guys here to test their solutions, but they were no match for Check Point. We are comfortable now with Check Point.

My advice is to get Check Point, even without trying it first. Use it, and you will be very, very secure. Check Point guarantees the security and stability of your network.

I would rate this solution as nine out of ten.

This software enhances the security of our remote workforce. It creates safe collaboration routes that cyber attacks cannot compromise. Data safety and communication infrastructure have been well maintained since we deployed this software. 

Endpoint protection has enabled teams to complete projects faster and monitor workflows efficiently. 

It has automated security protocols to cover the wide networking area in the enterprise. Check Point Harmony Endpoint has deployed comprehensive security that prevents any external attacks that may be a threat to our internal policies.

This software has quashed many security threats that could affect operations and slow down production. 

When sending emails to my colleagues, it detects any virus and blocks any spam that may be shared. It is flexible and gives the IT team full access and control during deployment. 

We have been able to attain security compliance and requirements for an excellent working environment. 

The entire organization has been doing well since we deployed this software due to safe collaboration channels and improved security data awareness.

The total cost of ownership has enabled the company's teams to identify any areas with security weaknesses and appropriately assign security models. 

The log4j-related attacks blocking system detects any vulnerable endpoints in advance. 

Identifying ransomware behaviors has upgraded the security monitoring system and put measures in place to curb such threats. 

When browsing, it blocks phishing sites that may hack personal data and leak to internet cyber criminals. 

The endpoint behavioral guard identifies online threats that easily prevent credential theft that may lead to funding theft.

The current performance of Check Point Harmony Endpoint has impressed all the sectors in the organization.

Configuration with some applications did not take place effectively due to setup complications. 

Interpreting the threat intelligence sensors may lead to poor data tabulation and slow performance. 

The cost of deployment and maintenance is high, and many small enterprises may not be able to afford premium subscriptions. 

The set security enhancement objectives have been achieved, and internet threats have been blocked effectively. I totally recommend this software to other organizations for reliable endpoint protection.

I've used the solution for two years.

This software offers a stable performance.

The performance is good, and I am impressed by the overall output.

We have been served well by customer service since we started engaging them.

Positive

I have no experience with any other product.

The setup was straightforward.

Deployment was done by the vendor team.

The targeted ROI has been achieved, and there is increasing growth.

The setup and pricing are flexible depending on company size and security demands.

I have only worked with Check Point Harmony Endpoint.

Comprehensive security for the company's network infrastructure is essential, and this is what this platform has provided.

In my organization, we have selected the Harmony Endpoint tool after an analysis of the market. We wanted to be able to secure the deployed part of our mobile corporate devices in order to start the security processes at the point closest to the user possible. Thanks to its ease of deployment and its power in detecting malware or insecure elements, this tool provides us with the peace of mind we were looking for in an environment of several thousand terminals deployed on the network in very different environments.

By using the Check Point Harmony Endpoint tool we have achieved great visibility, extensive control of our network and our users, and, above all, a level of security against cyber attacks that's more effective than what we had before. Now, we can detect and avoid security incidents and we can better understand the use that our users make of the devices, and, most importantly, we can apply security policies that keep us safe - not only on the organization's own systems but also within the data. The personal information of our users is also very much protected.

When starting to use Check Point's Harmony Endpoint tool, the first thing that strikes us is its great ease of deployment. In our case, it has been a deployment without too many incidents considering that we are talking about a deployment in the tens of thousands of devices. Once deployed, the dashboard and all the inventory information that we have been able to obtain and that we did not know before are very interesting. Of course, one of the key points of Harmony is its great ability to detect threats and keep us safe.

After using Harmony for six months, I still don't have a clear vision of the possible improvements that the tool may need. There are still functionalities that I have not been able to fully test and I would like to spend more time using the tool before offering an opinion to the IT Central community on this point. What is very important, in my opinion, is the remediation or recovery capabilities after an attack. From what I have seen so far, this tool aligns with the quality of Check Point products and the evolution it has is correct and logical. Check Point is always ahead of the needs of the market.

I've been using the solution for 6 months.

No, it is the first tool of this type that we deployed in my organization.

I would advise all organizations to deploy tools of this type for the security they need. As for Harmony, I recommend it 100% for its ease of use, reliability, and reasonable price.

Yes, Microsoft Defender for Endpoint and Cisco Secure Endpoint were evaluated.

Harmony Endpoint helps the company to protect devices from phishing attacks. 

It offers instant notification when it senses any form of external threat that can compromise data. 

It can be easily deployed on both mobile and desktop devices. 

The product has saved my team a lot of time and resources during the project implementation process. 

It responds quickly to data threats that can leak internal information into an unsafe environment. We have accomplished many projects and submitted them successfully to our clients without any challenges since deploying Harmony Endpoint.

This solution provides threat intelligence to all sectors to enhance effective planning and decision-making before we get into trouble. 

It monitors data flow across the networking system to enhance comprehensive workflow infrastructure. 

Real-time monitoring provides essential tools for security configurations that cannot be interfered with by ransomware attacks easily. This is the best solution, far from other related software in attack prediction and threat analysis. It is cloud-based, and teams across the organization find it to be more flexible for real-time analytics.

Network monitoring provides the best reports based on real-time performance, which helps our members locate any drawbacks across the workflow system.

The threat response system from the user dashboard blocks malware attacks that can affect email and the flow of information among colleagues. 

Endpoint protection is fundamental in security enhancement; it's effectively protecting our devices from internet viruses.

The application investigation system enables the IT team to come up with reliable reports on the cause and prevention measures that can be adapted to prevent any future attacks.

The system has comprehensive data management features that have saved us from incurring unplanned losses. 

Timely updates and suitable configurations can block malware attacks and provide effective reports on security situations. 

The setup process was complicated, however, when the customer service team came in, they provided productive guidelines that have kept the system working efficiently. 

The next release should consider a strong threat detection mechanism that can categorize various levels of attacks for faster analysis.

I've used the solution for 18 months.

This platform is highly stable, and the performance is awesome.

The scalability has impressed all relevant teams.

The customer service team is passionate about their work, and they provide timely responses.

Positive

I have not worked with other related products.

The setup was straightforward. We had assistance from the customer support team.

implementation took place through the vendor team.

The targeted ROI has been achieved since we deployed the application.

The setup and cost depend on the number of devices that have to be secured.

I evaluated Intercept X Endpoint. However, it did not impress the entire team.

I am satisfied with the current performance and I thoroughly recommend Harmony Endpoint to other business enterprises.

We resell Harmony Endpoint to many of our SMB customers and also use the product ourselves. It concerns environments of endpoints only, as well as (terminal) servers and a mix of these.

Our customers range from one to two endpoints to 100+ endpoints. In addition, as mentioned above, there are also customers where we deploy the Harmony Endpoint tooling on the servers. This also varies from customers with one or two servers to ten or more servers.

Both we and the customers are very satisfied with the use and functioning of the antivirus.

It is very powerful tooling that can be tuned a lot. It gives a lot of insight via Threat Hunting and stops things that other antivirus packages just let through.

Previous antivirus packages that we used and our customers used did not include a browser plugin. Now that users see that the endpoint really does scan everything on the browser page (such as username and password fields) they also see the added value of an antivirus package on the computer. Since users themselves see this added value, they also understand that they sometimes have to wait a little longer (for example, when downloading files, these are also scanned first).

The Harmony Endpoint browser plugin is powerful tooling that is visibly present and doing its job. 

Previous antivirus packages that we used and our customers used did not include a browser plugin. Now that users see that the endpoint really does scan everything on the browser page (such as username and password fields) they also see the added value of an antivirus package on the computer. 

It would be useful if you could also mark blocks as safe from a client. Now users always have to ask an admin to make exclusions.

In addition, it is also very desirable that there is support for Windows Server core machines.

In addition, it would also be useful if administrators could create exclusions directly from logging into the admin portal, instead of only being told where and how to add the exclusion. This will save work.

It would also perhaps be useful if you could connect from one endpoint directly to another tenant. Instead of having to roll out the endpoint again.

I've used the solution for one year.

The solution is very stable.

The management portal could be a bit faster. Sometimes we are waiting for pages.

It's very easy to create a support ticket and they always provide quick answers.

Positive

We previously used Trend Micro and ESET. We couldn't manage the endpoints of multiple customers centrally.

The initial setup was straightforward.

We handled the implementation in-house.

I'd advise users to buy a bundle with more Check Point products in it to better secure their organization and save money.

We did not evaluate other options. We use more Check Point products and are very happy about it.

The solution is primarily used for protecting endpoints.

Harmony Endpoint is a complete endpoint security solution built to protect the remote workforce from today’s complex threat landscape. 

It prevents the most imminent threats to the endpoint such as ransomware, phishing or drive-by malware, while quickly minimizing breach impact with autonomous detection and response. This way, your organization gets all the endpoint protection it needs, at the quality it deserves, in a single, efficient, and cost-effective solution and able to detect/block/monitor and response to any malicious activity happening on the endpoint. With the single agent deployed on the endpoint, it's able to provide complete EDPR functionality with help of multiple security features/modules.

Harmony Endpoint provides complete EDPR functionality using multiple modules/features which are available with the solution such as Compliance, Anti-Malware, Media Encryption and Port Protection, Firewall and Application Control, Full Disk Encryption, Remote access VPN, Capsule DOC, URL Filtering. Anti-Bot, Anti-Ransomware, Behaviour Guard, Forensic, Threat Emulation, and Anit-Exploit.

We are able to protect endpoints from any next generation of attack and modules can be enabled/disabled based on organization requirements. Harmony Endpoint is able to detect/block/monitor and mitigate attacks at an endpoint using logs which is been captured by an agent installed on the endpoint. 

Agents send telemetry/metadata to a centralized console for forensic purposes. Policies for the endpoints can be created based on the user name or endpoint. 

Integration with a threat intel platform for blocking any attack at an early stage is great. The complete solution can be hosted on-prem or via SaaS - a cloud remote access VPN is provided as default in base licence. 

Different policy servers can be configured and hosted at each location so the agent does not have to reach a central location to take policy updates. Policy servers are created using OVF file which can be installed on any virtual platform such as VMware. This offers a more secure way of communication between the policy server and the management console (using certificate/SIC communication). 

Agent footprints are low on endpoints and integration with other security solutions is great for sharing threat intel within an organizational network or over the cloud. Anti-ransomware modules are very strong and are able to detect any ransomware attacks at a very early stage. 

The host-based firewall policy configuration is simple. 

The solution allows us to reduce the attack surface via:

• Host Firewall
• Application Control
• Compliance
NGAV: Prevent Attacks Before They Run

• Anti-Malware
• ML based NGAV
  GAV: Runtime Detection and Protection
  
  • Anti-Ransomware
  • Behavioral Guard
  • Anti-Bot
  • Anti-Exploit
    Web Protection
    
    • Zero-day Phishing site protection
    • Corporate Password Reuse Protection
    • URL Filtering
    • Malicious site protection
      Attack Investigation and Response
      
      • Forensics collection and detection
      • Forensics report – incident visibility, MITRE mapping
      • Automated attack chain full sterilization
      • Ransomware encrypted files restoration
      • Threat Hunting
        Data Protection
        
        • Host Encryption
        • Media encryption and port protection
          Mobile Protection
          
          • iOS Protection
          • Android Protection
            Centralized Management
            
            • Cloud Management
            • On-Prem Management 

The solution has limitations if it's hosted on-premise or as a SaaS. You need to plan accordingly on the model that suits the organization. On-Premise, for example, does not support threat hunting. Hosting on the cloud will have an impact on the user who is connecting to a central location for internet access as it will add infra cost. 

We also need to look over the expertise of the support executives who require more training and focus as well in this service area and if we can think over the cost of the product.

We primarily use it for end-to-end security for endpoints and the co-relation of events from one single console. We have been able to protect our endpoints with Harmony. The user experience is also good and there is not too much to be done with respect to the endpoint changes (the best part). Features like Threat Emulation/Threat Extraction, Antibot, Anti- Exploit, Anti Ransomware protection, UBA, Zero-day Phishing protection, Behavioral Guard, Encryption, VPN, and compliance makes it more powerful and helpful to our security team in order to protect the environment.

Our organization's overall security posture has improved with Harmony Endpoint protection. This has helped to secure against all modern age threats and risks that came in during the pandemic. 

During the pandemic, the users, for example, have been forced to work from home and that's been forcing the IT to do overtime to protect the endpoints. After introducing Harmany Endpoint we have seen the incident levels going down to close to zero. 

The single dashboard provides complete visibility over endpoint security and the administration can view the actionable tasks to follow up easily without searching across multiple reports/consoles. 

All of the available features are good (for example Threat Emulation/Threat Extraction, Antibot, Anti-Exploit, Anti-Ransomware protection, UBA, Zero-day Phishing protection, Behavioral Guard, Encryption, VPN, and compliance), however, the one I have thought to be very valuable is the Ransomware Protection Feature which has been used widely during the pandemic. It protects as well as saves original file copies to prevent data loss.

Forensic Analysis provides a complete analysis of threats via detailed reports. The threat prevention, which includes a detailed threat landscape is very good.

The VPN connectivity and compliance check are also very good features.

Support's service and the response times can be improved. The triaging of the tickets takes a long time and the tickets are only resolved with escalations. 

With respect to the product, we feel Endpoint vulnerability management is one of the modules that is missing and it is something that is required. Adding this will strengthen the product and help in taking proactive steps towards protecting the environment.

DLP Module & Patching are required from an endpoint perspective. It would be good to add those in an upcoming release/version.

I've used the solution for more than 6 months.

We have deployed it on the cloud which helps it to be scalable and cost-effective.

We were using multiple solutions to protect the environment in the past. These include solutions such as McAfee, Websence DLP, encryption, etc. however, now it is all happening with this one tool and console 

Easy to set up and start using.

A single administrator can manage the complete solution. It's easy to deploy and does not require any additional effort. We're able to have multiple solutions within a single solution.

We implemented the product with the help of our OEM and our in-house team. There were no major challenges during implementation or even in day-to-day operations.

Harmony Endpoint, in terms of the deployment, integration, and setup, costs less than other solutions.

Yes, we evaluated other products as well, however, with respect to feature price and integration availability, we selected this product.

Harmony Endpoint is a good product and scalable with business growth. 

We use it to manage our entire network and protect network traffic in terms of files that go out and come in. This protects our network between any platform we access or interactions between our clients and us. Also, it helps to monitor and block malicious applications, then it prevents these sites from accessing our stuff.

We use it for the endpoints and all the additional points which access the network in the organization. It protects everything across the board, from the server to the many other devices, like your phones and laptops. 

In terms of network usage, it actually reduced the amount of malicious attacks that we had. Before, we really didn't have a secure network. Each endpoint had to protect itself and probably most of them were not actually protected. Now, it's an entire process in which we've been able to cut down significantly the amount of malicious attacks by 60 percent that we get in the organization. It helps us to adequately monitor what has been going on with our network traffic and stopping individual attacks from accessing certain sites where we want to have restrictions or limitations.

The sandboxing feature: I like the entire process. It's one thing for it to detect, but another thing to have a remediation plan. It actually extracts out what we need to make it a clean file. 

There should be some way of managing this solution outside the organization's network, possibly with some type of remote access. For example, if I'm the admin of Check Point who manages the entire network, I would like to have access on my home device or maybe a mobile app to get reports, etc.

I have been using it since sometime from the beginning of last year.

It works just fine. I haven't experienced any issues.

It scales well. It accommodates all the endpoints that we have in our organization. As we grow, we do plan to increase usage.

We use it in our entire organization. Every staff person and device has access to the solution. We have approximately 250 endpoints. 

We have 10 IT managers and systems engineers directly working on it. I also work with the solution as a business analyst/developer.

The technical support is good. It is a straightforward solution. We have not really needed to call for anything because they train you on how to use this solution. You already have the IPS working and know how that works. It's not something that is complex.

We were previously using Sophos. We switched to Check Point because the pricing was much cheaper (by 25 percent).

The initial setup was straightforward. You're required to have some administrative training on how to use the solution. The deployment took between three to six months.

We worked directly with the vendor. The vendor had a partner in my region. Therefore, we worked directly with the partner, who was also working with Check Point. So far, the experience has been great. They were efficient. We have been able to achieve the reason why we set up and procured this solution.

We have seen ROI. It reduces malicious attacks and restricts users from accessing sites via our network.

As we grow, we've been given room to add additional licenses in terms of all our endpoints. 

In terms of licensing, have a buffer zone around your projects in terms of the amount of endpoints that you want to have. You can always have more, but it is best to leave room for a little increase or growth. 

The solution is too pricey.

We only evaluated Check Point and Sophos. There are only two really good cybersecurity solutions locally. You are either doing Sophos or Check Point. It is one or the other.

It is a great fit for any organization. I would rate the solution a 10 out of 10.