Check Point Harmony Mobile Reviews

We use Harmony Mobile to protect our workers' mobile devices. There are about 300 users, including everybody from executives to regular engineers. We plan to increase usage, but we are waiting on an executive decision. They'll decide whether to cut costs or increase use. 

We like Harmony's ability to encrypt transactions between mobile devices. All the user's transactions are encrypted. That's an excellent feature. We can detect, quarantine, and address any issues in the handset itself. 

Harmony has more support for Android OS as opposed to iOS. You need a third-party MDM solution to integrate with iOS. If you don't have an MDM, your app can't scan on an iOS device. The solution can scan everything on Android. It sees all your apps. 

We have had Harmony Mobile for about three years. We're both a customer and a partner. The partner is the enterprise division of our organization, and we are a customer, but we cannot purchase it ourselves. We have to go to a third party. Acquisition is more from the customer base, but my company also is a partner.

We haven't had any issues with Harmony crashing our system.

Deploying Harmony was straightforward.  You can deploy it using an MDM solution, but we didn't have one at the time. We deployed by email or SMS, and was relatively simple. 

We explored the MDM part with Google but ran into some issues because the feature required for this integration requires an enterprise license. We have three staff members responsible for implementing and managing the solution.  

The license was pretty reasonable. I don't have a figure right now, but I think it was somewhere between $10 and $30 per user. 

We evaluated VMware Workspace ONE, and VMware also had an MDM that we looked at at the time. Even the McAfee MVISION right now also comes with mobile device management as well.

I rate Check Point Harmony eight out of 10.

My advice for enterprises thinking about Harmony is to consider your device type. If your users are predominantly on Android, it's a good solution. If it's primarily iOS users, you might need to deploy an MDM before buying it. An MDM that covers both operating systems is a significant factor to consider. It will determine how easy it is to deploy it and how much control you have over the profiles.

Our primary use case for the product is to secure corporate mobile devices, particularly those containing critical information or used by VIPs within our organization.

The platform's app scanning feature is valuable as it checks app reliability and identifies potential security risks, which is crucial for maintaining secure mobile environments.

The solution's false positive detection could be improved to reduce unnecessary alerts, the app's performance optimized to minimize device impact, and policy management simplified for easier deployment.

I have been using Check Point Harmony Mobile for approximately one and a half years.

The platform is scalable for larger organizations, but customization complexities in policy management can make deployment more challenging for extensive device quantity.

We used other security solutions previously but switched to Check Point Harmony Mobile due to its comprehensive feature set and reputation for effective mobile security.

The setup was relatively straightforward but could be challenging for less technically inclined users due to policy customization requirements.

We implemented the product with the help of our internal team, leveraging our cybersecurity and mobile device management expertise.

The improved security and reduced maintenance overhead contribute to a positive return on investment for our organization.

The product pricing is reasonable for the security it provides. 

We evaluated several alternatives, including SentinelOne and CrowdStrike, but ultimately chose Harmony Mobile for its robust security features and ease of deployment.

Harmony Mobile has significantly enhanced our mobile device security by effectively scanning apps for reliability, monitoring network connections for threats, and ensuring data protection.

It has been a reliable solution for our organization, significantly improving our mobile device security without excessive maintenance requirements.

I rate it a nine out of ten. 

One of the main reasons why the implementation of Check Point Harmony Mobile was chosen was due to the fact that we needed a tool that had control and monitoring over mobile devices. Harmony Mobile provided us with that functionality. In this way, we were able to close a security gap that was affecting our organization. 

With this solution, users could connect to the organization and access the corporate data and thus comply with a more secure standard. 

Each mobile has applied policies through the Harmony Mobile panel and control the access

One of the great improvements that Harmony Mobile gave us is that it was possible to protect the mobile devices of each one of the users and thus not depend on the users to implement adequate security themselves. With a simple mistake or moment of carelessness, a user can accidentally cause great damage to sensitive company information.

With Harmony Mobile, users do not worry. It transmits all the security to this tool. Currently, with what has been happening in the world with Covid, many workers are working from home and with this solution, we can limit third-party access to devices.

It's important for it to have the main functions of Mobile Device Management (MDM), such as task automation, automatic application updates, they should also improve compatibility with other mobile device management (MDM) products on the market, ensuring correct operation between SandBlast Mobile and MDM. It's important for Point Harmony Mobile to be included in a broader offering so that it is not just a standalone product.

Harmony Mobile introduces many innovative features. One of them is URL filtering, which is very valuable in this tool. It offers to filter apps, protect privacy, and reject malicious or unauthorized downloads. It allows us to get an idea of how it protects the application through certain security levels that are threats, network applications and devices. Its administration and configuration is very simple. It is easy to use with its friendly interface, the solutions helped a lot to the security of the company.

Harmony Mobile is one of the first tools that we implemented in the organization when we entered into the protection of mobile devices. For many years all our staff did not have any restrictions on mobile devices. 

An improvement would be the compatibility of linking local and cloud solutions to create a hybrid scenario. They should allow adding a SIEM for additional functions. That said, in relation to the characteristics that it currently presents, it satisfactorily complies with the security of mobile devices.

One of the improvements that can be made is that they become compatible with Google MDM. 

When it comes to scanning the network, sometimes my SSI ID does not appear; it would also be a great plus if they could make a unified console where you can manage several Check Point products and thus not be opening different consoles to manage different products.

I have been using about three years.

The stability of the product is very good and it generates an excellent amount of monitoring reports.

It is a very scalable tool.

With the support, we have had good and bad experiences. Sometimes they take time to respond. Sometimes they give an accurate solution to the error presented.

Positive

A mobile device solution had not previously been implemented.

One of the parts that worried us was its configuration and administration, however, it was extremely simple.

The installation was done with a seller who demonstrated his ability and handling of the tool.

The investment made with this tool is very good. The information will be guaranteed, therefore, every penny invested is a good investment.

The cost is affordable. It competes with other technologies and the installation is easy to implement.

We have not opted for other technologies since we have implemented the Check Point line into our company.

It is a good tool that can be implemented in the organization and be sure that it will protect your mobile devices.

We used the solution to provide mobile threat defense for mobile devices (predominantly Apple iPhone/iPad). We evaluated numerous solutions from competitors including IBM, Better Mobile, Trend Micro, and others. Check Point is attractive since they are a market-leading firewall vendor and therefore we trust their filtering in terms of web and link protection beyond others who may rely on smaller or third-party feeds. We also found that the breadth of protections including app analysis and WiFi spoofing validation were helpful.

The solution was easy to deploy and provided a useful security enhancement for mobile devices. It allowed us to extend filtering technologies that we would generally expect to be available within an edge firewall to mobile devices - such as web content filtering and URL protection. With the prevalence of mobile phishing (including SMS phish which circumvents email filters), we felt that this was a useful security layer. Check Point is also a provider that we felt we could trust when adding products to our security stack.

The integration with Microsoft Intune scoped to the security group made deployment a breeze. Certainly, once the initial configuration was in place the process was smooth and devices began to appear in the Check Point Harmony portal automatically. Adding web and link protection was considered to be a valuable security enhancement and is a key benefit of using mobile threat defense. The fact that the product can also highlight changes in public IP addresses for known corporate WiFi SSIDs also helps to alert or prevent spoofing of internal WiFi networks.

We had some issues with loopback VPN DNS filtering stopping working periodically, however, this is something that we could probably iron out with support. In the end, we ended up disabling this feature and using Umbrella (which we also use). It is of course highly possible that we could have addressed this with their support team but in our scenario, it was easier to disable the functionality and run with a separate product that we already had available. Certainly, everything else worked fine and the alerts were very useful.

I first used the solution several years ago.

We had no stability issues with the solution save for the periodic VPN loopback internet outages with iOS agents that I'm sure could be resolved with support.

We don't foresee any obvious limits with the scalability of the solution for all but the largest of organizations.

Support engineers were friendly and communicable.

Positive

We had previously trialed better mobile but the minimum onboarding/barrier of entry costs were too steep. We are also more familiar with the Check Point brand. We've also used Trend Micro before yet found the feature set for iOS devices to be slim.

The solution has a straightforward setup - especially with Intune integration.

We did an in-house implementation.

ROI is impossible to compute.

Setup and recurring costs seemed reasonable and in line with other Check Point products.

We did evaluate IBM, Trend Micro, Better Mobile, and others.

We use SandBlast Mobile, integrated with our MDM for automatic deployment of solutions on our devices. This is for our corporate mobile devices, and also for BYOD (Bring your own device) cases. This works well for the users that want access to our corporate repositories for accessing information.

SandBlast is always monitoring their activity including the applications that are installed or they are trying to install, not allowing apps that are not 100% trusted, receiving logging alerts, etc., to take care of our devices and avoid their comprise. 

SandBlast Is providing a real security approach, not only AV like other vendor solutions.

Continuously, we are monitoring the apps and rate them, obtain reports, etc., to see the security posture of the devices and apply compliance policies. This prevents users from installing fake applications or non-approved software.

It also monitors all of the user navigation inside the phone, controlling non-permitted connections like fake Wi-Fi, etc. It also manages the enterprise e-mail in a secure way to avoid unauthorized access from the mobile device.

I really like the application scanning feature that scans all of the installed applications, and not only what appears in the Add or Remove Apps section, and then reports the results in the console.

The performance of this solution is absolutely impressive, especially in terms of battery consumption. It has less consumption than I was expecting

It is a very stable solution that integrates well with the most standard MDM solutions in the current market.

It offers good support for Apple devices and multiple Android versions, which is quite important if you have a disparate set of devices.

There are more features for Android devices than Apple, but, think is more related to the Apple API than Check Point.

Some configuration options inside the management console are a little confusing because the interface is not always user-friendly.

Some policies that can cause problems on the devices, like remediation, cannot be implemented by the administrator and are required to be done by Check Point. This is inconvenient because in some cases, we need a remediation policy immediately and we cannot wait for Check Point to implement it.

We have been using Check Point Harmony Mobile for approximately two years.

It is a stable solution and we have experienced no problems with our mobile devices.

SandBlast can scale without any kind of problems.

We have had no problems with the support to this point.

We did not use another similar solution prior to this one.

The initial setup is very easy. The cloud solution is easy to deploy and integrate with our MDM.

This was implemented directly by Check Point Professional Services. The team is very experienced with the solution.

This is a very expensive product.

We also evaluated an Intel security solution.

In summary, this is a very good solution that works as expected, although it is very expensive.

We mainly use this solution to detect unwanted traffic or any applications which is installed from a reliable/unreliable source. However, when we install the solution, it begins to behave differently. This software is intelligent enough to understand the user interface and interact with it, determining whether it is doing good or asking for sensitive personal information. This capability must be present in any mobile security app.

It gives enough confidence when we review the logs after appropriately tuning the 'tunable' parameters and then put the device on raw internet traffic and revisit its behavior/events on log files generated. It helps us in graduating our best practices to a 'Leading Practice'. It helped us in conducting critical tests in conducting our job works on Cybersecurity.

If we revisit all possible IT compliance whether it is PCI-DSS, HIPAA, GDPR, and more, they all talk about protecting the 'data' and/or leading to privacy. And mobile devices are some of the most vulnerable devices which can be misused in many ways, so protecting the device from malicious traffic is the key when it would be supported with manual configurable controls then it would be the best fit!

Documentation may need a revisit, and on additional features: The problem comes when something goes haywire and customers have changed some elements of the mobile which affects the Android software environment. For the same, we looked for remote connectivity for revisiting the consumer's device safely and securely for which we tried a couple of openly available apps (in a controlled environment) which does not look very safe for consumers. Hence, would be interested to see an add-on or an extension software to be a part of 'Check Point Harmony' and can be used for remote monitoring and controlling (keeping all possible security and compliance aspects in mind!)

I have been using the solution for several months.

We experienced deploying this software on multiple Android devices (having varied firmware versions), however, when it comes to a few old hardware we faced challenges. Rest the product is very stable. (recommend reviewing the release notes, FAQs and recommendations, and more...)

As stated discussed, this is stable software. Given the required storage, recommended memory, and live internet, it would suffice most of the business needs.

When interacting with technical support, we have to be very clear about the issue we (including customers as well) are encountering then the support will provide assistance quickly.

Positive

We had a better experience using Zone Alarm (Antivirus and Firewall - desktop release) for a long time, and when we started getting requests on cybersecurity-related issues on mobile devices, we quickly checked Check Point 'Harmony' app. and found a perfect fit as of now.

The initial setup is straightforward (though version to version - device to device it may vary) and the deployment takes no more than ten minutes, but when it comes to 'fine-tuning or customizations' (some specific need/business requirements) it takes time and a series of testing for its fitment.

We did the implementation ourselves and are happy that we are able to protect our own devices (used in business) and for customers. The good part is there are lots of techno-functional documents available on their site which gives enough pragmatic exposers for technologies to understand its near-to-perfect deployment plus your past experience should kick in.

Our Revenue is organic and growing. Though unfortunately when we requested for registering our organization, we received our certificate a few days before the COVID lockdown and things have changed fundamentally, then we quickly transformed our operational machinery for remote work and successfully worked for a couple of clients in and around UAE/Saudi reign, which helped us survive and now we have enough requests coming-up for India/locally.

We pay between 300 and 600 Rupees (around seven dollars per month) per year per license, which depends on where you are procuring it, plus a small quantum of our service charges. 

I give the solution an eight out of ten.

The reason we use this solution is primarily due to its availability in the Indian market. This plays a very important role. We then started reviewing many products based on Gartner's magic quadrants, IDC, and other big analytical companies that provide the reports and enough rationale and justification for our decision-making. We prefer to have a look at Moody's ratings for companies' performance.

We must first look at the different mobile applications consumer use. We check the type of issue/problem explained is covered by comprehensive writeups/reports/bug reports/FAQs/or on some relabel blogs or reviews matching our problem area, then we take sustainable solutions.

I recommend the product, but it has to be fine-tuned and tested by each organization.

We are mainly using it to manage mobile connections. It is a cloud solution, and it is deployed on the Check Point cloud.

We can manage different mobiles in the Harmony portal. For example, we can fix the version of the OS system that can connect to our network. Some applications are not authorized to be installed by the user. So, we can block those applications or versions.

Network protection, OS protection, application protection, and file protection are valuable. It is also easy to implement and manage.

If possible, it would be better if they can include vulnerability management for applications. When a user installs many applications, if there is a way to manage a pack of applications, it would be helpful.

I have been using this solution for two years.

There is no problem with stability. We have had no issues since we started using this product.

It is very easy to scale. We have 10 users, and it is for our internal use. We are also a Check Point partner, and we use it on our mobile phones to show it to our customers during seminars or presentations.

I'm a support engineer, and I have contacted their technical support. I was with a customer who needed some information about the mobile UEM integration of Harmony Endpoint, and I had to contact their technical support to find out how we can do this easily. 

Their support is very easy to contact. We are a partner, and when we contact their support, they always respond on time. Their support is very good.

We were providing Kaspersky and Bitdefender to our customers before becoming a partner of Check Point. I don't know if Bitdefender has protection for mobile, but I know that Kaspersky has recently started developing for mobile. Check Point Harmony Mobile is better and more secure for mobile protection because of its stability and all the functionality. It is easy to deploy and manage.

Its initial setup is very simple. If any additional configuration needs to be done, I just receive an email. When a user is added to the portal, you receive an email with information about the server and the password. You can just click and start the application. It is very easy.

It is pretty fast. It just takes one minute for the installation and the first scan.

I do it myself from the office. I don't need an assistant from Check Point or anyone else. I just need to read the documentation. I can download the documentation from their website, which contains the information for installation and troubleshooting.

The maintenance can be done from the tenants in the cloud. You can do the updates and patching of the product in the portal.

At the moment, the price is good, but there is always scope for amelioration when it comes to pricing. When pricing is lower, it can make a customer buy the product. Customers ask us about the price of the product before allowing us to explain the functionality to them.

I would recommend this solution to others. It is easy to implement, and it is easy to manage. It covers OS protection, network protection, file protection, and application protection. It provides the best protection.

I would rate it a nine out of ten.

The primary use case is to enable access to any corporate application hosted on-premises or in the cloud using a mobile device with single sign-on (SSO) capabilities.

It provides IT admins capabilities for granting access to corporate applications or data on mobile devices and should be able to securely monitor and manage the mobile devices that access sensitive business data. It includes storing essential information about mobile devices, deciding which apps can be present on the devices, and locating devices.

This product should be able to remove corporate applications and data on enrolled devices remotely, known as an enterprise wipe, in case a device is stolen, lost, or if the user leaves the organization.

Corporate data should be securely stored on mobile devices and the user should not be able to share data from corporate apps/data to personal storage.

Internal applications, data, and folders are published on enrolled mobile devices in a secure way without publishing any of the resources over the internet.

A separate workspace is created on the enrolled mobile, which partitions corporate data from personal data. Policies can restrict users from copying any app/data from corporate to personal storage and vise versa. 

Users are able to login to corporate applications using single sign-on.

DLP policy prevents data leakage issues, which cannot be prevented if applications are published directly without any MDM solution.

Enterprise wipe gives us the capability to remove applications and data from enrolled devices remotely in cases where one is lost, stolen, or for any other reason. 

Organizations can prevent device enrollment in cases where a device is rooted/jailbroken.

Enrollment is based on the user name and the admin needs to create an enrollment policy. The enrollment email goes to users who are entitled to enrollment via Capsule. Each user needs to manually click and add the Token, which is sent via email and used for providing and restricting access.

Licenses are taken from Check Point for the number of users who need to be enrolled via Capsule. 

No additional hardware or setup is required for Capsule configuration, as it can be enabled on the same security gateway. This reduces any additional hardware cost, as well as for setup and connectivity.

Configuration is straightforward and can be controlled on the same NGFW as Capsule. This is used for providing access to users.

Reporting is quite complicated once more users are enrolled and they need disparate access. It needs to be maintained separately, which adds work for the admin and can lead to errors.

Enrollment emails are sent for each device, which means that when a user needs to change devices or enroll more than one, admins need to generate and send additional tokens.

The product does not provide deep capabilities for sharing specific data to users or groups separately, nor does it provide visibility as to whether a user has access to the data or not.

For example:

• HR sharing certain learning videos or documents to a group of users. The solution does not provide reports as to whether these have been accessed by the user or not.
  
• It does not provide a solution in the case where a device is being shared by multiple users
• A site where one iPad is being shared between five users is a problem. Each user has their own access to the device but this solution does not have the capabilities of providing each user with specific access to data or applications.

We are not using Check Point Harmony Mobile for now.

This product is stable, just like any other Check Point solution.

It can be scaled by adding more security gateways and enabling the license. It is done in the same manner as a Check Point firewall.

The technical support is excellent.

We used this solution and then moved to a different one.

The initial setup is straightforward.

The process involves getting a license from Check Point and enabling a module/blade on the security gateway. After this, start on the configuration (Published data, which needs to be made available on the endpoint to access).

Our in-house team completed the deployment with OEM support.

Using this firewall improves productivity and availability for enrolled endpoints. Published data can be accessed anytime on a mobile device.

Check Point provides a separate license in cases where organizations want to use this only on mobile devices, or laptops/desktops. Check Point Total includes both mobile devices and endpoints. 

Setup can be done on the existing security gateway or it can be done on a dedicated security gateway where there are a large number of users.

Checkpoint provides five user licenses by default.

The organization should be clear on the requirements. If it is only for publishing a few web apps, URLs, email, or for a few shared drives, then the solution works absolutely fine. However, it is not a full-fledged MDM solution like VMware AirWatch/Citrix/Blackberry and more.

These solutions all provide more MDM capabilities than Capsule.