Check Point Harmony SASE (formerly Perimeter 81) Reviews

Our primary use case is as a Security Web Gateway for off-premises users. 

We use Check Point for application control, IPS, and web filter on-premises and wanted an in-kind solution for off-prem users. The primary requirement was for the Harmony policy to be able to be managed from the same SmartConsole instance as our on-premises gateways are managed. 

We wanted to be able to have one single policy, managed in one place, and for our users to have the same browsing experience whether off-prem or on-prem. It was also a primary requirement to be able to have the logs generated from Harmony merged into the same locations (SmartConsole and our SIEM) as our on-prem gateway logs go.

It has not improved our organization due to being unable to fully implement in the manner it was sold to us as being able to. 

After attempting to use the same policy for Harmony that we use for on-prem users (managed by on-prem smartConsole), and after much time going through Check Point account reps and support, we were informed it is not possible to manage Harmony Connect policy from SmartConsole if layers or source objects (such as AD users, machines) were used. 

We then were told by Check Point it would be possible to manage both policies from the same platform if we used the Management-as-a-Service Smart1Cloud smartconsole, but after further investigation, we were then later told by Check Point account executives and support that we are unable to manage Harmony policies from Smart1 Cloud, even though they are both housed in the Check Point Infinity Portal. 

It is also not even possible to send our Harmony Connect logs to the Smart1Cloud portal, again - even though they are both within the Infinity portal.

HTTPS decryption is a valuable service and not always found in cloud-based secure web gateways. With as much traffic being HTTPS as opposed to HTTP these days it is very important to be able to run that traffic through all the security modules such as IPS and Application Control. 

We also found the SAML integration to be useful. It is handy to be able to access the portal from anywhere in the world, though as mentioned above we are not fully implementing the product at this time due to other issues.

We want the overall ability to manage Harmony and on-prem policies from the same platform. Harmony lacks this ability when anything more than a vanilla access policy is used (we use layers and source user objects in our policy which make this impossible according to Check Point). 

Also, we need the ability to send/merge Harmony logs into the same SmartConsole as our on-prem Gateways send logs to. Have been told this is not possible by Check Point. It makes it really difficult when you have to use two different platforms/portals to see logs

I've used the solution for about six months.

I have not had any issues with stability, although we have not fully used the solution in the manner intended.

I have not had any issues with cloud-based resources, so I assume it would be easily scalable.

We have had many issues with customer support on this product. 

One example: I created a support ticket for a simple issue on the product not being able to be installed on our client machines. 

It took over a month to resolve with my team having to repeatedly follow up with support in order to get a result. My team eventually had to dig into the issue at a great depth ourselves and discovered the problem - it was that Check Point developers did not properly sign multiple scripts associated with installation, which would not allow it to install in our secure environment. 

My team had to unpack the installer and dig around to examine the files and find the mistake in signing. The issue was then finally solved by Check Point developers in Tel Aviv.

Negative

We previously used Check Point Cloud Capsule, which is a similar product. However, we were never happy with its performance and its Application Control objects were very out of date. Support was always hard to get on it from Check Point as well. It was also unable to be used alongside our VPN solution (Microsoft Always-On VPN).

The initial portal setup was straightforward in that the portal is automatically provisioned. 

Getting users integrated through SAML was not straightforward in that the instructions from Check Point on linking it with Azure AD were not accurate. The pre-built Enterprise Application object within Azure AD that is provided for Harmony did not work either. We had to adjust several of the settings to make it work (which were not covered by any support article).

We handled the implementation in-house.

We have seen a negative return on investment

Pricing and licensing seemed acceptable; we have no complaints there. 

We also evaluated solutions from Cisco and Palo Alto.

Users should just make sure the solution will actually do what is expected, regardless of what the company says it can do.

We primarily use Perimeter 81 for VPN purposes.

The customer support was excellent. They were very helpful whenever we needed assistance. Also, the gateway they provided worked well. The availability of support programs made it easy for us to resolve any issues promptly. The solution itself was quite similar to others we have used, so the strong support was a distinguishing factor.

There are a few areas where the solution could be improved. For instance, we sometimes encounter connectivity issues, which can be problematic. Recently, I experienced a connectivity issue while trying to move to Azure. Connectivity issues can be quite frustrating.

Moreover, in the past, they may have charged differently for their services, which could have impacted the current performance or connectivity. However, I am not entirely sure about the specifics of their previous service offerings. But overall, connectivity issues are a common occurrence when using VPNs.

We've been using Perimeter 81 for almost three months now.

Scaling Perimeter 81 was easy to do. Around 20+ users were using it.

I had a moderate level of experience with the support. During the installation phase, I found it very easy and supportive. However, after that, when I faced an issue, the support person themselves became part of the problem. We went back and forth trying to resolve the issue, but unfortunately, nothing worked out, and we had to find a solution on our own. So, that's been my experience with their support.

The installation on Azure was actually quite easy. I had to provide a couple of personal details for data installations, and then I was able to set it up. 

In Azure, there were multiple instances available for the installation, which was helpful. It was a good experience, and I was able to get it up and running smoothly.

For the installation of Perimeter 81, it didn't take long at all. Setting up the backend and connecting with the users only took about ten minutes. It was a quick process, and I didn't spend more than that time on it. However, I didn't handle the filling up of all the details myself, as that part was handled by a third person.

We only had a single point of contact for the deployment. There was one person available to assist with the installation and configuration.

When it came to maintenance, we faced some connectivity issues, and whenever that happened, we contacted their support for assistance. There were some technical workarounds provided, but sometimes the response and resolution were not satisfactory, which became frustrating. Due to this, I had to get in touch with the solution team often. Eventually, I decided to move away from their service.

Perimeter 81 charges separately for gateways and VPN connectivity, but compared to Azure, it seemed more reasonable. Azure's pricing details were not as clear as Perimeter 81's. While Azure team mentioned certain areas, Perimeter 81 provided a clearer breakdown of the pricing, making it more understandable. So, I would say it was moderate in terms of cost.

Perimeter 81 offers both monthly and yearly licensing options. Users can choose whichever option they prefer based on their needs and preferences.

For those planning to use Perimeter 81, I would recommend going ahead with it. However, I suggest ensuring that there is a reliable tech support process in place. It's essential to know which person would be available for assistance so that you can connect with them anytime you face any issues. Also, it's important to avoid any support connectivity issues during usage. In my experience, they were in a good space when it came to using the solution.

Overall, I would rate the solution a six out of ten. 

I use Perimeter 81 primarily for VPN connections and work and home banking. Additionally, I use it for some oil and gas applications. You should also consider using it for SD-WAN solutions. In fact, SD-WAN is one of the primary solutions offered by Perimeter 81.

In order to minimize costs, you can use a zero-trust security model. We also use VPN to interconnect many branches, for example, here in Nigeria, for an operator in the oil and gas industry. We have a high frequency in our network.

For us, SD-WAN is the most valuable feature. They provide a unique advantage for banking purposes and are also different from other solutions. VPN is good for security.

One of our challenges is ensuring the security of our cloud-based operations. We place a high priority on security and take measures to protect our data. We avoid using public cloud services and instead rely on data centers to collect data for both small and large branches.

In the next release, I would like to see more improvement in security capabilities.

I have been using Perimeter 81 for ten years. I am working with the latest version.

It is a very stable solution. It efficiently ensures security. We also use VPN to touch cloud and ensure secure information. However, for a specific company, we may need to improve security. The code is updated biweekly.

The scalability of Perimeter 81 depends on your equipment and routers. Different solutions may require different approaches. It is also a PLS to control.

The customer service was good. We needed to make some configurations, and it was the same as with other providers because it's a solution we use.

The initial setup is easy. The deployment process is different for each project, and it depends on the project's scope, such as the type of network and the kind of project. If you use IP and POS, it's different from if you don't use them.

It's possible to implement it in-house, or we can get some help. As for the technical aspects, we have six people who are required for the deployment and maintenance. We plan to increase the number of users for Permieter 81 in our company.

The system should think about how to maximize the ROI and minimize the OpEx cost for the customer. When you use a good solution, you can decrease your supply costs, increase engineering, reduce repair costs, and increase product stability. It's a win-win solution where the customer wins, and you win.

I would definitely recommend using Perimeter 81. Overall, I would rate the product a nine out of ten, but I would like to improve its security.

I'm using it for the VPN, I work from a home office and need to access data from different websites. I'm a front-end web developer for a famous brand, working remotely from another country, and the content I have to access must be from different countries. There are some internal tools we must use too, and we must access them with a VPN. Some of these tools are on mobile too, so we also have to install VPN solutions on mobile phones. I have to use a tool that we can access multiple VPNs and switch regions with ease.

We use some VPN solutions, and Perimeter 81 has the best user experience for desktop or mobile. The other solutions have more steps to set up, are more complicated and it was not a good experience. Unfortunately, I can't use Perimeter 81 for all VPN use cases, due to the company's policy, however, when I can, I always choose it. 

I have to use it on my phone too, and my smartphone was not compatible with the other VPN solutions (old Android version), but Perimeter 81 works on old mobile phones and is very light. 

The best points of Perimeter 81 are the:

- User experience
- Design
- Ease of use
- Support for mobile and desktop
- Very light mobile app

The other VPN tools have some old interface with a not great user experience. I use a Mac and the interface looks like an old Windows App. Perimeter 81 is very pretty. My phone is an old Android version (I cannot upgrade right now) and I could not use the other tools to access the VPN because their two-step authentication app could not run on my phone. Perimeter 81 app works on old phones and is very lightweight. The battery consumption is very low. 

I am very satisfied with the product right now. I don't know if it is technically feasible, however, if the Desktop App could be used as a Web App or a Chrome Extension it would be very nice. It would help a lot if I could click a link with the right-click and select from a range of options like: "Open a with VPN: Network main" and that tab would open with VPN activated only on that. And then I could refresh the tab with the VPN on or off. When I access a URL, the Extension could have an option like: "Reload current tab with VPN".

I've used the solution for two months.

I didn't have to deal with any bugs so far.

Our team is big, from people all around the world. Everybody is using a VPN. It scales well.

Until now, I have not needed to reach out for service support.

Neutral

Yes, I did use a different solution, however, I didn't make a full switch as some tools we use can only be accessed with specific VPN tools. That said, when I can choose, I prefer Perimeter 81 due to its ease of use.

It was very easy to set up.

Our IT team provided a step-by-step to setup the solution.

I don't deal with the billing.

I don't deal with billing, however, it would be nice to have a time trial.

IT selects the tools we use. I did not evaluate others.

I'd advise others to use it if you need to access VPN for both desktop and mobile.

In our company, Quantum SASE is available for namesake in our environment since we rely on Check Point Secure Web Gateway for its firewall functionalities. Most of our company's customers use firewalls from Check Point Software, Palo Alto, or Fortinet. The simple use case of the tool for our company's customers stems from the fact that they have a general internal network or many users for which a firewall is required to secure the network traffic flow and communications that happen from outside to inside the company.

When it comes to Check Point Quantum SASE, though the OEM provides security, it is not 100 percent full-fledged to meet the requirements from the customers' end. There are no OEMs in the market that provide 100 percent security. The security of the product has to be improved.

I have been using Check Point Quantum SASE for seven years.

The product's stability is very good. Stability-wise, I rate the solution a nine out of ten.

In firewall products, scalability is not required. If you set up the two firewall tools, no scalability is required. Scalability-wise, I rate the solution a nine out of ten.

My company deals with 20 or 30 customers of the tool.

My company's customers extensively use the product.

The support from Check Point Quantum SASE is very good, and the response from the support team is fast. The support from Check Point Quantum SASE is customer-friendly and knowledgeable about troubleshooting issues.

The product's initial setup phase is very simple.

The product's installation process consists of racking, stacking, and mounting, after which a user can directly start the appliance and configure the HA status and policies.

The solution is deployed on an on-premises model.

The solution can be deployed in two or three days.

One engineer is required to take care of one single deployment process.

The ROI of the tool can be calculated depending on the tool's ability to be used for multiple use cases and protect the confidential data of users. It is very simple to calculate the product's ROI. If you use Check Point Quantum SASE, then your internal users are protected from outside attackers.

Check Point Quantum SASE provides SASE functionalities with all the required features. Check Point Quantum SASE's price is higher than what its competitors offer. The price of the product is something that depends on the requirements, and the purchase or order value of the customers.

The price of the tool depends on whether customers need SMTP, NGTP, or Check Point NG licenses.

I consider the product to be a medium-priced solution. There are no additional costs attached to the tool.

The solution enhances the ability of our company's remote workforce to secure access to corporate resources since we use VPN to secure work-from-home users and domain users.

Check Point Quantum SASE offers all the features essential for threat prevention, threat emulation, threat extraction, anti-spam, and anti-malware.

In relation to Check Point Quantum SASE, I haven't worked with the part involving WAN architecture. I only handle cybersecurity for a portfolio with respect to the LAN segment, and not WAN segment.

I rate the tool's performance a ten out of ten.

Check Point Quantum SASE can be described as the world's best security product without a doubt since it is a market leader in its segment.

The performance and reliability offered by the tool depend on the customer environment, and after considering aspects like throughput, how many users, and how many concurrent connections, my company plans the sizing part of the tool.

The value of working with the tool is good, as it can secure users, environments, and applications.

I rate the tool a nine out of ten.

This tool was acquired when the organization made the decision to move the entire infrastructure to the cloud. It was going to handle different types of schemes such as IaaS and SaaS up to Office 365, so all these schemes were going to meet the need for accessibility by users. We needed a tool with complex, centralized management that would help us prevent all types of malicious attacks both from inside and outside in order to guarantee security and reliability for all our clients.

Since the implementation of Harmony, we managed to establish excellent communication in all environments. It has helped us a lot in preventing cyber attacks from anywhere, such as remote users, internet SaaS, and IaaS. In addition, it provides us with real-time information so we can make decisions immediately and achieve complete analysis to be able to carry out compliance management for the corresponding audits.

The tool has many valuable features - such as protection against threats. It also has centralized management that allows administrators to supervise and control the security of the entire network. The VPN and authentication functions guarantee secure and efficient connections from anywhere in the country, device, or network. Due to these characteristics, the tool is one of the best on the market.

They should improve certain features, although they have a modern graphical interface. They can centralize the options or have faster access to options, in addition to improving the authentication to the tool since sometimes it presents problems when entering. In a future version of the tool, they could add a space where information on common errors is shown so that there would not be much dependence on the support they offer.

I managed to use it for approximately two years.

It is a stable tool; I very rarely have problems.

Regarding scalability, it is very good. It behaves and integrates very well with other tools.

Support is one of the points of improvement. They should focus on this part as they are not complying with the SLAs.

Positive

There was no solution implemented previously. This was done when it was decided to implement a cloud implementation.

The implementation is a little complicated at first; its learning curve is intermediate.

The implementation was carried out with the vendor who demonstrated considerable skill in managing the solution.

It is an investment that must be considered and looked at very carefully. You need to understand what type of tool is needed since it is an important contribution to online safety.

The installation is simple once you know how to do it. At first, it is somewhat complicated- especially the configuration. Once you learn, it's very easy. The cost was one of the best quotes we found with the features we needed.

We explored several tools on the market, such as Barracuda CloudGen Firewall, Sophos XG Firewall, and Fortinet FortiGate.

It is a very complete and competitive tool in the marketplace.

Our company operates within the intricate and highly regulated insurance market. Here, the sanctity of data is paramount and any breach could result in significant consequences for our stakeholders. 

Given the sensitive nature of our data and the frequent exchange of confidential information with our clients and partners, having a secure connection at all times is non-negotiable. 

Perimeter 81 has emerged as a linchpin in our cybersecurity strategy. Whether our employees are working from the confines of our fortified office infrastructure or accessing systems remotely, Perimeter 81 ensures that our data remains secure. 

Its robust architecture dovetails seamlessly with our existing IT infrastructure, offering us peace of mind in an environment increasingly characterized by cyber threats. 

Adopting Perimeter 81 has yielded noticeable improvements in our organization, especially in the realm of user experience. It's no secret that some cybersecurity tools can be daunting for users, especially those who aren't inherently tech-savvy. 

However, Perimeter 81’s interface is intuitive, and its setup is straightforward. This has reduced the learning curve for our employees substantially. The ease of use not only translates to quick adoption rates - it also ensures that our employees remain compliant with our cybersecurity protocols, enhancing the overall security posture of our organization.

While the entirety of Perimeter 81's suite is commendable, the quick access LAN feature stands out as a particular favorite in our organization. The ability to swiftly and securely access our local area network without cumbersome processes or technical hitches is invaluable. 

This feature not only boosts productivity by ensuring uninterrupted access to essential resources; it also buttresses our cybersecurity measures by ensuring that this access is always secure. The competitors of Perimeter 81 can learn a thing or two. 

While Perimeter 81 has proven to be an invaluable asset, there's always room for improvement. A focus on catering to non-tech users even further would be beneficial. Offering in-app explanations detailing what each feature does, its benefits and potential use cases can help users better understand and utilize the tool to its full potential. 

Moreover, integrating interactive tutorials or walkthroughs for new features in future releases could provide users with hands-on guidance, further simplifying their experience.

I've used the solution for six to 12 months.

I've never had any issues whatsoever, so the stability is very strong. 

The solution is easily scalable for both small and medium-sized organizations.

I haven't yet had to reach out to Perimeters' customer service and support. 

Neutral

No, we didn't use any similar solution before Perimeter 81.

The initial setup is very easy and straightforward, even for non-tech users.

We used a vendor team with a high level of expertise. They could help us quickly and answered all our questions. 

I wasn't personally part of the decision, however, I know that our choice was made after a thorough evaluation process comparing different competitors. 

I use Perimeter 81 mostly for remote work. I work in a fast-paced, customer-centric environment overseeing a team of about four or five people who regularly need urgent assistance. I also host group meetings that require me to use other applications that need a VPN. Perimeter 81 has helped me stay connected right around the clock with almost no need for IT app support each day. Dealing with clients online requires good VPN hosting, and Perimeter 81 has provided that

Perimeter 81 has been a game-changer at my company. Service delivery has improved internally and externally. We had lots of dropped VPN signals with our previous provider, so it was refreshing when we started testing Perimeter 81. We are now considering switching all of our remote employees to Perimeter 81 based on the experiences that the initial users shared during our bi-weekly department and company meetings. 

It connects quickly and stays connected. The user interface is pretty neat too. The app has in-house support with user guides that give you step-by-step walkthroughs on navigating the app. In addition, there is a live chat feature that offers prompt assistance on the go. There is also a diagnostic feature that helps you troubleshoot any issue you have, but I've never had to use this because I haven't had any issues. 

If I were to be nitpicky, I would ask that Perimeter 81 offer the option for us to change the color of the graphical user interface, like maybe pink or green or so on. 

I've been using Perimeter 81 for about six months

Perimeter 81 is highly stable.

Perimeter 81 is highly scalable.

Our previous VPN provider dropped the signal too often.

Setting up Perimeter 81 wasn't complex.

We deployed Perimeter 81 in-house.

I rate Perimeter 81 10 out of 10.