Check Point Harmony SASE (formerly Perimeter 81) Reviews

Our company installed the solution locally to test it and gain user experience. In the future, we plan to sell the solution to customers. 

The solution provides internet access, network access, and security. Both on-premises and cloud versions are available. 

Initially, we installed the on-premises version but are now testing the cloud version. 

The solution offers both client and clientless versions for good remote access. We don't like to give our credentials to BYOD devices, non-permanent cadres, or contractors so having two remote access options is a huge benefit. 

There is a granular level of control over users with regard to internet or network access. The virtual firewalls for remote connectivity are almost like having a firewall in-house. 

The solution is an agile product with very good technology. 

The solution requires you to buy a minimum of 50 licenses and that is not practical. 

I have been using the solution for five months. 

The solution is stable so I rate stability a ten out of ten. 

The solution is scalable so I rate scalability a ten out of ten. 

I have been selling Check Point firewalls for four years. Previously, I sold Fortinet.

I am happier with the solution because my customers are giving me very good feedback. 

The setup is easy so I rate it a ten out of ten. 

We implemented the solution in-house. We set up our Active Directory and our admin sent the docker through email. We clicked the docker, installed it, and received connection to the solution. 

It took about four months for rollout to all of our our engineers and salespeople.

I am not very happy about the pricing because the solution requires you to buy a minimum of 50 licenses. Annual licenses cost $30 to $40 each. 

The pricing is not practical in Sri Lanka because we have small customers who need only 10 to 20 licenses. There should be packages for 10, 20, and even 30 licenses. 

In Sri Lanka, there is a lot of competition with endpoint or process solutions. I think the solution is going to be a very good brand in the near future because we have been promoting it and most of our customers want to buy it. 

The solution provides a secure tunnel for controlling users while maintaining stability. Security is an important component because you need to prevent hacks and issues with data accessibility. Without a secure tunnel, someone might get into your networks, take credentials or databases, and destroy your data centers. 

The solution is fast and provides 100% security, especially for remote users. 

I rate the solution a ten out of ten. 

I needed the solution to attach it to the vendor's file in our accounting software. The customer service team provided such an efficient and fast service. We have an account manager, which is great as we get personalized attention. I asked for the W-9 form once, and it was provided to me. I was not able to download it and then forgot about it. I asked for it again, and without any hesitation, the team provided it again. They were not rude about it. I later realized and apologized for asking for it twice.

Our organization is more secure with Perimeter81's Virtual Private Network (VPN). We manage sensitive information of clients. In my department, we manage bank and credit card information. It is a lot of responsibility to have access to that kind of data. Now that our company has implemented Perimeter81's services with the VPN, personally, I feel more secure when navigating through these different platforms. It is a great investment for today's workplaces - especially when we handle critical information virtually.

The feature that I have found to be most valuable is the reputation that the company has regarding privacy. Nowadays, this is critical, especially when you do all of your work online. 

Similarly, I find that the work that Perimeter 81's customer service team does is very valuable. I have heard from our IT department that Perimeter 81's team is quite knowledgeable and efficient. These are important traits and they describe not only the company's service but the quality of its product as well. So far, our company is very happy with the product.

Overall the product is very efficient. However, personally, there is something that I dislike. I have found that the log-in/out process takes quite some time. I usually click on the app, and it asks me to login in through the web, and then after I log in it takes me back to the app. It seems to me that I should be able to log out without having to leave the app. I do like that it connects automatically/logs in as soon as I sign on. I am not sure why login in is easier than logout. 

The resolution took a couple of hours to be solved, around six hours.

The stability is good.

The scalability is good.

The experience with technical support was great. The team is professional, polite, and efficient.

Positive

This is the first time that we used a VPN in the company.

I'm not able to say what the setup is like.

I'm not able to say if we had any outside assistance.

I'm not able to say what the ROI would be.

I am not able to advise on the cost/pricing.

This decision was made by the IT department, however, naturally, they did evaluate other vendors

I am a remote developer and I use Perimeter81 as a VPN to access development and UAT servers for booking systems that service tier1 airlines. Those servers are mostly on the cloud, however, some are physical. We use AWS servers and physical servers in Dublin, Manchester, Amsterdam, Bejing, and Altlanta. We have individual team members spread out possibly 15-20 countries that need to be managed so it's important that we can be grouped and organized in a manner that allows us to authorize not just depending on our location but also our roles.

Our organization is made up of permanent and contract employees both onsite in our office worldwide and in remote individual locations across the globe. Perimeter81 allows us to develop software as a service (SaaS) collaboratively in a safe and efficient manner. We can authorize our web services not just by our team members' roles but also by our team members' locations based on the IP addresses on an individual level but also based on the group role for that member. The benefits are really built into the underlying protocol, however, Perimeter81 makes these available in a user-friendly way.

As a virtual private network, it enables us to communicate through development groups that segment our organization through the correct allocation of bandwidth and easily configured groups. 

Being able to add individuals to groups is the single most valuable feature, simple as it may seem. This combined with the underlying protocol makes for a powerful and easy-to-use feature for our organization. Adding and removing individuals is simple and easy to do which adds to the overall convenience and usability.

There is a very small amount of downtime. As a general user of the network, I'm not sure if this is down to maintenance time needed by our own network engineers who support our organization or indeed if it is up to Perimeter81 and its maintenance. What would be helpful is if this downtime was reduced. This may or may not involve some collaboration with Perimeter81 engineers and our own organization's engineers to ensure more up time, although I'm not complaining as this is very infrequent.

I've used the solution for over one year now.

The solution is highly scalable.

I don't directly deal with technical support.

Positive

Openpath was our old solution. We switched simply for better service and more uptime.

I did not handle the initial setup.

I did not handle the initial setup.

I don't know anything about the ROI - it's not my area.

Licensing is not my area.

I don't what other solutions were considered.

We are a company of around 30-50 people who have been working from home since the pandemic began. Our environment is completely cloud-based and all our computers are managed by our organization. 

We needed a solution that would help us protect users and the information that is handled in our company. This solution had to comply with characteristics such as the protection of network connections, prevention of threats such as malware and phishing, data protection, and, above all, it had to be easy to implement and manage. This is why we implemented Check Point Harmony Connect.

Check Point Harmony Connect helped us create a more secure environment in our organization, since our users can be safer when browsing and not being attacked by malicious actors who try to affect them with phishing or malware. On the other hand, administrators have more visibility of the sites to which users navigate and be able to control them, they can also access audit reports that allow them to make better decisions on security rules that must be applied. The protection of data in our company is the most important.

The characteristics that I have liked the most are the ease of implementation and administration. It is a cloud-based service it can be configured easily and very quickly and the administration center is very friendly for administrator users who do not know or have used the product. 

In addition, it is a cloud-based service that helps prevent cyber attacks by ensuring internet access for our users who work remotely, facilitating access control. 

Another valuable feature is that company information is kept protected by internet access control, applications to be managed, and URL filtering protection.

Sometimes downloading PDF files can be slow. It may take a while to scan the downloaded files. On some computers, the Check Point Harmony Connect agent can be a bit heavy to run in terms of CPU and Memory resources. 

Transparency to end-users could be improved. 

More compatible applications can be included. 

The support provided could be improved for when problems arise that require support from the Check Point team. Check Point is an expensive product so support should be more adequate. 

Some EDR features may still be under development and may need more time to be ready for use on a larger scale.

I've used the solution for one year.

Stability is 90% good. File scanning and web console stability could be improved.

The scalability is good.

Support is good, however, in some cases, they could improve the response time.

Neutral

I have not used any other option before.

The initial configuration was very easy to perform; the installation on the endpoints was very simple for the users.

The initial setup was handled by an internal team with supervision or support from the provider.

There have been savings related to the number of hours of implementation and administration.

I recommend that you evaluate using Check Point Harmony Connect, since, although its price may be a little more expensive, it is a solution that adds advanced security to the organization.

I only evaluated Microsoft and evaluated if Fortinet had any product that met the requirements.

We use the EDR solution for servers and endpoints for a lot of customers. The use case is for offering protection at the OS level. 

We wanted a better solution than legacy antivirus to secure each OS in the organization. Harmony Endpoint gives us a complete security package with a lot of security features that regularly require a lot of separate security products and a lot of overhead management. 

The environments include on-premise servers - mostly Windows - as well as laptops and desktops with Windows and Mac OS. We also have some cloud services in Azure and AWS.

It's improved the security of every single OS in the organization as well as the visibility and security capabilities. With Harmony Endpoint, we give each computer advanced anti-malware protection and internet browsing protection (like proxy protection), and advanced phishing protection inside websites. 

It takes care of the concern about ransomware. Today, it's more important to secure each endpoint in the organization at the OS level rather than the organization network level as users are connecting from everywhere. This is why Harmony is so important to us.

The solution offers very good features including anti-malware, URL filtering, and anti-ransomware. The product offers a complete solution in one package and it's on every single OS. 

The most valuable part of this product is the complete security package in one single endpoint that includes the legacy anti-virus protection, advanced anti-malware protection, browsing protection, and even firewall capabilities at the OS level. 

In a lot of cases, when we want to give all these security features to every endpoint, we need to implement a lot of separate security products.

More report and alert options would be useful. The reports are not good enough and alerts are not usable. 

We need more user-friendly alerts and more options for the alerts. The reports are not capable of giving important information from some parts of the system - like inventory details, etc. 

Also, the logs in the product are not very usable. If you have any blocking of a legitimate app or some problem you will have a hard time finding a log about it and most of the time you will not find any information. 

The product doesn't have an automatic shutdown switch. You must uninstall it in order to shut it down.

I've used the solution for about one year.

It's very stable. However, they need to resolve some bugs and feature requests.

It's a cloud solution. We are using the cloud-managed solution which makes it very scalable.

The solution offers the best customer service and support in the market.

Positive

I used Symantec and we wanted to move forward to an EDR solution that gives a more complete security solution for today's needs.

The initial setup is very straightforward.

We implemented it in-house. We learned how to do it by ourselves.

There are only two types of licenses. If you don't need sandbox features, you can take the basic license and it includes everything.

We tried Sentinal ONE, CrowdStrike, Microsoft, Trend Micro, and McAfee.

It's the perfect solution for endpoint protection and has a lot of features included.

We are using Check Point Endpoint Security as an application for all corporate users. 

The main features are antivirus (antimalware, antiphishing), disk preboot encryption, and VPN connection. We also use SSL VPN (a VPN connection using a browser) for our external partners. 

We have about 250 active machines (both desktops and laptops), running Windows 10 Pro 64bit, an i5 or i7 processor with 8GB RAM or more, and SSD drives (all Dell hardware). The Check Point client we use is version E86.10.0036. 

We also have Check Point firewalls.

The disk encryption made our computers more secure for data leaks in the case of a stolen machine. 

The Check Point VPN connection is way more stable than our previous software. Previously, when connecting/disconnecting from a VPN while we were on a call, the network would temporarily drop and then reconnect again. Using Check Point's VPN, this does not happen anymore. 

Also, using the preboot VPN option, we can reset a user who is working remotely that has forgotten their Windows login credentials. 

Anti-malware scans are also very helpful.

The preboot VPN connection, in the case where users are locked remotely. is very useful 

The disk encryption feature is important. The Check Point VPN connection process is quite simple when using the Microsoft MFA method. 

Previously, when connecting/disconnecting from a VPN while we were on a call, the network would temporarily drop and then reconnect again. Using Check Point VPN, this does not happen anymore. 

Also, using the preboot VPN option, we can reset a user who is working remotely that has forgotten their Windows login credentials. 

The anti-malware scan is very helpful. 

The SSL VPN is great where we can use a browser for external partners.

There is an issue when installing the Check Point client. If the machine has RAID on mode for storage rather than AHCI, the disk encryption never begins and stays in the "setup protection" warning message. Changing mode from RAID to AHCI means a Windows format is required, which takes more time. On top of that, in the preboot screen, sometimes caps lock is on, and yet when someone types it's not in capitals. When that happens, many users get locked. 

In addition to this, number lock should be automatically on as users think it is, and when they type they get locked again.

The solution is quite stable. There are minor bugs.

The solution is pretty flexible.

We did use a different solution. It was not our decision to switch (as it's managed by a group IT).

I was not included in initial setup. The client setup on machines is easy.

We do not have any ROI details. 

Data is not available in terms of pricing. 

Evaluations were not included in the process.

We use the solution as an endpoint protection platform, which supports the next-generation antivirus. It offers endpoint detection and response and will help on addressing a single agent that will support multiple features. 

This helps IT Security operations front to minimize the security threats. Also, we can map the MITRE ATT&CK framework in a single dashboard which provides complete endpoint device visibility.

The solution offers runtime protection against ransomware, malware, and file-less attacks, with instant and full remediation features that give good insights into the organization's threat landscape.

The unified agent helps in addressing the system usage. Instead of installing different agents and real-time protection, the platform provides greater visibility to the operation team to see incidents in real-time, instead of creating a lot of false positives. The vaulted space features give more controls on signed processes. In case the malware attempts to perform a shadow copy deletion, the machine will not lose any data. We can also take a backup of the file.

Phishing protection gives good insights about credential theft and zero phishing.

Overall, the unified agent covers endpoints as well as prevents web browser attacks.

Phishing sites are blocked in real-time and protect against previously unknown phishing sites and corporate credential re-use. This will prevent the business end-user from being compromised by attacks.

Zero-day sandboxing is an additional feature that can provide greater visibility on the sandboxing end and gives more control on the threat front. We can sanitize the files if we want, using a threat extraction process with infected files that can be cleaned in the process and provides a safe environment.

The remote browser isolation is not part of the unified agent, as of now. It could protect more on threat intel sources and could give a broader view of threat hunting. 

Soon, the unified agent should take more CPU processing in the systems-deployed Check Point agent. 

Providing USB control in a Linux environment will give more control over data security. Few other OEMs provide Linux USB control. If Check Point could adopt the technology in near future, it would give more of a value add to existing customers. 

I've used the solution for more than six months. We are using the Check Point Harmony end point solution.

We switched in order to avoid multiple agents.

Pricing is purely based on their industry and company decisions.

We did look at the Sentinel product.

We are using the product to secure roaming users who work outside the office as well for protecting a variety of company locations. 

It is great that Check Point continues to be a visionary in the network security market and delivers such anticipated products which allow users to cope with ongoing security challenges and trends.

It is used to protect offices and retail stores and it is a step forward from the traditional connectivity architecture which lacks flexibility and prevents business to advance at the desired pace.

It is great from an operational point of view. There is no need to procure and install HW; a new location could be secured almost instantly.

There is no need to talk about security. It comes from a team of talented developers and has a historic record. The Check Point portfolio showcases very strong products. 

The support from Check Point's side is great as it always and allows you to understand the product, produce and secure design as well as deploy and test it. Furthermore, the product owners are actively looking for feedback. This allows you to express your opinion and shape the product to improve it according to your needs.

The product is great as it allows users to deliver the most security value at the fastest speed. It reduces an operational load in terms of provision, installation, management, patching, and hardware replacement by increasing uptime and reducing the time to deliver to market. It also provides cloud-native availability and allows you not to bother with the sizing and location capacity as long as you stick with Harmony Connect. The price is reasonable.

Last but not least, there is an option to manage Harmony Connect from the centralized management station which allows users to apply existing policies while having a single pane of glass for network security.

An improvement could be made in terms of achieving better coverage in such complicated regions as the Asia Pacific, China, and Russia. Some PoP locations might create complicated traffic flows and impact the latency and load on network infrastructure even further.

Advanced details of log information are missing. However, the Check Point team is definitely open to constructive advice and is happy to make any requested changes.

There are still some limitations that exist while using centralized management with Harmony Connect.

I've used the solution for six months.