Check Point Harmony SASE (formerly Perimeter 81) Reviews

I have experience with Check Point Harmony Connect and Harmony Endpoint, mainly in an enterprise setting for the cloud-based access control and firewall functionality. It is a good, easy-to-deploy solution that is ideal when it comes to managing access to enterprise resources for those working in a home office type of scenario.

What I like about Harmony Connect is that every packet through the network is screened and filtered so that only clean packets can enter the PC. This is useful for a variety of security reasons because you no longer need to worry about things like DDoS attacks, etc.

Nowadays a lot of people are working from a home office, and Harmony Connect is an ideal solution when it comes to remote working. Let's say there is an organization of around 100-200 people — if they are working from home, they will have a strong need for enhanced firewall and UTM functionality. In this case, the organization can simply deploy Harmony Connect and the employees will have access to secure VPN connectivity.

Another point to mention is that Harmony Connect's real advantage over other solutions is that their support is excellent and they have really awesome technical staff.

The main problem with Harmony Connect is that, because it's in a new category of offerings by Check Point, there's very little marketing of the product so far, and this means that many potential users don't even know this kind of solution is available. There are also few testimonials or case studies talking about people who have used the product and fell in love with it, for example.

The second area in which they could improve is the performance of their management portal. For the end user of Harmony Connect, the performance is great and lightweight, but there is often some slowness when using the management portal as an administrator.

I have six months of experience with Harmony Connect.

Harmony Connect is very stable and its performance is good in the production environment. One of my customers has been using it for six months so far and no issues have been found.

It's a cloud offering so it scales nicely. I don't know about managing Harmony Connect beyond 1,000 users, but I'm not finding any difficulty with scaling because you just need to push the agent to the end user. I believe Check Point are using a major cloud provider such as Amazon, and I don't think scalability is an issue at all for them.

The real advantage of Harmony Connect is their support team. They are excellent, and their technical guys are really awesome. If there is any issue, you simply call them, and most of the time the issue will be resolved on the first call.

They are not very aggressive in their promotion of Harmony Connect, so you would expect that the support might be lacking but this is not the case. And when it comes to new feature requests, they are open to listening. If you can convince them to bring out a new feature, they will keep you updated and perhaps even connect you with their R&D team, no matter how small you might feel to them. Check Point's support team is truly one of the best.

Positive

Earlier, we used to deal with Symantec, but lately Symantec has not been operating well in India. It is very difficult to even get quotations for the pricing, so we don't deal with them much nowadays.

You hardly have to click more than three times and your Harmony Connect will be configured.

The implementation for about 1,000 users is not particularly difficult. It will need a system administrator for the data, managing the security features, and maintenance, but typically two or three staff members are more than enough to handle it.

The pricing is good, especially when you compare it to other firewall or UTM solutions from FortiGate or SonicWall, where you would have to invest about four hundred thousand rupees for 100 users over a three-year period. On top of that, for those solutions you would also need to pay for the expertise to manage the solution, including 24/7 monitoring and so on.

We have considered another solution called Prisma Access from Palo Alto Networks, and it may turn out that we will need that solution instead of Harmony Connect to fulfill our future ambitions, but I don't have any personal experience with it yet.

I would rate Harmony Connect a nine out of ten.

We primarily use Perimeter 81 for VPN purposes.

The customer support was excellent. They were very helpful whenever we needed assistance. Also, the gateway they provided worked well. The availability of support programs made it easy for us to resolve any issues promptly. The solution itself was quite similar to others we have used, so the strong support was a distinguishing factor.

There are a few areas where the solution could be improved. For instance, we sometimes encounter connectivity issues, which can be problematic. Recently, I experienced a connectivity issue while trying to move to Azure. Connectivity issues can be quite frustrating.

Moreover, in the past, they may have charged differently for their services, which could have impacted the current performance or connectivity. However, I am not entirely sure about the specifics of their previous service offerings. But overall, connectivity issues are a common occurrence when using VPNs.

We've been using Perimeter 81 for almost three months now.

Scaling Perimeter 81 was easy to do. Around 20+ users were using it.

I had a moderate level of experience with the support. During the installation phase, I found it very easy and supportive. However, after that, when I faced an issue, the support person themselves became part of the problem. We went back and forth trying to resolve the issue, but unfortunately, nothing worked out, and we had to find a solution on our own. So, that's been my experience with their support.

The installation on Azure was actually quite easy. I had to provide a couple of personal details for data installations, and then I was able to set it up. 

In Azure, there were multiple instances available for the installation, which was helpful. It was a good experience, and I was able to get it up and running smoothly.

For the installation of Perimeter 81, it didn't take long at all. Setting up the backend and connecting with the users only took about ten minutes. It was a quick process, and I didn't spend more than that time on it. However, I didn't handle the filling up of all the details myself, as that part was handled by a third person.

We only had a single point of contact for the deployment. There was one person available to assist with the installation and configuration.

When it came to maintenance, we faced some connectivity issues, and whenever that happened, we contacted their support for assistance. There were some technical workarounds provided, but sometimes the response and resolution were not satisfactory, which became frustrating. Due to this, I had to get in touch with the solution team often. Eventually, I decided to move away from their service.

Perimeter 81 charges separately for gateways and VPN connectivity, but compared to Azure, it seemed more reasonable. Azure's pricing details were not as clear as Perimeter 81's. While Azure team mentioned certain areas, Perimeter 81 provided a clearer breakdown of the pricing, making it more understandable. So, I would say it was moderate in terms of cost.

Perimeter 81 offers both monthly and yearly licensing options. Users can choose whichever option they prefer based on their needs and preferences.

For those planning to use Perimeter 81, I would recommend going ahead with it. However, I suggest ensuring that there is a reliable tech support process in place. It's essential to know which person would be available for assistance so that you can connect with them anytime you face any issues. Also, it's important to avoid any support connectivity issues during usage. In my experience, they were in a good space when it came to using the solution.

Overall, I would rate the solution a six out of ten. 

I'm using it for the VPN, I work from a home office and need to access data from different websites. I'm a front-end web developer for a famous brand, working remotely from another country, and the content I have to access must be from different countries. There are some internal tools we must use too, and we must access them with a VPN. Some of these tools are on mobile too, so we also have to install VPN solutions on mobile phones. I have to use a tool that we can access multiple VPNs and switch regions with ease.

We use some VPN solutions, and Perimeter 81 has the best user experience for desktop or mobile. The other solutions have more steps to set up, are more complicated and it was not a good experience. Unfortunately, I can't use Perimeter 81 for all VPN use cases, due to the company's policy, however, when I can, I always choose it. 

I have to use it on my phone too, and my smartphone was not compatible with the other VPN solutions (old Android version), but Perimeter 81 works on old mobile phones and is very light. 

The best points of Perimeter 81 are the:

- User experience
- Design
- Ease of use
- Support for mobile and desktop
- Very light mobile app

The other VPN tools have some old interface with a not great user experience. I use a Mac and the interface looks like an old Windows App. Perimeter 81 is very pretty. My phone is an old Android version (I cannot upgrade right now) and I could not use the other tools to access the VPN because their two-step authentication app could not run on my phone. Perimeter 81 app works on old phones and is very lightweight. The battery consumption is very low. 

I am very satisfied with the product right now. I don't know if it is technically feasible, however, if the Desktop App could be used as a Web App or a Chrome Extension it would be very nice. It would help a lot if I could click a link with the right-click and select from a range of options like: "Open a with VPN: Network main" and that tab would open with VPN activated only on that. And then I could refresh the tab with the VPN on or off. When I access a URL, the Extension could have an option like: "Reload current tab with VPN".

I've used the solution for two months.

I didn't have to deal with any bugs so far.

Our team is big, from people all around the world. Everybody is using a VPN. It scales well.

Until now, I have not needed to reach out for service support.

Neutral

Yes, I did use a different solution, however, I didn't make a full switch as some tools we use can only be accessed with specific VPN tools. That said, when I can choose, I prefer Perimeter 81 due to its ease of use.

It was very easy to set up.

Our IT team provided a step-by-step to setup the solution.

I don't deal with the billing.

I don't deal with billing, however, it would be nice to have a time trial.

IT selects the tools we use. I did not evaluate others.

I'd advise others to use it if you need to access VPN for both desktop and mobile.

This tool was acquired when the organization made the decision to move the entire infrastructure to the cloud. It was going to handle different types of schemes such as IaaS and SaaS up to Office 365, so all these schemes were going to meet the need for accessibility by users. We needed a tool with complex, centralized management that would help us prevent all types of malicious attacks both from inside and outside in order to guarantee security and reliability for all our clients.

Since the implementation of Harmony, we managed to establish excellent communication in all environments. It has helped us a lot in preventing cyber attacks from anywhere, such as remote users, internet SaaS, and IaaS. In addition, it provides us with real-time information so we can make decisions immediately and achieve complete analysis to be able to carry out compliance management for the corresponding audits.

The tool has many valuable features - such as protection against threats. It also has centralized management that allows administrators to supervise and control the security of the entire network. The VPN and authentication functions guarantee secure and efficient connections from anywhere in the country, device, or network. Due to these characteristics, the tool is one of the best on the market.

They should improve certain features, although they have a modern graphical interface. They can centralize the options or have faster access to options, in addition to improving the authentication to the tool since sometimes it presents problems when entering. In a future version of the tool, they could add a space where information on common errors is shown so that there would not be much dependence on the support they offer.

I managed to use it for approximately two years.

It is a stable tool; I very rarely have problems.

Regarding scalability, it is very good. It behaves and integrates very well with other tools.

Support is one of the points of improvement. They should focus on this part as they are not complying with the SLAs.

Positive

There was no solution implemented previously. This was done when it was decided to implement a cloud implementation.

The implementation is a little complicated at first; its learning curve is intermediate.

The implementation was carried out with the vendor who demonstrated considerable skill in managing the solution.

It is an investment that must be considered and looked at very carefully. You need to understand what type of tool is needed since it is an important contribution to online safety.

The installation is simple once you know how to do it. At first, it is somewhat complicated- especially the configuration. Once you learn, it's very easy. The cost was one of the best quotes we found with the features we needed.

We explored several tools on the market, such as Barracuda CloudGen Firewall, Sophos XG Firewall, and Fortinet FortiGate.

It is a very complete and competitive tool in the marketplace.

Our company operates within the intricate and highly regulated insurance market. Here, the sanctity of data is paramount and any breach could result in significant consequences for our stakeholders. 

Given the sensitive nature of our data and the frequent exchange of confidential information with our clients and partners, having a secure connection at all times is non-negotiable. 

Perimeter 81 has emerged as a linchpin in our cybersecurity strategy. Whether our employees are working from the confines of our fortified office infrastructure or accessing systems remotely, Perimeter 81 ensures that our data remains secure. 

Its robust architecture dovetails seamlessly with our existing IT infrastructure, offering us peace of mind in an environment increasingly characterized by cyber threats. 

Adopting Perimeter 81 has yielded noticeable improvements in our organization, especially in the realm of user experience. It's no secret that some cybersecurity tools can be daunting for users, especially those who aren't inherently tech-savvy. 

However, Perimeter 81’s interface is intuitive, and its setup is straightforward. This has reduced the learning curve for our employees substantially. The ease of use not only translates to quick adoption rates - it also ensures that our employees remain compliant with our cybersecurity protocols, enhancing the overall security posture of our organization.

While the entirety of Perimeter 81's suite is commendable, the quick access LAN feature stands out as a particular favorite in our organization. The ability to swiftly and securely access our local area network without cumbersome processes or technical hitches is invaluable. 

This feature not only boosts productivity by ensuring uninterrupted access to essential resources; it also buttresses our cybersecurity measures by ensuring that this access is always secure. The competitors of Perimeter 81 can learn a thing or two. 

While Perimeter 81 has proven to be an invaluable asset, there's always room for improvement. A focus on catering to non-tech users even further would be beneficial. Offering in-app explanations detailing what each feature does, its benefits and potential use cases can help users better understand and utilize the tool to its full potential. 

Moreover, integrating interactive tutorials or walkthroughs for new features in future releases could provide users with hands-on guidance, further simplifying their experience.

I've used the solution for six to 12 months.

I've never had any issues whatsoever, so the stability is very strong. 

The solution is easily scalable for both small and medium-sized organizations.

I haven't yet had to reach out to Perimeters' customer service and support. 

Neutral

No, we didn't use any similar solution before Perimeter 81.

The initial setup is very easy and straightforward, even for non-tech users.

We used a vendor team with a high level of expertise. They could help us quickly and answered all our questions. 

I wasn't personally part of the decision, however, I know that our choice was made after a thorough evaluation process comparing different competitors. 

Check Point Quantum SASE is a next-generation email security solution. It can be used to protect users from phishing emails.

The tool connects as an API. The installation is very easy. The integration with the existing network was very easy. It is a good tool. We can rely on it.

The tool could be more user-friendly.

I have been using the solution for more than a year.

The tool is very stable and highly reliable. I rate the stability a ten out of ten.

I rate the tool's scalability a ten out of ten. We have approximately 120 users. We have plans to increase the number of users. Our team members are experts. Anyone can deploy and maintain the solution.

The support is good. The support personnel give prompt responses. They take ownership of our issues and communicate with us quickly. They try to get back to us quickly.

The setup is very easy. The deployment can be done without much effort. It is done at the API level. It is deployed on the cloud.

I do not face phishing attacks and downtime due to the product.

Check Point Quantum SASE is a SaaS-based product. We have to pay yearly. The product is reasonably priced. There are no additional costs associated with the tool.

I evaluated Microsoft Defender. Defender is a good solution, but it is not reliable.

One of the biggest challenges organizations face is email threats. They are completely unknown. The users get deceived by them and tend to click on them. Previously, there was a solution called Avanan. It was one of the pioneers in email security that ensured no unwanted email came to our inbox. I will recommend the product to others. People must look at the solution very seriously. It will help them safeguard their organizations.

Overall, I rate the tool a ten out of ten.

Our company installed the solution locally to test it and gain user experience. In the future, we plan to sell the solution to customers. 

The solution provides internet access, network access, and security. Both on-premises and cloud versions are available. 

Initially, we installed the on-premises version but are now testing the cloud version. 

The solution offers both client and clientless versions for good remote access. We don't like to give our credentials to BYOD devices, non-permanent cadres, or contractors so having two remote access options is a huge benefit. 

There is a granular level of control over users with regard to internet or network access. The virtual firewalls for remote connectivity are almost like having a firewall in-house. 

The solution is an agile product with very good technology. 

The solution requires you to buy a minimum of 50 licenses and that is not practical. 

I have been using the solution for five months. 

The solution is stable so I rate stability a ten out of ten. 

The solution is scalable so I rate scalability a ten out of ten. 

I have been selling Check Point firewalls for four years. Previously, I sold Fortinet.

I am happier with the solution because my customers are giving me very good feedback. 

The setup is easy so I rate it a ten out of ten. 

We implemented the solution in-house. We set up our Active Directory and our admin sent the docker through email. We clicked the docker, installed it, and received connection to the solution. 

It took about four months for rollout to all of our our engineers and salespeople.

I am not very happy about the pricing because the solution requires you to buy a minimum of 50 licenses. Annual licenses cost $30 to $40 each. 

The pricing is not practical in Sri Lanka because we have small customers who need only 10 to 20 licenses. There should be packages for 10, 20, and even 30 licenses. 

In Sri Lanka, there is a lot of competition with endpoint or process solutions. I think the solution is going to be a very good brand in the near future because we have been promoting it and most of our customers want to buy it. 

The solution provides a secure tunnel for controlling users while maintaining stability. Security is an important component because you need to prevent hacks and issues with data accessibility. Without a secure tunnel, someone might get into your networks, take credentials or databases, and destroy your data centers. 

The solution is fast and provides 100% security, especially for remote users. 

I rate the solution a ten out of ten. 

Our primary use case is as a Security Web Gateway for off-premises users. 

We use Check Point for application control, IPS, and web filter on-premises and wanted an in-kind solution for off-prem users. The primary requirement was for the Harmony policy to be able to be managed from the same SmartConsole instance as our on-premises gateways are managed. 

We wanted to be able to have one single policy, managed in one place, and for our users to have the same browsing experience whether off-prem or on-prem. It was also a primary requirement to be able to have the logs generated from Harmony merged into the same locations (SmartConsole and our SIEM) as our on-prem gateway logs go.

It has not improved our organization due to being unable to fully implement in the manner it was sold to us as being able to. 

After attempting to use the same policy for Harmony that we use for on-prem users (managed by on-prem smartConsole), and after much time going through Check Point account reps and support, we were informed it is not possible to manage Harmony Connect policy from SmartConsole if layers or source objects (such as AD users, machines) were used. 

We then were told by Check Point it would be possible to manage both policies from the same platform if we used the Management-as-a-Service Smart1Cloud smartconsole, but after further investigation, we were then later told by Check Point account executives and support that we are unable to manage Harmony policies from Smart1 Cloud, even though they are both housed in the Check Point Infinity Portal. 

It is also not even possible to send our Harmony Connect logs to the Smart1Cloud portal, again - even though they are both within the Infinity portal.

HTTPS decryption is a valuable service and not always found in cloud-based secure web gateways. With as much traffic being HTTPS as opposed to HTTP these days it is very important to be able to run that traffic through all the security modules such as IPS and Application Control. 

We also found the SAML integration to be useful. It is handy to be able to access the portal from anywhere in the world, though as mentioned above we are not fully implementing the product at this time due to other issues.

We want the overall ability to manage Harmony and on-prem policies from the same platform. Harmony lacks this ability when anything more than a vanilla access policy is used (we use layers and source user objects in our policy which make this impossible according to Check Point). 

Also, we need the ability to send/merge Harmony logs into the same SmartConsole as our on-prem Gateways send logs to. Have been told this is not possible by Check Point. It makes it really difficult when you have to use two different platforms/portals to see logs

I've used the solution for about six months.

I have not had any issues with stability, although we have not fully used the solution in the manner intended.

I have not had any issues with cloud-based resources, so I assume it would be easily scalable.

We have had many issues with customer support on this product. 

One example: I created a support ticket for a simple issue on the product not being able to be installed on our client machines. 

It took over a month to resolve with my team having to repeatedly follow up with support in order to get a result. My team eventually had to dig into the issue at a great depth ourselves and discovered the problem - it was that Check Point developers did not properly sign multiple scripts associated with installation, which would not allow it to install in our secure environment. 

My team had to unpack the installer and dig around to examine the files and find the mistake in signing. The issue was then finally solved by Check Point developers in Tel Aviv.

Negative

We previously used Check Point Cloud Capsule, which is a similar product. However, we were never happy with its performance and its Application Control objects were very out of date. Support was always hard to get on it from Check Point as well. It was also unable to be used alongside our VPN solution (Microsoft Always-On VPN).

The initial portal setup was straightforward in that the portal is automatically provisioned. 

Getting users integrated through SAML was not straightforward in that the instructions from Check Point on linking it with Azure AD were not accurate. The pre-built Enterprise Application object within Azure AD that is provided for Harmony did not work either. We had to adjust several of the settings to make it work (which were not covered by any support article).

We handled the implementation in-house.

We have seen a negative return on investment

Pricing and licensing seemed acceptable; we have no complaints there. 

We also evaluated solutions from Cisco and Palo Alto.

Users should just make sure the solution will actually do what is expected, regardless of what the company says it can do.