Try our new research platform with insights from 80,000+ expert users
IT Security Manager at Telecommunications Services of Trinidad & Tobago Limited (TSTT)
Real User
We like the ability to encrypt transactions on all devices
Pros and Cons
  • "We like Harmony's ability to encrypt transactions between mobile devices. All the user's transactions are encrypted. That's an excellent feature. We can detect, quarantine, and address any issues in the handset itself."
  • "Harmony has more support for Android OS as opposed to iOS. You need a third-party MDM solution to integrate with iOS. If you don't have an MDM, your app can't scan on an iOS device. The solution can scan everything on Android. It sees all your apps."

What is our primary use case?

We use Harmony Mobile to protect our workers' mobile devices. There are about 300 users, including everybody from executives to regular engineers. We plan to increase usage, but we are waiting on an executive decision. They'll decide whether to cut costs or increase use. 

What is most valuable?

We like Harmony's ability to encrypt transactions between mobile devices. All the user's transactions are encrypted. That's an excellent feature. We can detect, quarantine, and address any issues in the handset itself. 

What needs improvement?

Harmony has more support for Android OS as opposed to iOS. You need a third-party MDM solution to integrate with iOS. If you don't have an MDM, your app can't scan on an iOS device. The solution can scan everything on Android. It sees all your apps. 

For how long have I used the solution?

We have had Harmony Mobile for about three years. We're both a customer and a partner. The partner is the enterprise division of our organization, and we are a customer, but we cannot purchase it ourselves. We have to go to a third party. Acquisition is more from the customer base, but my company also is a partner.

Buyer's Guide
Check Point Harmony Mobile
November 2024
Learn what your peers think about Check Point Harmony Mobile. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
814,763 professionals have used our research since 2012.

What do I think about the stability of the solution?

We haven't had any issues with Harmony crashing our system.

How was the initial setup?

Deploying Harmony was straightforward.  You can deploy it using an MDM solution, but we didn't have one at the time. We deployed by email or SMS, and was relatively simple. 

We explored the MDM part with Google but ran into some issues because the feature required for this integration requires an enterprise license. We have three staff members responsible for implementing and managing the solution.  

What's my experience with pricing, setup cost, and licensing?

The license was pretty reasonable. I don't have a figure right now, but I think it was somewhere between $10 and $30 per user. 

Which other solutions did I evaluate?

We evaluated VMware Workspace ONE, and VMware also had an MDM that we looked at at the time. Even the McAfee MVISION right now also comes with mobile device management as well.

What other advice do I have?

I rate Check Point Harmony eight out of 10.

My advice for enterprises thinking about Harmony is to consider your device type. If your users are predominantly on Android, it's a good solution. If it's primarily iOS users, you might need to deploy an MDM before buying it. An MDM that covers both operating systems is a significant factor to consider. It will determine how easy it is to deploy it and how much control you have over the profiles.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer1523535 - PeerSpot reviewer
IP LAN and Integrity Specialist at Chevron
Real User
Good scanning capabilities, impressive performance, low battery consumption
Pros and Cons
  • "I really like the application scanning feature that scans all of the installed applications, and not only what appears in the add or remove apps, and then reports the results in the console."
  • "Some configuration options inside the management console are a little confusing because the interface is not always user-friendly."

What is our primary use case?

We use SandBlast Mobile, integrated with our MDM for automatic deployment of solutions on our devices. This is for our corporate mobile devices, and also for BYOD (Bring your own device) cases. This works well for the users that want access to our corporate repositories for accessing information.

SandBlast is always monitoring their activity including the applications that are installed or they are trying to install, not allowing apps that are not 100% trusted, receiving logging alerts, etc., to take care of our devices and avoid their comprise. 

How has it helped my organization?

SandBlast Is providing a real security approach, not only AV like other vendor solutions.

Continuously, we are monitoring the apps and rate them, obtain reports, etc., to see the security posture of the devices and apply compliance policies. This prevents users from installing fake applications or non-approved software.

It also monitors all of the user navigation inside the phone, controlling non-permitted connections like fake Wi-Fi, etc. It also manages the enterprise e-mail in a secure way to avoid unauthorized access from the mobile device.

What is most valuable?

I really like the application scanning feature that scans all of the installed applications, and not only what appears in the Add or Remove Apps section, and then reports the results in the console.

The performance of this solution is absolutely impressive, especially in terms of battery consumption. It has less consumption than I was expecting

It is a very stable solution that integrates well with the most standard MDM solutions in the current market.

It offers good support for Apple devices and multiple Android versions, which is quite important if you have a disparate set of devices.

What needs improvement?

There are more features for Android devices than Apple, but, think is more related to the Apple API than Check Point.

Some configuration options inside the management console are a little confusing because the interface is not always user-friendly.

Some policies that can cause problems on the devices, like remediation, cannot be implemented by the administrator and are required to be done by Check Point. This is inconvenient because in some cases, we need a remediation policy immediately and we cannot wait for Check Point to implement it.

For how long have I used the solution?

We have been using Check Point Harmony Mobile for approximately two years.

What do I think about the stability of the solution?

It is a stable solution and we have experienced no problems with our mobile devices.

What do I think about the scalability of the solution?

SandBlast can scale without any kind of problems.

How are customer service and technical support?

We have had no problems with the support to this point.

Which solution did I use previously and why did I switch?

We did not use another similar solution prior to this one.

How was the initial setup?

The initial setup is very easy. The cloud solution is easy to deploy and integrate with our MDM.

What about the implementation team?

This was implemented directly by Check Point Professional Services. The team is very experienced with the solution.

What's my experience with pricing, setup cost, and licensing?

This is a very expensive product.

Which other solutions did I evaluate?

We also evaluated an Intel security solution.

What other advice do I have?

In summary, this is a very good solution that works as expected, although it is very expensive.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Check Point Harmony Mobile
November 2024
Learn what your peers think about Check Point Harmony Mobile. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
814,763 professionals have used our research since 2012.
Hugo Alexis Espinoza Naranjo - PeerSpot reviewer
Perimeter Security Administrator at a security firm with 51-200 employees
Real User
Top 5Leaderboard
Provides great data security, access control, and network security
Pros and Cons
  • "As a security solution for devices, it can benefit us in many ways, including providing us with data security, access control, network security, and more."
  • "One thing that should be improved in the future of the ability to ensure that mobile devices are protected from connections in environments with unlimited connectivity."

What is our primary use case?

This solution is required for one of the internal needs of our organization. We need the product based on our need for the control of access to corporate resources. We were looking for a solution that allows us to generate the management of mobile network devices and something that could secure all systems in the best way possible, thus giving us a solution that allows for general device management. With this product, our organization will be able to monitor and control the devices used by each of our employees in the organization, which gives us an level of adequate security configuration and allows us to comply with internal policies.

How has it helped my organization?

As a security solution for devices, it can benefit us in many ways, including providing us with data security, access control, network security, and more. The kinds of features on offer provide us with confidential access to information, ensuring each of the different devices is protected while improving the productivity of employees. In summary, this solution can help us protect business resources in the best way possible, which can be translated into efficient and profitable security.

What is most valuable?

A very important feature that is outstanding and helps our organization is the ability to protect the business data stored on each device. This is especially important since these devices are used to create information, catalogs, products, customer information, and inventory. Every time they are outside the company, the solution provides us with a secure connection from the devices to the database, thereby keeping data safe. In addition, we can improve the productivity of each of the employees remotely. This benefits to the company in terms of sales or productivity even from different locations. 

What needs improvement?

One thing that should be improved in the future of the ability to ensure that mobile devices are protected from connections in environments with unlimited connectivity. 

In some cases, devices may be found in areas with little or no signal, which can make it difficult to connect to the network. That makes it difficult to use the solution. We ned to ensue we have something that allows users to work effectively even without a strong network connection. This would allow us to have a solution that adapts to the challenged presented by limited connection environments.

For how long have I used the solution?

I've used the solution for one year.

Which deployment model are you using for this solution?

On-premises

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Edwin Solano Salmeron - PeerSpot reviewer
Soporte técnico superior at Acobo
Real User
Top 5Leaderboard
Great for protecting data, securing non-corporate devices, and removing old user permissions
Pros and Cons
  • "One of the features that have given us additional value is being able to encrypt and block how data is shared within cell phones or mobile devices."
  • "I would like to see management and remote administration functions in the same portal."

What is our primary use case?

We were busy protecting many of the devices used today by managers, sales teams, and those departments that have to be moving very frequently due to all these uncertainties. 

We were busy protecting the content, data, and information that was downloaded and all those objects or information that is shared with different departments to be secured in a simple way on the mobile devices to which access was given. 

For this reason, we have searched for solutions that could allow us to secure the departments' devices that have permissions outside the institution (based on the role or position they have).

How has it helped my organization?

One of the features that have given us additional value is being able to encrypt and block how data is shared within cell phones or mobile devices. This means that the data that belongs to the corporation will be encrypted and protected in a portion of the phone, with access to interactions against the data further protected within the device. It's a safe way to encapsulate, within a device, security to protect an organization's information.

What is most valuable?

The most valuable feature is being able to encrypt corporate data on devices that are not company devices (like personal cell phones), and being able to manage it remotely. This way, fired users can be removed and eliminated corporate data without affecting the personal data of its other users, thus being an efficient way to safely manage and administer the information that belongs to the corporation. 

We can easily secure the information of the company and the user's device so that if we find a vulnerability or some insecurity breach in these cell phones, the solution will indicate that the device is compromised and it will remove the corporate data to ensure the integrity of the data.

What needs improvement?

I would like to see management and remote administration functions in the same portal. I would like us to see it from the same centralized portal and be able to share its rules, its characteristics, and the advantages of cloud computing power. That way, we would have a more central way to manage the computers that belong to or are managed by us. Check Point Harmony Mobile is one of the features that we can see that is easy to install. We would like to have that same flexibility when it comes to managing it on the same platform where we share it with other features of Harmony Endpoint, Harmony Browser, or the NGFWs.

For how long have I used the solution?

I've used the solution for one year.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
IdoSarusi - PeerSpot reviewer
Developer at Shavit-security
Reseller
Top 5
Reliable platform with efficient mobile device security features
Pros and Cons
  • "It has been a reliable solution for our organization, significantly improving our mobile device security without excessive maintenance requirements."
  • "The solution's false positive detection could be improved to reduce unnecessary alerts, the app's performance optimized to minimize device impact, and policy management simplified for easier deployment."

What is our primary use case?

Our primary use case for the product is to secure corporate mobile devices, particularly those containing critical information or used by VIPs within our organization.

What is most valuable?

The platform's app scanning feature is valuable as it checks app reliability and identifies potential security risks, which is crucial for maintaining secure mobile environments.

What needs improvement?

The solution's false positive detection could be improved to reduce unnecessary alerts, the app's performance optimized to minimize device impact, and policy management simplified for easier deployment.

For how long have I used the solution?

I have been using Check Point Harmony Mobile for approximately one and a half years.

What do I think about the scalability of the solution?

The platform is scalable for larger organizations, but customization complexities in policy management can make deployment more challenging for extensive device quantity.

Which solution did I use previously and why did I switch?

We used other security solutions previously but switched to Check Point Harmony Mobile due to its comprehensive feature set and reputation for effective mobile security.

How was the initial setup?

The setup was relatively straightforward but could be challenging for less technically inclined users due to policy customization requirements.

What about the implementation team?

We implemented the product with the help of our internal team, leveraging our cybersecurity and mobile device management expertise.

What was our ROI?

The improved security and reduced maintenance overhead contribute to a positive return on investment for our organization.

What's my experience with pricing, setup cost, and licensing?

The product pricing is reasonable for the security it provides. 

Which other solutions did I evaluate?

We evaluated several alternatives, including SentinelOne and CrowdStrike, but ultimately chose Harmony Mobile for its robust security features and ease of deployment.

What other advice do I have?

Harmony Mobile has significantly enhanced our mobile device security by effectively scanning apps for reliability, monitoring network connections for threats, and ensuring data protection.

It has been a reliable solution for our organization, significantly improving our mobile device security without excessive maintenance requirements.

I rate it a nine out of ten. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
IT Security Manager at Telecommunications Services of Trinidad & Tobago Limited (TSTT)
Real User
Filled a gap in our security posture by protecting mobile handsets and our corporate network
Pros and Cons
  • "We like the URL content filtering, that is one of the most valuable features."
  • "It also enables us to see where privacy is a concern, apps that are leaking privacy. Having an idea as to how these apps are being protected offers some level of security to the device and back into our corporate network."
  • "We don't have Google MDM being supported by the solution as of yet. It is a feature requirement... They are aware that it is something that I need. My objective is to be able to have the MDM integration and to have some level of control over the asset itself."

What is our primary use case?

One reason we use it is that we didn't really have any control on the mobile side. We do have Google MDM, but we didn't have a solution like the one Check Point offers to protect mobile devices. Even with Google MDM, there is not much we can do without having something that can enforce security on the endpoint. So there was a gap and that security gap was our main use case.

How has it helped my organization?

The mobile space was pretty new to us. We had no control over it. Given the COVID situation and worked-from-home, we immediately embarked on this project to roll out this initiative. It was part of our strategic decision because when the government implemented work-from-home, only essential staff were supposed to come to work. We had to report every stage at which we reduced the number of staff on premises, because we're state-owned and our CEO reports to the minister. The solution improved things significantly in that context. We were able to give a proper accounting of our security assets and not have that gap where mobile devices are concerned. And we're able to offer a lot more security.

A lot of the users are using banking apps and didn't really have any assurance that they were protected. Also, with the pandemic there were a lot more cyber security attacks. We were sending out updates on what was happening, as part of our security awareness. It helped build some confidence within the staff in terms of what we were doing for our security campaign. Overall, it helped us account for all assets and protect them properly.

What is most valuable?

We like the URL content filtering, that is one of the most valuable features. 

It also enables us to see where privacy is a concern, apps that are leaking privacy. Having an idea of how these apps are being protected offers some level of security to the device and back into our corporate network.

The protection provided by the solution for all three threat vectors, application, network, and device, is pretty okay the way they're doing it. Their solution does not work the traditional way that endpoints used to be protected using local resources, when it's doing its scan. Sandblast is comparing the app to the app store and that is a very good feature. It's not resource-intensive. In terms of the networking, it does a pretty okay job. From the device side, we're able to see that backend information, including the app information, into the portal itself. 

It's also very easy to deploy and easy to manage.

When it comes to applications and network specifically, the solution's comprehensiveness and accuracy is pretty good. For applications, it has features pertaining to things like GDPR compliance. It is not leaking an end-user's personal information. There are some good features there. The only way we are able to see a user being identified is if there is a threat. Then that user comes up in that report, but that's only for those incidents. It's a very small minority. But it does a very good job in terms of breadth of protection.

The dashboard is pretty okay in terms of how you go in and you create your policies. And it comes with a very comprehensive policy. You have checkboxes or radio buttons to select the additional features. That's very intuitive. They just recently added some new features to their dashboard as well. It's pretty straightforward when it comes to where you: 

  • look for the threats, versus the administration aspect of it 
  • how do you drill down, the analytics
  • if there are any events, how you go all the way down. 

I find the dashboard is pretty intuitive and simple, compared to how Check Point has been deploying the SmartConsole.

And when it comes to blocking attempted attacks it's also pretty intuitive and simple. Suppose we see an app that has a particular threat. We're able to select and apply policies or rules on that particular app or device, and that can prevent the threat from propagating. We can quarantine it and address the issue. It's pretty simple in being able to manage threats, from a mobile perspective.

What needs improvement?

This is the first time we have ventured into protection of mobile devices. We have had many years where staff didn't have any restrictions on a mobile device. Since the migration from the BlackBerry Bell solution that we had back then, there has been a gap. Nobody was able to protect Android as well as iOS devices. And given that we were going into that space, we did not go in with the ability to do any serious lockdown or removal of apps. Mobile threat defense is not supported fully for Google MDM, so we're not using it within the Google MDM. It was supposed to be supported as of this month. We don't have Google MDM being supported by the solution as of yet.

It is a feature requirement, but they wrote me saying it was supposed to have been rolled out at the end of the second quarter of 2020, which would have been in the last month. We should have had something coming back from them so I wrote them last week, asking them where we are in terms of this roadmap. They are aware that it is something that I need.

My objective is to be able to have the MDM integration and to have some level of control over the asset itself.

Also, the one thing I don't see with it is that when I'm doing a scan on my network I'm not seeing my SSI ID showing up. I don't know if that means there's a bug or something we need to work out. But it's still giving me a good report in terms of the network scan and the device protection.

Another thing I would really like to see is a unified console where I don't have to use multiple devices or multiple consoles to manage my Check Point solutions. I am thinking of a unified console that could be linked back with some of the other solutions that we already have from Check Point, like CloudGuard. For all of the on-prem firewalls that we have, there would be one console, as opposed to these multiple consoles, and we would be able to link on-prem and cloud solutions to create that hybrid scenario. I haven't seen that feature yet.

I would also like to see support for other SIEM solutions such as Splunk.

For how long have I used the solution?

We started with Check Point SandBlast Mobile just when the pandemic lockdown started here in Trinidad, which was in early March, so it's been about six months. During that period of time, when the pandemic kicked in, and remote work and work from home and BYOD were a big concern, that is when we migrated to the SandBlast Mobile platform.

What do I think about the stability of the solution?

We haven't had any challenges due to somebody complaining of the app crashing. I also have it on my phone and it hasn't crashed. I haven't had a challenge where it prevented me from doing anything. In fact, I was running SandBlast Mobile alongside ZoneAlarm, the free version. I had ZoneAlarm installed about six months prior to installing the SandBlast Mobile agent and both of them worked alongside each other. I never had a problem. I eventually removed the free version and I use the corporate solution.

What do I think about the scalability of the solution?

We haven't really explored the MDM integration yet, nor the other use cases we can use it for. At this moment, we're just looking to protect the mobile handset. There's not much of a use case in terms of how we can scale it. We're still under our license limitation so we're pretty okay with it so far.

From the last report about number of users, we rolled out to about 300 endpoints and we still had about 90 handsets that had not accepted the install. We continue to add more every month to that list. The users include executives and senior managers from the various technology groups, as well as users outside of technology in finance, sales, and marketing. We have had staff from every one of those areas install the solution.

We're 2,400 staff in total and we have only purchased about 350 licenses. We plan to roll this out in phases to the other staff. The challenge that we're having internally is differentiating issued handsets. Initially, we were told to roll this out to everybody, but after some discussions we decided we didn't want to go that hard with the users. So the users that have it installed will run it for about a year and then we can then roll it out to the others. That way, the others will see that the users haven't really had any challenges or any concerns with privacy, or that it slowed down the phone in any way. So we do plan to extend SandBlast to the other staff that don't have it.

Also, being a telecom company, our GM for mobile has been looking at a business model where we would lease phones to our subscribers. In that scenario we would have the solution provisioned and the security installed, given that this is our handset and, at the end of the lease, we would want to recoup some level of monetary value from it. So we would protect it with the assurance that there would be no data privacy concerns. That is still in discussion.

How are customer service and technical support?

I haven't had many issues where I have had to contact tech support. I have a very good relationship with the territory manager, and I have met and have a very good relationship with the security engineer assigned to this region.

The tech support and help that I have gotten so far is pretty good. I haven't had any challenges.

Which solution did I use previously and why did I switch?

We had the BlackBerry Bell solution, but nothing to protect Android and iOS. We had purchased AirWatch from VMware, but AirWatch is not the same as a Check Point's mobile threat defense solution. AirWatch was more of an MDM.

We were kind of forced into the solution with the pandemic scenario. We were in the process of writing a few position papers; there were a few reports that the government had requested from the CEO. So we got a little bit of pressure when COVID kicked in. We had to rush. We were very happy when Check Point reached out to us and said, "You can use our ZoneAlarm free for 90 days and you can deploy it to your customers, your subscribers, and to your family members, during this period of time," owing to the relationship that we had. When we got that, the CTO said, "Well, let's just invest in the Sandblast solution." That's how we ended up transitioning into this and deploying it.

How was the initial setup?

The initial setup was pretty straightforward. There were a couple of ways to handle the roll-out. We could send an email with a barcode for the users to install it and there was also an option to send an SMS. They could then install it and it was pretty straightforward.

Prior to that, we sent out a communication explaining that this was what we were embarking on, that it was an executive security initiative. We still had a few calls from users because it was a new area and people were very concerned. We had to keep reassuring the users that we were not spying on them, that we were just protecting the company assets. We explained that it was no different from a laptop or a workstation that the company issued. We had to continually reassure them that it wasn't an issue of privacy. In fact, we told the employees that apps were leaking privacy information and this would turn that off and prevent it from happening.

Initially, there were a lot of concerns about privacy with users saying, "This thing is going to spy on us." But we did not roll it out to every employee's handset. We rolled it out to the company-issued handsets. We took that approach and, at a later date, based on how we run this solution and how we get it to "soak in," we'll move to the other area. But there were a lot of concerns. 

We didn't find any complexity around the installation of the solution on end-user mobile devices. Without the MDM integration, we were not able to force the install and the user still had the option not to install, and if it was installed they still had the option to remove it. But it was straightforward. There weren't any complexities.

Our deployment took about a month or a month-and-a-half. The problem we had wasn't with the roll-out, rather it was about our being able to separate company-issued handsets from the list. We went to the team that issues the handsets and they did not have accurate lists. The audit they had done was a month or two prior so we only had accuracy in the list up to a month or two before. The challenge wasn't about the solution itself.

What about the implementation team?

We didn't use any third-party. We had a demo and we were shown how straightforward it was. It started off from that demo and moved straight into production. They gave us use of it for a period of time. We looked at it, played around with it, and that eventually became our production environment. It wasn't a scenario where we had to engage Professional Services.

Initially, there were about five people from our side involved in the deployment, but it ended up coming down to two to three people.

For maintenance of the solution I have three people who are all IT security specialists.

What was our ROI?

We have not yet seen any ROI because we still have a number of devices where it has not been installed. We haven't yet seen the big benefits of it.

What's my experience with pricing, setup cost, and licensing?

We got a pretty good deal and the price is pretty decent compared to some of the other solutions.

Check Point has always been a little high on price. People will need to have a good relationship with their territory manager or their account manager and will need to negotiate a better price. 

Compared to some of its competitors who are very good in marketing, Check Point has been very lacking. Their price sometimes tends to be notably higher than its competitors, but the quality of the solution is the difference. However, people mostly go after the marketing. They see that side of it.

For this solution there is just the support. There were no other costs added on to it. It is a straightforward license: unit price by X number of units and the support that goes along with it. There wasn't any other cost for us.

Which other solutions did I evaluate?

We haven't really looked at any competitors. This type of solution was not something we were planning on doing within this financial year. SandBlast Mobile was not something that was on our radar. Owing to the scenario we were in with the COVID pandemic, the issue was how fast we could react to get to the solution onboard and how little paperwork would be involved. Given that we're a state-owned company, we have to comply with a lot of procurement policies and guidelines. If we don't have a vendor operating onsite, we are not able to leverage any solution from that vendor.

Check Point was already operating onsite; we had other solutions in use from them. Given that they offered a solution to us and had a relationship with our executives, that was what enabled us to fast-track things.

If we were to evaluate other products we would not have been able to roll this out in time. It would have had to go to an RFP, an evaluation process, and a purchase order. It would have been a good six- to nine-month process.

What other advice do I have?

If you have the opportunity, explore competitors to see how their products work. Also, negotiate your price with Check Point as much as possible.

The things that stand out from my experience are the ease of the deployment and the education of the end-user regarding data privacy and those types of things.

We haven't had many cases of false positives. One that we saw was in the following scenario. Let's say we had an app that came up as a threat and we applied particular rules to quarantine it. After we applied the rules, it showed up on the handset as if the app no longer existed, whereas Sandblast was saying that it wasn't removing the app. It turns out it really wasn't removing it. It just removed the app from reporting within the rule itself. That was a little bit of a challenge in wrapping our heads around it. We worked with Check Point to iron out that issue. So that was a kind of false positive.

We had to do it a few times in order to understand that the app was not being removed. The solution claimed to be GDPR compliant and that it was not removing any information or apps from the end-user's handset. We had to check to make sure those features were in place.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: Reseller.
PeerSpot user
PeerSpot user
Senior Network/Security Engineer at Skywind Group
Real User
Multi-platform support, easy to use, and the VPN portal does not require a client to be installed
Pros and Cons
  • "The most impressive thing is the SSL VPN Portal."
  • "I think that the pricing for the Check Point products should be reconsidered, as we found it to be quite expensive to purchase and to maintain."

What is our primary use case?

Our company works in the area of developing and delivering online gambling platforms. The Check Point Next-Generation Firewalls are the core security solution we use for the protection of our DataCenter environment, located in Asia (Taiwan).

The environment has about 50 physical servers as virtualization hosts, and we have two HA Clusters that consist of 2x5400 hardware appliances, managed by an OpenServer Security Management Server on a Virtual Machine (KVM), all running on R80.10 with the latest JumboHotfix.

The Check Point Mobile Access software blade is one of the numerous blades activated on the NGFWs and serves for providing connectivity to the datacenter for the employees.

How has it helped my organization?

The Check Point Mobile Access is activated on the Check Point HA Clusters and protects our datacenter located in Taiwan. It is used to provide connectivity to the internal resource for our employees, thus Remote Access VPN services.

The blade is easy to enable and configure, and it provides great benefits with the help of the built-in SSL VPN Portal. Now, most of our employees don't even use any client software, but just the browsers on their devices, to access the applications published via the SSL VPN Portal.

The connection is stable and reliable, and the level of security and encryption is still high. We find this solution really useful and helpful.

What is most valuable?

The users in our company like that the VPN client is supported on the different platforms and operational systems, e.g. Android smartphones and tablets, Windows and MacOS PCs and laptops.

The most impressive thing is the SSL VPN Portal. With it, you don't even need any client software, just a browser is enough to connect. We have integrated the SSL VPN Portal with the Microsoft Exchange server, and this covers the needs of 95% of our users regarding remote access to the office.

The authentication is performed via integration with Active Directory, so the employees use the same credentials. It is super easy and everybody likes that.

What needs improvement?

I think that the pricing for the Check Point products should be reconsidered, as we found it to be quite expensive to purchase and to maintain. Maintenance requires that the licenses and the support services be prolonged regularly.

Alternatively, they should create some additional bundles of the software blades with significant discounts in addition to the current Next Generation Threat Prevention & SandBlast (NGTX) and Next Generation Threat Prevention (NGTP) offers.

We have also had several support cases opened for software issues, but none of them were connected with Check Point Mobile Access.

For how long have I used the solution?

We have been using this product for about three years, starting in late 2017.

What do I think about the stability of the solution?

The Check Point Mobile Access software blade is stable.

What do I think about the scalability of the solution?

The Check Point Mobile Access software blade scales well with the gateways we use, since it doesn't affect the overall performance much after activation.

How are customer service and technical support?

We have had several support cases opened, but none of them were connected with the Check Point Mobile Access Software Blade. Some of the issues were resolved by installing the latest recommended JumoHotfix, whereas some required additional configuration at the OS kernel level.

The longest issue took about one month to be resolved, which we consider too long.

Which solution did I use previously and why did I switch?

No, we didn't use any SSL VPN solutions before onboarding Check Point Mobile Access.

How was the initial setup?

The setup was straightforward. The configuration was easy and understandable, and we relied heavily on built-in objects and groups.

What about the implementation team?

Our deployment was completed by our in-house team. We have a Check Point Certified engineer working in the engineering team.

What's my experience with pricing, setup cost, and licensing?

Choosing the correct set of licenses is essential because, without the additional software blade licenses, the Check Point gateways are just a stateful firewall.

Which other solutions did I evaluate?

No, we decided to stick to the Check Point Mobile Access after the demo with the vendor.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Hendrik-Du Plooy - PeerSpot reviewer
Regional Manager at Saber1
Real User
Top 5
Offers comprehensive solution for all devices but improvement is needed in user awareness
Pros and Cons
  • "The ease of use, along with comprehensive protection for all devices, is a key advantage. It provides visibility into malicious applications installed on the phone."
  • "The product needs to improve its user awareness."

What is most valuable?

The ease of use, along with comprehensive protection for all devices, is a key advantage. It provides visibility into malicious applications installed on the phone.

What needs improvement?

The product needs to improve its user awareness. 

For how long have I used the solution?

I have been working with the product for 18 months. 

What do I think about the scalability of the solution?

I rate Check Point Harmony Mobile a nine out of ten. 

How was the initial setup?

I rate Check Point Harmony Mobile's deployment an eight out of ten. 

What's my experience with pricing, setup cost, and licensing?

I rate the tool's pricing a three out of ten. 

What other advice do I have?

I rate the overall solution an eight out of ten. 

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Buyer's Guide
Download our free Check Point Harmony Mobile Report and get advice and tips from experienced pros sharing their opinions.
Updated: November 2024
Product Categories
Mobile Threat Defense
Buyer's Guide
Download our free Check Point Harmony Mobile Report and get advice and tips from experienced pros sharing their opinions.