Check Point Harmony SASE (formerly Perimeter 81) Reviews

We use the solution for security.

The tool is easy to use and set up.

Harmony Connect has two components: one for accessing the internet and the other for accessing the corporate network. The Access intelligence lab is particularly useful because it eliminates the need to purchase a separate firewall for the branch office. Instead, you can connect the Check Point VPN, providing you with Check Point Harmony Connect firewall functionality for monitoring traffic.

The setup is easy, but it depends on the router configuration. The router configuration, in turn, will depend on the specific releases. The configuration could be improved.

I have been using Check Point Harmony Connect for two to three years.

The product is stable.

What are your impressions of the scalability of this solution?

The solution is scalable.

Since I trust the Check Point security, I trust Harmony Connect.

The initial setup is easy and may take a half hour to complete if you’ve experience.

I rate the initial setup a ten out of ten, where one is difficult and ten is easy.

The product has a reasonably high pricing.

Overall, I rate the solution an eight out of ten.

It was installed on the machines of the organization due to the need to filter all the incoming and outgoing content and to protect the teams - mainly our units that use laptops and have to be constantly moving. 

In the last two years with the appearance of Covid-19, this solution gave us that protection outside the organization that had been neglected for strengthening internal security. 

Another great advantage is the possibility of being able to protect our mobile devices by integrating the solution into all mobile devices.

The solution has given us an additional layer of protection in our equipment and applications, mainly now that the equipment is portable and in many cases, we must connect to various public Wi-Fi networks.

Its Granular Access Control over and within each resource, based on dynamic and contextual evaluation of user attributes and device states is great. 

A broad set of rules can be applied across all users, servers, and enterprise data stores, including user commands and database queries - giving users well-managed access.

Review of exported and imported packages and protection and content filtering have been useful. 

Advanced behavior analysis and machine learning algorithms shut down malware before it does damage. 

The solution offers high catch rates and low false positives to ensure safety,
efficacy, and effective prevention.

The automated forensic data analysis delivers insights into threats. 

Complete attack containment and remediation can quickly restore any infected system. 

It blocks malware coming from web browsing or email attachments before it reaches the endpoints. 

It is important to locally validate the consumption exerted on the equipment. At times, when I lose connection, I feel that the equipment is slowing me down. They could improve this detail or indicate that the application, while it is being restored, can generate latency in the communication processes. That said, it is definitely a very good solution for the protection layer in teams inside and outside the organization. 

In mobile devices, there is also sometimes a bit of tear when it is via LTE, however, that must be due to connectivity.

I have been using the solution for two years and it really works.

It is very stable and normally any problems generated are from loss of internet.

Scaling is easy and fast, thanks to the fact that it is licensed.

We did not use a different solution previously.

It is a quick solution to install, however, its cost is really medium and not low.

We did not evaluate other options.

It is perfect for keeping all my devices protected.

We use the EDR solution for servers and endpoints for a lot of customers. The use case is for offering protection at the OS level. 

We wanted a better solution than legacy antivirus to secure each OS in the organization. Harmony Endpoint gives us a complete security package with a lot of security features that regularly require a lot of separate security products and a lot of overhead management. 

The environments include on-premise servers - mostly Windows - as well as laptops and desktops with Windows and Mac OS. We also have some cloud services in Azure and AWS.

It's improved the security of every single OS in the organization as well as the visibility and security capabilities. With Harmony Endpoint, we give each computer advanced anti-malware protection and internet browsing protection (like proxy protection), and advanced phishing protection inside websites. 

It takes care of the concern about ransomware. Today, it's more important to secure each endpoint in the organization at the OS level rather than the organization network level as users are connecting from everywhere. This is why Harmony is so important to us.

The solution offers very good features including anti-malware, URL filtering, and anti-ransomware. The product offers a complete solution in one package and it's on every single OS. 

The most valuable part of this product is the complete security package in one single endpoint that includes the legacy anti-virus protection, advanced anti-malware protection, browsing protection, and even firewall capabilities at the OS level. 

In a lot of cases, when we want to give all these security features to every endpoint, we need to implement a lot of separate security products.

More report and alert options would be useful. The reports are not good enough and alerts are not usable. 

We need more user-friendly alerts and more options for the alerts. The reports are not capable of giving important information from some parts of the system - like inventory details, etc. 

Also, the logs in the product are not very usable. If you have any blocking of a legitimate app or some problem you will have a hard time finding a log about it and most of the time you will not find any information. 

The product doesn't have an automatic shutdown switch. You must uninstall it in order to shut it down.

I've used the solution for about one year.

It's very stable. However, they need to resolve some bugs and feature requests.

It's a cloud solution. We are using the cloud-managed solution which makes it very scalable.

The solution offers the best customer service and support in the market.

Positive

I used Symantec and we wanted to move forward to an EDR solution that gives a more complete security solution for today's needs.

The initial setup is very straightforward.

We implemented it in-house. We learned how to do it by ourselves.

There are only two types of licenses. If you don't need sandbox features, you can take the basic license and it includes everything.

We tried Sentinal ONE, CrowdStrike, Microsoft, Trend Micro, and McAfee.

It's the perfect solution for endpoint protection and has a lot of features included.

The solution is predominantly used for Internet access when mobile. In the office, we have already deployed a Quantum Spark appliance, and this was focused on mobile users. 

We don't have on-premise applications or servers, so there is no use case for Remote access. However, we were keen to try it out from an evaluation perspective by bridging to the existing Check Point gateway at the site. 

Simplicity was needed, and importantly, we wanted something to not be too intrusive to mobile users. The interface has a few simple options, and it makes it easier.

We believe in defense in depth, and Harmony connect SASE adds another layer of protection for internet access. 

We have already deployed the entire Harmony suite, from Email & Collab protection to Harmony Endpoint. This adds a layer on top. Being a mobile user, securing Internet access was very important, and the product's pricing was simple enough and unlike other multiple add-ons on top of the base products from other vendors.

The reports give a simple overview of the traffic pattern within the organization. Though we don't use it to track user productivity, we can if necessary. There are reports specific to SaaS applications as well, which do come in handy.

The simplicity is good. It's good for consolidating security and being manageable from the Infinity portal with other Harmony solutions and makes management easy. We can use this instead of managing multiple-point solutions. It has a unified policy for private and internet access, making it easier to manage policies. 

The weekly reports have been informative as well. We are also keen on trying clientless access to provide restricted access to applications for third-party users.

Deployment was a breeze. We just key in the target users' email, and the rest is easy.

Branding could be better. Not many Check Point users realize there is a SASE offering at all. Policies could have layers as they do with their Firewalls, though I understand that's more of a functionality within the Smart dashboard. The threat prevention profiles like IPS, file, and URL protections could have more fine-tuning options.

Though all the policies are managed from the Infinity portal, we still have to manually configure different solutions. It would be nice to know how the new XDR option will bridge this gap.

Also, for Multi-factor authentication, there was an option for G-auth. However, I'm not sure about other forms of authentication they offer in their gateways. Bringing the backend closer to the gateway management would make it more granular.

I've been using Harmony Connect for more than three months now. 

We haven't had any glitches or issues with it at all. It's very transparent to the user.

It's very scalable and easy to deploy. It's scalable with users and it's scalable with the existing CP gateway deployments as well. There isn't much information on how it integrates with other end-point solutions. We had a full Check Point environment and it was clean.

We haven't run into any issues so far. We did need some assistance during the initial policy configuration, and the Check Point solutions team was there to assist.

Positive

We did not use any other SASE offering before. 

It's a simple setup; we just key in the end user's email address and it sends an invite to download the client. 

We implemented it in-house with the assistance of Check Point's solutions team.

The ROI is better than using a traditional VPN to connect back to the office gateway. We needed something that was light and transparent without the hassle of having to connect manually. We aren't planning to remove the gateway yet, however, in the long run, we will consider it, and that should negate the gateway costs.

Setup is a breeze. You key in the target user's email, and the rest is a click away. Pricing is competitive compared to the top players in the SASE market. 

Also, there is no concept of add-ons which makes it easier. 

Licensing with a minimum of 50 users could be a show-stopper for smaller organizations. However, a small company has probably got to do it with the infra in the backend to make it worthwhile.

Since we were keen on consolidating, we did not focus on multiple options.

The product seems to be transparent to the users. It lacks application segmentation options which some competitors offer.

We use Harmony SASE to manage remote users across multiple countries, including India, Poland, and the US. The customer required a setup to control access for different groups and users, protecting them from threats and securing their systems.

Harmony SASE helps us to manage compliance by regulating the amount of access to each department and user. We control the relevant apps and websites, which can be accessed from company-owned devices. Harmony SASE uses its own threat intelligence data from the cloud for threat prevention, and detect and manage threats with their own threat intelligence data and SASE firewall features.

The Point locations need to improve the latency and speed. 

I have been using Harmony SASE for six months.

I would rate the stability as a seven out of ten. 

Harmony SASE is a scalable solution and I would rate it an eight out of ten.

The support from Harmony SASE is really good.

Positive

I've worked with Fortinet. In comparison to Harmony SASE with Fortinet, Fortinet is easier to manage because all FortiGate devices use the same FortiOS, making management straightforward.

The installation and deployment of Harmony SASE are easy. It usually takes fifteen to twenty minutes to install and configure on a single device

For deployment and maintenance, a single engineer is sufficient for MDM solutions. However, in multiple tasks, two or more people are required to sort out the glitches in the solution.

The remote users, who have been using Harmony SASE has shown cost savings. With SASE, we don't have to manage VPNs, which leads to long-term cost benefits. We don't need dedicated leased lines or bandwidth in the office, making it a good approach.

There are no such AI features as of now on Harmony SASE. I would recommend it and would rate it eight out of ten.

We use the solution since it is required by our client in Singapore. They needed to use a VPN solution, like Perimeter 81, because they wanted to connect it from an overseas place where their workers travel.

The best feature of Perimeter 81 is that it provides a secure feature while connecting, such as the IPsec tunneling or Perimeter 81's connector called Wireguard Connector.

The solution's speed of upload and download is an area where it lacks. If Perimeter 81 enhances the speed of upload and download, then it could be an improvement.

I have been using Perimeter 81 with Azure Active Directory. I started using it when my company got our license from Perimeter 81 in December last year. So, have six months of experience with the solution. My company has a partnership with the solution.

In my company, along with my coworker, two engineers use the solution for testing.

I rate the support team a ten out of ten.

Positive

The setup is really easy. The setup is very user-friendly.

The solution is priced appropriately considering its uses. For an essential license, a user pays only 30 USD per month. For an enterprise version, the prices can be negotiated with the company.

We use Perimeter 81 integrated with Azure Active Directory single sign-on (SSO). Not only in Azure but also Okta, an identity provider, we can guarantee the convenience of login, and also, it secures the connection.

I rate the overall solution an eight and a half out of ten.

This is a VPN solution that caters to remote working. I rely on this software heavily in order to connect to my company's internal network. Compared to my last job, which used a different VPN vendor, Perimeter 81 has caused no issues whatsoever. 

I'd easily recommend Perimeter to any businesses that are interested in purchasing the software. As an end-user, speaking from experience, I've found no issues whatsoever with this VPN. Changing between different networks is very easy and straightforward to do.

Perimeter 81 provides a very secure and non-disruptive experience. At my last job, we used a VPN vendor which would interrupt vital connections to the network. Whereas using Perimeter 81 in my new job has been a very stress-free experience without having to worry about disconnections. It's made my working relationship with my new employer easier without having to worry about dropped connections. What I would say is this has improved our organization via its simple and easy-to-use UI. Other users can easily troubleshoot and provide remedies to each other if issues do occur, which are very rare.

The easy but secure way of logging into the VPN makes mornings easier when logging in. It's a straightforward, 30-second sign-in process without any hassle required. I also found the lack of configuration required by end-users a much-appreciated touch. It's incredibly important that my connection is always stable and reliable. That is what I'd say is valuable about Perimeter 81. I rarely see any complaints on Perimeter 81 amongst other colleagues. This wasn't the case with the last vendor we used at my previous place of employment.

I am struggling to find improvements in particular that would benefit users. What would be useful would be a notification/warning that a session is due to timeout after exceeding the default connection limit. This can help me prepare for imminent disconnection due to my existing organizational connection limit. However, that being said, it could be a setting somewhere but I thought I'd add this as a point anyway. In terms of constructive feedback, I can't find any other improvements or suggestions from an end-user point of view.

I've used the solution for less than one year.

We are using the product to secure roaming users who work outside the office as well for protecting a variety of company locations. 

It is great that Check Point continues to be a visionary in the network security market and delivers such anticipated products which allow users to cope with ongoing security challenges and trends.

It is used to protect offices and retail stores and it is a step forward from the traditional connectivity architecture which lacks flexibility and prevents business to advance at the desired pace.

It is great from an operational point of view. There is no need to procure and install HW; a new location could be secured almost instantly.

There is no need to talk about security. It comes from a team of talented developers and has a historic record. The Check Point portfolio showcases very strong products. 

The support from Check Point's side is great as it always and allows you to understand the product, produce and secure design as well as deploy and test it. Furthermore, the product owners are actively looking for feedback. This allows you to express your opinion and shape the product to improve it according to your needs.

The product is great as it allows users to deliver the most security value at the fastest speed. It reduces an operational load in terms of provision, installation, management, patching, and hardware replacement by increasing uptime and reducing the time to deliver to market. It also provides cloud-native availability and allows you not to bother with the sizing and location capacity as long as you stick with Harmony Connect. The price is reasonable.

Last but not least, there is an option to manage Harmony Connect from the centralized management station which allows users to apply existing policies while having a single pane of glass for network security.

An improvement could be made in terms of achieving better coverage in such complicated regions as the Asia Pacific, China, and Russia. Some PoP locations might create complicated traffic flows and impact the latency and load on network infrastructure even further.

Advanced details of log information are missing. However, the Check Point team is definitely open to constructive advice and is happy to make any requested changes.

There are still some limitations that exist while using centralized management with Harmony Connect.

I've used the solution for six months.