Check Point Harmony SASE (formerly Perimeter 81) Reviews

Our primary use case is as a Security Web Gateway for off-premises users. 

We use Check Point for application control, IPS, and web filter on-premises and wanted an in-kind solution for off-prem users. The primary requirement was for the Harmony policy to be able to be managed from the same SmartConsole instance as our on-premises gateways are managed. 

We wanted to be able to have one single policy, managed in one place, and for our users to have the same browsing experience whether off-prem or on-prem. It was also a primary requirement to be able to have the logs generated from Harmony merged into the same locations (SmartConsole and our SIEM) as our on-prem gateway logs go.

It has not improved our organization due to being unable to fully implement in the manner it was sold to us as being able to. 

After attempting to use the same policy for Harmony that we use for on-prem users (managed by on-prem smartConsole), and after much time going through Check Point account reps and support, we were informed it is not possible to manage Harmony Connect policy from SmartConsole if layers or source objects (such as AD users, machines) were used. 

We then were told by Check Point it would be possible to manage both policies from the same platform if we used the Management-as-a-Service Smart1Cloud smartconsole, but after further investigation, we were then later told by Check Point account executives and support that we are unable to manage Harmony policies from Smart1 Cloud, even though they are both housed in the Check Point Infinity Portal. 

It is also not even possible to send our Harmony Connect logs to the Smart1Cloud portal, again - even though they are both within the Infinity portal.

HTTPS decryption is a valuable service and not always found in cloud-based secure web gateways. With as much traffic being HTTPS as opposed to HTTP these days it is very important to be able to run that traffic through all the security modules such as IPS and Application Control. 

We also found the SAML integration to be useful. It is handy to be able to access the portal from anywhere in the world, though as mentioned above we are not fully implementing the product at this time due to other issues.

We want the overall ability to manage Harmony and on-prem policies from the same platform. Harmony lacks this ability when anything more than a vanilla access policy is used (we use layers and source user objects in our policy which make this impossible according to Check Point). 

Also, we need the ability to send/merge Harmony logs into the same SmartConsole as our on-prem Gateways send logs to. Have been told this is not possible by Check Point. It makes it really difficult when you have to use two different platforms/portals to see logs

I've used the solution for about six months.

I have not had any issues with stability, although we have not fully used the solution in the manner intended.

I have not had any issues with cloud-based resources, so I assume it would be easily scalable.

We have had many issues with customer support on this product. 

One example: I created a support ticket for a simple issue on the product not being able to be installed on our client machines. 

It took over a month to resolve with my team having to repeatedly follow up with support in order to get a result. My team eventually had to dig into the issue at a great depth ourselves and discovered the problem - it was that Check Point developers did not properly sign multiple scripts associated with installation, which would not allow it to install in our secure environment. 

My team had to unpack the installer and dig around to examine the files and find the mistake in signing. The issue was then finally solved by Check Point developers in Tel Aviv.

Negative

We previously used Check Point Cloud Capsule, which is a similar product. However, we were never happy with its performance and its Application Control objects were very out of date. Support was always hard to get on it from Check Point as well. It was also unable to be used alongside our VPN solution (Microsoft Always-On VPN).

The initial portal setup was straightforward in that the portal is automatically provisioned. 

Getting users integrated through SAML was not straightforward in that the instructions from Check Point on linking it with Azure AD were not accurate. The pre-built Enterprise Application object within Azure AD that is provided for Harmony did not work either. We had to adjust several of the settings to make it work (which were not covered by any support article).

We handled the implementation in-house.

We have seen a negative return on investment

Pricing and licensing seemed acceptable; we have no complaints there. 

We also evaluated solutions from Cisco and Palo Alto.

Users should just make sure the solution will actually do what is expected, regardless of what the company says it can do.

One use case of SASE is for a partner customer who needs a secure and fast connection for their employees to access the final customer's data center and cloud. Green protection and security measures enable access to all information, including the data center's applications and networks.

Harmony SASE can prevent threats, provide global network protection, and manage API evaluations of user posture. Its software solution also ensures connectivity and protects against NSF filtering.

Check Point complements our more robust solution with Harmony SASE. This solution allows me to see Harmony SASE as an additional layer of security. It profiles security for users connecting remotely, whether working from another branch, a hotel, or an airport. In this case, we needed to protect these connections quickly, so we deployed it as the fastest solution for this customer.

There is a hefty cost, but it has excellent coverage. We need SASE management for five websites, including streamlining, logging, and monitoring. The solution offers the final customer three cloud coverage options and an excellent price point. Our competitors are Palo Alto, Cisco, Symantec, and Solar.

If the dashboard allows the PMS administrator to easily and quickly deploy configurations, it will facilitate the solution's faster deployment.

It is stable. It brings strong stability to the program, including updates to protect against new ransomware attacks.

Check Point's support is on par with the best in the market. Check Point Harmony SASE is a leading solution in both the local and global markets.

Positive

Unlike Cisco, Microsoft Azure, and similar solutions, SASE Insight offers limited visibility. It is slow in detecting and reacting to threats at the point of entry in real-time. Microsoft’s solution is focused on protection but doesn’t provide comprehensive security management. Although it deploys easily, Microsoft’s approach to security isn’t sufficient for robust threat prevention, especially against ransomware. Check Point's Harmony SASE is a more effective solution as it includes several advanced tools and sandboxing capabilities for thorough threat prevention and management.

The deployment is easy, but financial customers must have a comprehensive protection solution. Check Point's Harmony provides complex protection with its firewalls and other features.

The return of the SASE web addresses the void in the quality of information protection clients have in their employment. We can check the information, ensuring higher value and effective deployment, ultimately benefiting us. It is crucial to verify the quantum of protection provided and the conditions and access to private information. 

Harmony SASE may not be the cheapest solution but offers more value. It provides enhanced capabilities and features that justify its cost. We are conducting several trials with the new rigs in the silver packs to evaluate their effectiveness.

I recommend Check Point's solution, including various verticals like Quantum, CloudGuard, and Harmony. Harmony SASE, in particular, covers mobile endpoints, email, and collaboration. It's known for easy and fast deployment, as well as efficient administration through the portal. This solution provides organizations with real-time protection and is considered one of the best in the market.

Overall, I rate the solution an eight out of ten.

Check Point Quantum SASE is a next-generation email security solution. It can be used to protect users from phishing emails.

The tool connects as an API. The installation is very easy. The integration with the existing network was very easy. It is a good tool. We can rely on it.

The tool could be more user-friendly.

I have been using the solution for more than a year.

The tool is very stable and highly reliable. I rate the stability a ten out of ten.

I rate the tool's scalability a ten out of ten. We have approximately 120 users. We have plans to increase the number of users. Our team members are experts. Anyone can deploy and maintain the solution.

The support is good. The support personnel give prompt responses. They take ownership of our issues and communicate with us quickly. They try to get back to us quickly.

The setup is very easy. The deployment can be done without much effort. It is done at the API level. It is deployed on the cloud.

I do not face phishing attacks and downtime due to the product.

Check Point Quantum SASE is a SaaS-based product. We have to pay yearly. The product is reasonably priced. There are no additional costs associated with the tool.

I evaluated Microsoft Defender. Defender is a good solution, but it is not reliable.

One of the biggest challenges organizations face is email threats. They are completely unknown. The users get deceived by them and tend to click on them. Previously, there was a solution called Avanan. It was one of the pioneers in email security that ensured no unwanted email came to our inbox. I will recommend the product to others. People must look at the solution very seriously. It will help them safeguard their organizations.

Overall, I rate the tool a ten out of ten.

Primarily I use the product for work purposes. My work environment is currently remote, therefore, I tend to move between private and public networks pretty often. Having this solution for public networks is key in ensuring that you are staying secure while browsing or using work-related software or services. While working from home, people tend to travel and never realize that public networks are very insecure and they allow hackers to access information from your computer very easily, especially if you don't have a VPN service.

Perimeter 81 has increased my security and privacy while maintaining solid internet performance. 

Without this software, I tend to always be concerned with security and privacy while browsing the web, however, when I'm using this software, I tend to feel more comfortable browsing knowing that I'm covered. It has made working from home feel more secure while not impacting computer performance. 

Many other services that I've used heavily affect the overall performance of my computer, however Perimeter 81 doesn't affect it at all.

The Perimeter 81 VPN is fast and secure. It also is very easy to use, with a simple yet elegant UI. I like how this software will automatically turn on my VPN and connect whenever I hop on my machine. The Always On VPN really can't be beaten. 

While I'm using this service, I never even notice that I'm using it (due to the overall performance of the program), which is really what you want when you're using a VPN. This has to be the most valuable part of this software, along with the user-friendly interface. 

I don't think that this service can be improved. Speed and privacy could always be improved, however, the current product doesn't lack these criteria. I also think that the overall UI could be improved and updated to bring a simpler feel to the application, but again, the software doesn't truly lack in this category. 

Aside from this, the service is really pleasant to use and I've never once had the thought of uninstalling the application. While it would be great to have the ability to move the location of the VPN, I don't think that this is required to increase the overall performance.

I've used this solution for about two months.

I've gotten a great first impression in terms of stability.

The scalability has given me a great first impression.

I haven't had to reach out to support.

I've used other services. That said, I didn't have a great experience with their UI and performance lacking abilities.

The setup was a breeze.

I'm not too sure if we had assistance or not.

This service is very affordable and worth it for what you actually get out of the software.

I didn't look into other options before choosing this service, however, I don't think there is a need to at the moment.

We utilize cryptographic techniques, leveraging the tool's capabilities in Blockchain, to safeguard financial transactions against potential threats, especially those posed by Quantum computing advancements. Integrating Quantum-resilient technology into our decentralized enterprise framework ensures the security of our clients' sensitive data. This proactive approach protects client data from potential threats associated with Quantum computing.

The tool's implementation marks a significant step forward among our enterprise clients, showcasing our commitment to staying ahead in the rapidly evolving landscape of blockchain technology. The robust security measures implemented not only protect the integrity of financial transactions but also contribute to maintaining the trust and credibility of our clientele.

While the product has been instrumental in enhancing security, continuous improvement is essential. Feedback from users and ongoing technological advancements should guide the refinement of these security measures. Exploring ways to streamline the integration process and optimize performance ensures a seamless experience for developers and users.

Additionally, fostering an open dialogue with the security community and staying attuned to emerging threats aids in identifying areas for improvement. Regular updates and patches to address vulnerabilities improve the tool's longevity and effectiveness.

I rate the product's stability an eight out of ten. While it is generally stable, occasional downtime issues arise, particularly during increased network workload or high server demand.

I rate the tool's scalability a ten out of ten. My company has 1000 users. 

The technical support and customer service for enterprise clients have been very good. They guide the users to solutions with expertise and understanding of the issues.

Positive

My leadership executed the tool's initial deployment with precision and efficiency. Our dedicated team ensured a seamless integration process with clear documentation and comprehensive training modules, facilitating the onboarding of our developers. Collaborating with top-tier experts from Check Point Quantum SASE contributed to a smooth implementation, with any potential challenges being proactively addressed.

As a result, the transition to these advanced security measures was carried out to minimize disruptions to ongoing operations. The overall deployment took two to three hours to complete. 

The product's pricing model accommodates diverse needs and deployment sizes. The licensing options include perpetual licenses, requiring a one-time fee for permanent feature access but excluding future updates, and subscription licenses, which grant customers access to the latest features through ongoing subscriptions.

I rate the overall product an eight out of ten. Its implementation has been very effective, enhancing our organization's security and increasing client confidence. This improvement has led to a broader adoption of enterprise solutions, fostering extended partnerships and growing our user base. The increased market share and client adoption further highlight the substantial return on investment (ROI) derived from the strategic integration of Check Point Quantum SASE.

I work from home primarily, however, in a multi-unit complex. I often worry about internet security. From time to time, I also work from a coffee shop and that's when I really lean on Perimeter 81. 

It's definitely nice to know that no matter where I am I can use Perimeter 81 to make my connection more secure. Sometimes there is sensitive information or documents I work with and this extra layer of protection gives me a lot of peace of mind while I'm working (though I still tend to only work from home in those cases). 

It keeps us all accountable and ensures secure internet connections while we all work remotely. 

We have team members that live all over the country and some that chose to work abroad or in different locations periodically (since the pandemic). Having Perimeter 81 as a solution in those instances to keep our team secure has been really great. 

We eventually will have even more employees that are working remotely, and maybe even some international employees, so I'm sure we'll find it even more useful then. 

I would say the multiple networks are the most valuable aspects. I think it's cool that, depending on where I'm located, I can join a network with a specific gateway for my region. 

I don't exactly know what other features I could be using. Getting more of a tutorial or walkthrough would be awesome. I know our IT team doesn't have time for that kind of thing, however, so I would think it best to come from the solution's team. Even if it was just a quick video or animations that show you new features as you're getting acquainted with the product, that would be great. I wouldn't want a lot of emails, however, maybe a banner pop-up would work from time to time.

I don't know all the other ways I could be using the product, so I'd love to learn more about all of the features. Maybe a monthly spotlight of features or having a banner that explains more ways certain features could be used would be helpful. I wouldn't want anything too exhaustive or frequent - just something that could share some high-level features that may be helpful for at-home workers or even security tips. I'm not super-versed in that kind of thing, so I would find that valuable. I would love a little tutorial that's quick. 

I've been using it for about four months and I really love it. Not only is it easy to use but it adds some peace of mind. 

We use the solution for security.

The tool is easy to use and set up.

Harmony Connect has two components: one for accessing the internet and the other for accessing the corporate network. The Access intelligence lab is particularly useful because it eliminates the need to purchase a separate firewall for the branch office. Instead, you can connect the Check Point VPN, providing you with Check Point Harmony Connect firewall functionality for monitoring traffic.

The setup is easy, but it depends on the router configuration. The router configuration, in turn, will depend on the specific releases. The configuration could be improved.

I have been using Check Point Harmony Connect for two to three years.

The product is stable.

What are your impressions of the scalability of this solution?

The solution is scalable.

Since I trust the Check Point security, I trust Harmony Connect.

The initial setup is easy and may take a half hour to complete if you’ve experience.

I rate the initial setup a ten out of ten, where one is difficult and ten is easy.

The product has a reasonably high pricing.

Overall, I rate the solution an eight out of ten.

I'm using it for the VPN, I work from a home office and need to access data from different websites. I'm a front-end web developer for a famous brand, working remotely from another country, and the content I have to access must be from different countries. There are some internal tools we must use too, and we must access them with a VPN. Some of these tools are on mobile too, so we also have to install VPN solutions on mobile phones. I have to use a tool that we can access multiple VPNs and switch regions with ease.

We use some VPN solutions, and Perimeter 81 has the best user experience for desktop or mobile. The other solutions have more steps to set up, are more complicated and it was not a good experience. Unfortunately, I can't use Perimeter 81 for all VPN use cases, due to the company's policy, however, when I can, I always choose it. 

I have to use it on my phone too, and my smartphone was not compatible with the other VPN solutions (old Android version), but Perimeter 81 works on old mobile phones and is very light. 

The best points of Perimeter 81 are the:

- User experience
- Design
- Ease of use
- Support for mobile and desktop
- Very light mobile app

The other VPN tools have some old interface with a not great user experience. I use a Mac and the interface looks like an old Windows App. Perimeter 81 is very pretty. My phone is an old Android version (I cannot upgrade right now) and I could not use the other tools to access the VPN because their two-step authentication app could not run on my phone. Perimeter 81 app works on old phones and is very lightweight. The battery consumption is very low. 

I am very satisfied with the product right now. I don't know if it is technically feasible, however, if the Desktop App could be used as a Web App or a Chrome Extension it would be very nice. It would help a lot if I could click a link with the right-click and select from a range of options like: "Open a with VPN: Network main" and that tab would open with VPN activated only on that. And then I could refresh the tab with the VPN on or off. When I access a URL, the Extension could have an option like: "Reload current tab with VPN".

I've used the solution for two months.

I didn't have to deal with any bugs so far.

Our team is big, from people all around the world. Everybody is using a VPN. It scales well.

Until now, I have not needed to reach out for service support.

Neutral

Yes, I did use a different solution, however, I didn't make a full switch as some tools we use can only be accessed with specific VPN tools. That said, when I can choose, I prefer Perimeter 81 due to its ease of use.

It was very easy to set up.

Our IT team provided a step-by-step to setup the solution.

I don't deal with the billing.

I don't deal with billing, however, it would be nice to have a time trial.

IT selects the tools we use. I did not evaluate others.

I'd advise others to use it if you need to access VPN for both desktop and mobile.