Check Point Harmony Endpoint Reviews

In my organization, we have selected the Harmony Endpoint tool after an analysis of the market. We wanted to be able to secure the deployed part of our mobile corporate devices in order to start the security processes at the point closest to the user possible. Thanks to its ease of deployment and its power in detecting malware or insecure elements, this tool provides us with the peace of mind we were looking for in an environment of several thousand terminals deployed on the network in very different environments.

By using the Check Point Harmony Endpoint tool we have achieved great visibility, extensive control of our network and our users, and, above all, a level of security against cyber attacks that's more effective than what we had before. Now, we can detect and avoid security incidents and we can better understand the use that our users make of the devices, and, most importantly, we can apply security policies that keep us safe - not only on the organization's own systems but also within the data. The personal information of our users is also very much protected.

When starting to use Check Point's Harmony Endpoint tool, the first thing that strikes us is its great ease of deployment. In our case, it has been a deployment without too many incidents considering that we are talking about a deployment in the tens of thousands of devices. Once deployed, the dashboard and all the inventory information that we have been able to obtain and that we did not know before are very interesting. Of course, one of the key points of Harmony is its great ability to detect threats and keep us safe.

After using Harmony for six months, I still don't have a clear vision of the possible improvements that the tool may need. There are still functionalities that I have not been able to fully test and I would like to spend more time using the tool before offering an opinion to the IT Central community on this point. What is very important, in my opinion, is the remediation or recovery capabilities after an attack. From what I have seen so far, this tool aligns with the quality of Check Point products and the evolution it has is correct and logical. Check Point is always ahead of the needs of the market.

I've been using the solution for 6 months.

No, it is the first tool of this type that we deployed in my organization.

I would advise all organizations to deploy tools of this type for the security they need. As for Harmony, I recommend it 100% for its ease of use, reliability, and reasonable price.

Yes, Microsoft Defender for Endpoint and Cisco Secure Endpoint were evaluated.

Harmony Endpoint helps the company to protect devices from phishing attacks. 

It offers instant notification when it senses any form of external threat that can compromise data. 

It can be easily deployed on both mobile and desktop devices. 

The product has saved my team a lot of time and resources during the project implementation process. 

It responds quickly to data threats that can leak internal information into an unsafe environment. We have accomplished many projects and submitted them successfully to our clients without any challenges since deploying Harmony Endpoint.

This solution provides threat intelligence to all sectors to enhance effective planning and decision-making before we get into trouble. 

It monitors data flow across the networking system to enhance comprehensive workflow infrastructure. 

Real-time monitoring provides essential tools for security configurations that cannot be interfered with by ransomware attacks easily. This is the best solution, far from other related software in attack prediction and threat analysis. It is cloud-based, and teams across the organization find it to be more flexible for real-time analytics.

Network monitoring provides the best reports based on real-time performance, which helps our members locate any drawbacks across the workflow system.

The threat response system from the user dashboard blocks malware attacks that can affect email and the flow of information among colleagues. 

Endpoint protection is fundamental in security enhancement; it's effectively protecting our devices from internet viruses.

The application investigation system enables the IT team to come up with reliable reports on the cause and prevention measures that can be adapted to prevent any future attacks.

The system has comprehensive data management features that have saved us from incurring unplanned losses. 

Timely updates and suitable configurations can block malware attacks and provide effective reports on security situations. 

The setup process was complicated, however, when the customer service team came in, they provided productive guidelines that have kept the system working efficiently. 

The next release should consider a strong threat detection mechanism that can categorize various levels of attacks for faster analysis.

I've used the solution for 18 months.

This platform is highly stable, and the performance is awesome.

The scalability has impressed all relevant teams.

The customer service team is passionate about their work, and they provide timely responses.

Positive

I have not worked with other related products.

The setup was straightforward. We had assistance from the customer support team.

implementation took place through the vendor team.

The targeted ROI has been achieved since we deployed the application.

The setup and cost depend on the number of devices that have to be secured.

I evaluated Intercept X Endpoint. However, it did not impress the entire team.

I am satisfied with the current performance and I thoroughly recommend Harmony Endpoint to other business enterprises.

We resell Harmony Endpoint to many of our SMB customers and also use the product ourselves. It concerns environments of endpoints only, as well as (terminal) servers and a mix of these.

Our customers range from one to two endpoints to 100+ endpoints. In addition, as mentioned above, there are also customers where we deploy the Harmony Endpoint tooling on the servers. This also varies from customers with one or two servers to ten or more servers.

Both we and the customers are very satisfied with the use and functioning of the antivirus.

It is very powerful tooling that can be tuned a lot. It gives a lot of insight via Threat Hunting and stops things that other antivirus packages just let through.

Previous antivirus packages that we used and our customers used did not include a browser plugin. Now that users see that the endpoint really does scan everything on the browser page (such as username and password fields) they also see the added value of an antivirus package on the computer. Since users themselves see this added value, they also understand that they sometimes have to wait a little longer (for example, when downloading files, these are also scanned first).

The Harmony Endpoint browser plugin is powerful tooling that is visibly present and doing its job. 

Previous antivirus packages that we used and our customers used did not include a browser plugin. Now that users see that the endpoint really does scan everything on the browser page (such as username and password fields) they also see the added value of an antivirus package on the computer. 

It would be useful if you could also mark blocks as safe from a client. Now users always have to ask an admin to make exclusions.

In addition, it is also very desirable that there is support for Windows Server core machines.

In addition, it would also be useful if administrators could create exclusions directly from logging into the admin portal, instead of only being told where and how to add the exclusion. This will save work.

It would also perhaps be useful if you could connect from one endpoint directly to another tenant. Instead of having to roll out the endpoint again.

I've used the solution for one year.

The solution is very stable.

The management portal could be a bit faster. Sometimes we are waiting for pages.

It's very easy to create a support ticket and they always provide quick answers.

Positive

We previously used Trend Micro and ESET. We couldn't manage the endpoints of multiple customers centrally.

The initial setup was straightforward.

We handled the implementation in-house.

I'd advise users to buy a bundle with more Check Point products in it to better secure their organization and save money.

We did not evaluate other options. We use more Check Point products and are very happy about it.

The solution is primarily used for protecting endpoints.

Harmony Endpoint is a complete endpoint security solution built to protect the remote workforce from today’s complex threat landscape. 

It prevents the most imminent threats to the endpoint such as ransomware, phishing or drive-by malware, while quickly minimizing breach impact with autonomous detection and response. This way, your organization gets all the endpoint protection it needs, at the quality it deserves, in a single, efficient, and cost-effective solution and able to detect/block/monitor and response to any malicious activity happening on the endpoint. With the single agent deployed on the endpoint, it's able to provide complete EDPR functionality with help of multiple security features/modules.

Harmony Endpoint provides complete EDPR functionality using multiple modules/features which are available with the solution such as Compliance, Anti-Malware, Media Encryption and Port Protection, Firewall and Application Control, Full Disk Encryption, Remote access VPN, Capsule DOC, URL Filtering. Anti-Bot, Anti-Ransomware, Behaviour Guard, Forensic, Threat Emulation, and Anit-Exploit.

We are able to protect endpoints from any next generation of attack and modules can be enabled/disabled based on organization requirements. Harmony Endpoint is able to detect/block/monitor and mitigate attacks at an endpoint using logs which is been captured by an agent installed on the endpoint. 

Agents send telemetry/metadata to a centralized console for forensic purposes. Policies for the endpoints can be created based on the user name or endpoint. 

Integration with a threat intel platform for blocking any attack at an early stage is great. The complete solution can be hosted on-prem or via SaaS - a cloud remote access VPN is provided as default in base licence. 

Different policy servers can be configured and hosted at each location so the agent does not have to reach a central location to take policy updates. Policy servers are created using OVF file which can be installed on any virtual platform such as VMware. This offers a more secure way of communication between the policy server and the management console (using certificate/SIC communication). 

Agent footprints are low on endpoints and integration with other security solutions is great for sharing threat intel within an organizational network or over the cloud. Anti-ransomware modules are very strong and are able to detect any ransomware attacks at a very early stage. 

The host-based firewall policy configuration is simple. 

The solution allows us to reduce the attack surface via:

• Host Firewall
• Application Control
• Compliance
NGAV: Prevent Attacks Before They Run

• Anti-Malware
• ML based NGAV
  GAV: Runtime Detection and Protection
  
  • Anti-Ransomware
  • Behavioral Guard
  • Anti-Bot
  • Anti-Exploit
    Web Protection
    
    • Zero-day Phishing site protection
    • Corporate Password Reuse Protection
    • URL Filtering
    • Malicious site protection
      Attack Investigation and Response
      
      • Forensics collection and detection
      • Forensics report – incident visibility, MITRE mapping
      • Automated attack chain full sterilization
      • Ransomware encrypted files restoration
      • Threat Hunting
        Data Protection
        
        • Host Encryption
        • Media encryption and port protection
          Mobile Protection
          
          • iOS Protection
          • Android Protection
            Centralized Management
            
            • Cloud Management
            • On-Prem Management 

The solution has limitations if it's hosted on-premise or as a SaaS. You need to plan accordingly on the model that suits the organization. On-Premise, for example, does not support threat hunting. Hosting on the cloud will have an impact on the user who is connecting to a central location for internet access as it will add infra cost. 

We also need to look over the expertise of the support executives who require more training and focus as well in this service area and if we can think over the cost of the product.

We're using the product to secure our endpoint users internally and for a hybrid workplace setting. 

We wanted to replace Windows Defender with a more professional solution and, after checking some vendors, we opted for Check Point since we've been using their firewall product for quite some time.

The license tier is also nice as we can buy licenses to specific cases and save some money on that end. 

The inclusion of URL filtering was a plus since we replaced another product we used in the company.

We're able to secure all endpoints and manage them from a single console. 

Being able to set policies linked to Active Directory objects made the administration of the platform much simpler and the documentation of those policies very easy. We can just change a setting on Active Directory and the computer gets a totally different policy in a matter of minutes. Of course, this syncronization time must be set up in advance on an agent machine. However, it is a very easy task to do.

The drive encryption was another feature we implemented with the product.

The management of all endpoint settings from a single portal does not need to use more than this one to set all the policies. We used the deployment of this product to push drive encryption to some of the more sensitive users of the company since we haven't had any solution to this problem.

We're also using application control to block some unwanted apps from being executed on clients, however, sometimes the management of those apps can be a little time-consuming due to newer versions being released often.

The lack of time setting for policy application, for example, from 8 am to 9 am, to have a policy applied and then from 9 am to 10 am for another one.

A more responsive UI would be nice. Sometimes, with a lot of clients (1,000) the UI is a bit sluggish.

The operation of reinstalling a machine also requires a bit of work since we have to delete the object before installing the app on a formatted operating system. It should be able to lock settings and licenses to the machine ID that never changes with an OS installation.

I've used the solution for one year.

We primarily use it for end-to-end security for endpoints and the co-relation of events from one single console. We have been able to protect our endpoints with Harmony. The user experience is also good and there is not too much to be done with respect to the endpoint changes (the best part). Features like Threat Emulation/Threat Extraction, Antibot, Anti- Exploit, Anti Ransomware protection, UBA, Zero-day Phishing protection, Behavioral Guard, Encryption, VPN, and compliance makes it more powerful and helpful to our security team in order to protect the environment.

Our organization's overall security posture has improved with Harmony Endpoint protection. This has helped to secure against all modern age threats and risks that came in during the pandemic. 

During the pandemic, the users, for example, have been forced to work from home and that's been forcing the IT to do overtime to protect the endpoints. After introducing Harmany Endpoint we have seen the incident levels going down to close to zero. 

The single dashboard provides complete visibility over endpoint security and the administration can view the actionable tasks to follow up easily without searching across multiple reports/consoles. 

All of the available features are good (for example Threat Emulation/Threat Extraction, Antibot, Anti-Exploit, Anti-Ransomware protection, UBA, Zero-day Phishing protection, Behavioral Guard, Encryption, VPN, and compliance), however, the one I have thought to be very valuable is the Ransomware Protection Feature which has been used widely during the pandemic. It protects as well as saves original file copies to prevent data loss.

Forensic Analysis provides a complete analysis of threats via detailed reports. The threat prevention, which includes a detailed threat landscape is very good.

The VPN connectivity and compliance check are also very good features.

Support's service and the response times can be improved. The triaging of the tickets takes a long time and the tickets are only resolved with escalations. 

With respect to the product, we feel Endpoint vulnerability management is one of the modules that is missing and it is something that is required. Adding this will strengthen the product and help in taking proactive steps towards protecting the environment.

DLP Module & Patching are required from an endpoint perspective. It would be good to add those in an upcoming release/version.

I've used the solution for more than 6 months.

We have deployed it on the cloud which helps it to be scalable and cost-effective.

We were using multiple solutions to protect the environment in the past. These include solutions such as McAfee, Websence DLP, encryption, etc. however, now it is all happening with this one tool and console 

Easy to set up and start using.

A single administrator can manage the complete solution. It's easy to deploy and does not require any additional effort. We're able to have multiple solutions within a single solution.

We implemented the product with the help of our OEM and our in-house team. There were no major challenges during implementation or even in day-to-day operations.

Harmony Endpoint, in terms of the deployment, integration, and setup, costs less than other solutions.

Yes, we evaluated other products as well, however, with respect to feature price and integration availability, we selected this product.

Harmony Endpoint is a good product and scalable with business growth. 

We use it to manage our entire network and protect network traffic in terms of files that go out and come in. This protects our network between any platform we access or interactions between our clients and us. Also, it helps to monitor and block malicious applications, then it prevents these sites from accessing our stuff.

We use it for the endpoints and all the additional points which access the network in the organization. It protects everything across the board, from the server to the many other devices, like your phones and laptops. 

In terms of network usage, it actually reduced the amount of malicious attacks that we had. Before, we really didn't have a secure network. Each endpoint had to protect itself and probably most of them were not actually protected. Now, it's an entire process in which we've been able to cut down significantly the amount of malicious attacks by 60 percent that we get in the organization. It helps us to adequately monitor what has been going on with our network traffic and stopping individual attacks from accessing certain sites where we want to have restrictions or limitations.

The sandboxing feature: I like the entire process. It's one thing for it to detect, but another thing to have a remediation plan. It actually extracts out what we need to make it a clean file. 

There should be some way of managing this solution outside the organization's network, possibly with some type of remote access. For example, if I'm the admin of Check Point who manages the entire network, I would like to have access on my home device or maybe a mobile app to get reports, etc.

I have been using it since sometime from the beginning of last year.

It works just fine. I haven't experienced any issues.

It scales well. It accommodates all the endpoints that we have in our organization. As we grow, we do plan to increase usage.

We use it in our entire organization. Every staff person and device has access to the solution. We have approximately 250 endpoints. 

We have 10 IT managers and systems engineers directly working on it. I also work with the solution as a business analyst/developer.

The technical support is good. It is a straightforward solution. We have not really needed to call for anything because they train you on how to use this solution. You already have the IPS working and know how that works. It's not something that is complex.

We were previously using Sophos. We switched to Check Point because the pricing was much cheaper (by 25 percent).

The initial setup was straightforward. You're required to have some administrative training on how to use the solution. The deployment took between three to six months.

We worked directly with the vendor. The vendor had a partner in my region. Therefore, we worked directly with the partner, who was also working with Check Point. So far, the experience has been great. They were efficient. We have been able to achieve the reason why we set up and procured this solution.

We have seen ROI. It reduces malicious attacks and restricts users from accessing sites via our network.

As we grow, we've been given room to add additional licenses in terms of all our endpoints. 

In terms of licensing, have a buffer zone around your projects in terms of the amount of endpoints that you want to have. You can always have more, but it is best to leave room for a little increase or growth. 

The solution is too pricey.

We only evaluated Check Point and Sophos. There are only two really good cybersecurity solutions locally. You are either doing Sophos or Check Point. It is one or the other.

It is a great fit for any organization. I would rate the solution a 10 out of 10.

We primarily use the solution to prevent and detect the abnormalities and viruses on endpoints. 

It's also to monitor endpoints and the use of endpoints when it comes to identifying items like USB sticks, etc. because it's not really in our company policy to allow the use of a USB at work stations.

The most valuable feature is the integration with Check Point's firewalls. You can have one port, and follow the logs from both Endpoint and firewall security.

The solution could improve VPN functionality and the VPN user-interface.

The solution is very stable. We are quite happy with the solution, and we have had very few issues with it.

Scalability is very good. 

Technical support is fairly good. I'd rate it three out five. It's fairly good, but not optimal. 

Check Point could offer better personal support. They have a ticket system, but once you create a ticket, it can take up to seven to days before you get any feedback at all. Depending on the situation or the problem that we have, that's far too long.

We previously had a Cisco solution.

The initial setup was complex. From an IT department perspective, we don't have that many IT technicians, so, for us, it was complex. If we had put an IT engineer on Check Point, it might have been easier. 

Implementation took about two days. The strategy was to do the implementation outside of office hours, so it was actually done over a weekend.

We are outsourcing the maintenance, which is about 4 hours of work a month.

We had a consultant assist us in the implementation.

We pay roughly 80,000 Swedish krona per year. When it comes to the firewall, it's roughly 150,000 Swedish krona yearly. There's also maintenance, of course, which is roughly 10,000 krona per month.

We evaluated a few solutions, including Cylance. We evaluated the existing solutions and compared them to Check Point.

My advice to others considering implementing the solution is, depending of course on if the company is looking for a new kind of firewall solution, is "Don't do it yourself."

I would rate the solution eight out of ten.