Check Point Harmony SASE (formerly Perimeter 81) Reviews

This is a VPN solution that caters to remote working. I rely on this software heavily in order to connect to my company's internal network. Compared to my last job, which used a different VPN vendor, Perimeter 81 has caused no issues whatsoever. 

I'd easily recommend Perimeter to any businesses that are interested in purchasing the software. As an end-user, speaking from experience, I've found no issues whatsoever with this VPN. Changing between different networks is very easy and straightforward to do.

Perimeter 81 provides a very secure and non-disruptive experience. At my last job, we used a VPN vendor which would interrupt vital connections to the network. Whereas using Perimeter 81 in my new job has been a very stress-free experience without having to worry about disconnections. It's made my working relationship with my new employer easier without having to worry about dropped connections. What I would say is this has improved our organization via its simple and easy-to-use UI. Other users can easily troubleshoot and provide remedies to each other if issues do occur, which are very rare.

The easy but secure way of logging into the VPN makes mornings easier when logging in. It's a straightforward, 30-second sign-in process without any hassle required. I also found the lack of configuration required by end-users a much-appreciated touch. It's incredibly important that my connection is always stable and reliable. That is what I'd say is valuable about Perimeter 81. I rarely see any complaints on Perimeter 81 amongst other colleagues. This wasn't the case with the last vendor we used at my previous place of employment.

I am struggling to find improvements in particular that would benefit users. What would be useful would be a notification/warning that a session is due to timeout after exceeding the default connection limit. This can help me prepare for imminent disconnection due to my existing organizational connection limit. However, that being said, it could be a setting somewhere but I thought I'd add this as a point anyway. In terms of constructive feedback, I can't find any other improvements or suggestions from an end-user point of view.

I've used the solution for less than one year.

My production environment today is hybrid and I use several cloud solutions and more than one on-premise data center. The Harmony Connect solution helped by unifying in a single portal all the necessary accesses for the company's internal employees, such as RDP, SSH, bank access databases, and even internal portals, bringing security and organization to the entire environment and facilitating employee access with a single, centralized login to the entire environment. It does all this with an additional gain of the possibility of auditing some accesses to the environment.

As it is a new market solution, I still face some instabilities in access at certain times of the day when I have more than 150 users using it simultaneously. It would be interesting for the solution to have something that monitors and scales more resources by itself so that these instabilities do not occur. 

Another problem faced is that, regarding the audit, native RDP sessions, as well as the database, are not recorded and it is not possible to audit the use by the collaborators. 

These two points would be important for the evolution of the tool.

I've used the solution for just over two years.

As mentioned, some improvements are needed in regard to stability.

It is a solution that is meeting expectations well - even though there are some points to improve.

Technical support is a little slow most of the time.

Neutral

Previously I used a VPN solution. I changed it for ease of management and centralization of access.

The initial setup was simple.

The implementation was executed using a hybrid form.

ROI hasn't been calculated yet.

Values ​​are within market expectations.

I haven't considered other options.

We are using Harmony Connect (clientless and client) with Harmony Mobile, Harmony End Point, Harmony Office security.

Before we were using Fortinet Client with Token and we are now using Harmony Connect in Saudi Arabia. 

We use Check Point for application control, IPS, and web filter on-premises and wanted an in-kind solution for off-prem users. The primary requirement was for the Harmony policy to be able to be managed from the same SmartConsole instance as our on-premises gateways are managed.

The solution is secure, scalable, and easy to handle with good support

The Check Point portfolio showcases very strong products.

It very easily allows users to leverage their home office via safe access. If they had any type of issue with the machine, the disk is already encrypted.

The client's requirements were that the solution could:

• Be designed to prevent the most evasive cyberattacks
• Have Zero-Trust network access to enterprise applications
• Secure Internet access for remote users
• Protect branch office (SD-WAN) connections to the Internet and the cloud

Harmony Connect Client is very powerful tool.

I find it very easy to implement and deploy in the organization. One point to note is that it is a very user-centric solution.

The integration that this solution has with the different routers or perimeter equipment is exceptional. We were able to implement the solution on the same hardware as the SD-WAN equipment in each branch and central site.

Mainly, Zero Trust Network Access is one of the most important features of this Check Point Harmony Connect solution. It's of the Secure Access Service Edge (SASE) type since it gives us secure access to the organization as if we were physically in the organization.

The suspend feature needs more control.

Zero Trust Network Access can be a security breach if not used correctly. I have implemented it and it turns out that access to the organization's applications must be complemented with user awareness.

It is important to note that the Zero Trust Network Access feature is an important feature for the solution, however, at the same time, the organization's applications can be accessed if user access is available. A double authentication factor could solve this gap.

I've been using the solution for one year.

We were using Fortinet Client Token Solution. We switched as CP gives more control and visibility.

The tool is very handy at a good price.

We did not look at other options.

The development of mobile devices and wireless technologies in recent years has revolutionized the way people work and communicate. The growing use of these technologies makes mobile devices one of the main targets of cyber threats. 

The proliferation of mobile devices in recent years, together with the increase in their capabilities, features, and possibilities of use, makes it necessary to evaluate in-depth the security offered by this type of device. On top of that, the mechanisms for protecting the information they manage, within the Information and communications technology environments are key.

Harmony Mobile has enabled us to provide the necessary information for the evaluation and analysis of the risks, threats, and security vulnerabilities to which mobile devices are currently exposed, as well as the technology used to address these risks.

In addition, the document presents a list of general security recommendations aimed at protecting mobile devices, their communications and the information and data they manage and store.

We are using malicious application detection to identify known and unknown threats through threat emulation, advanced static code analysis, application reputation, and machine learning. The solution captures apps as they are downloaded to devices and runs them in a cloud-based virtual environment to analyze how safe they are.

The solution has many valuable aspects, including:

Anti-Phishing, which blocks phishing attacks in all applications (email, messaging, and social networks).

Safe Browsing, which blocks access to malicious sites in all browsers based on dynamic security intelligence provided by Check Point ThreatCloudTM, the world's largest threat database.

Conditional Access, which blocks infected devices from accessing corporate applications and data, regardless of UEM solutions.

Anti-Bot, which detects bot-infected devices and automatically blocks their communication with command and control (C&C) servers.

URL filtering, which prevents access to websites deemed inappropriate by an organization's corporate policies. It allows companies to blacklist and whitelist websites at a granular level of detail, and to enforce policies on mobile devices across all browser applications as well as non-browser-specific applications.

Wi-Fi network security, which detects malicious network behavior and man-in-the-middle attacks and automatically disables connections to malicious networks.

The product needs to work on the integration of alerts with different SIEM or security solutions. Harmony provides visibility of device security, yet, precisely due to the growth of attacks and threats on these technologies, it is important to integrate the information it generates with the rest of the intelligence handled by cybersecurity areas.

In the same vein, it would be important to have detailed information on the type of threats and new intelligence that the platform is providing, so that it is easy to alert users when it provides value.

I've used the solution for one year.

The solution offers excellent support service.

Positive

We did not use a different solution. Instead, we were just using an MDM solution but although we can make configurations oriented to protect the devices, it is far from being a complete solution like Harmony. 

The initial setup is easy.

We handled the implementation in-house.

I'd advise a potential new user to talk with their account manager.

We also evaluated McAfee and Cortex, but Harmony fixes better with my company requisites in order to run in background for end user.

We needed to connect the branches with the users, and, in turn, we needed to connect the users with the applications of the organization. However, we needed to secure this connection since the users were at home. The branches had Citrix SD-WAN and therefore we needed a solution that would integrate with the current solution that connected the branches to the central site.

The client's requirements were that the solution could:

• Be designed to prevent the most evasive cyberattacks
• Have Zero-Trust network access to enterprise applications
• Secure Internet access for remote users
• Protect branch office (SD-WAN) connections to the Internet and the cloud

I have worked with Check Point Harmony Connect, which is a Secure Access Service Edge (SASE) solution, which unifies multiple cloud-delivered network security products to prevent sophisticated cyberattacks and simplify policy management.

I find it very easy to implement and deploy in the organization. One point to note is that it is a very user-centric solution.

The integration that this solution has with the different routers or perimeter equipment is exceptional. We were able to implement the solution on the same hardware as the SD-WAN equipment in each branch and central site.

One point to keep in mind is that it is a user-centric solution. 

Additionally, the solution has an integration with Citrix SD-WAN that allows a remote implementation in each of the branches. 

Mainly, Zero Trust Network Access is one of the most important features of this Check Point Harmony Connect solution. It's of the Secure Access Service Edge (SASE) type since it gives us secure access to the organization as if we were physically in the organization. 

I find it very easy to implement and deploy in the organization.

A ZTNA architecture is designed to reduce cybersecurity risk by eliminating implicit trust within an organization's IT infrastructure.

Zero Trust Network Access can be a security breach if not used correctly. I have implemented it and it turns out that access to the organization's applications must be complemented with user awareness.

It is important to note that the Zero Trust Network Access feature is an important feature for the solution, however, at the same time, the organization's applications can be accessed if user access is available. A double authentication factor could solve this gap.

I've been using the solution for almost two years.

Check Point Harmony Connect is quite stable in the implementation I did together with Citrix SD-WAN.

Citrix SD-WAN appliances are SDN/NFV-ready platforms designed to host virtualized network functions (VNFs).

Hosting a Check Point virtual machine (VM) on Citrix SD-WAN branch appliances provides customers with granular control of their security and data.

Together, the integrated SD-WAN and advanced Threat Prevention platform provide secure and optimized WAN connectivity over Internet links and WAN connections. By dramatically simplifying deployments and reducing costs, Check Point and Citrix SD-WAN provide enterprises with an affordable and secure remote branch office security solution.

I find it very easy to implement and deploy in the organization.

I did not previously use a different solution.

This is a SaaS. For this reason, the cost, pricing, and licensing depend according to your necessity.

I also looked into Forcepoint SASE.

My company integrates the solution into other companies where we are required to do a project for them per the requirements. I had the opportunity to suggest Check Point Harmony Connect two years ago at the Bank of Brazil.

The most valuable features of the solution vary and depend on what our company does. For example, I may work with a big water distribution project where everything revolves around IoT. In general, I can say that everything depends on the type of project where I need to be working as an architect.

In our organization, we use two managed SaaS products or technology at a time when everything appears to be moving to the cloud, and we still work with tools like Check Point Harmony Connect that require a license since the problem related to the product lies in the licensing part, the aforementioned details should be considered to improve the product.

The complex initial setup phase of the product is an area that can be improved.

I have experience with Check Point Harmony Connect.

It is a very stable solution.

It is a scalable solution since the SaaS licensing part of the solution is by the number of users and not by the number of assets or people or everything you need to manage it.

My company provides customer support. We have an operations center with all the tools to provide the necessary support to our clients. I remember that the technical team from Check Point was very supportive when I was working with the Bank of Brazil. I rate the technical support a nine out of ten.

Positive

The initial setup of Check Point Harmony Connect was very complex and complicated since our company had to integrate 17 different applications into one console.

I rate the overall product a nine out of ten.

It provided us with the way to provide governance, control and monitoring of the visited sites, see vulnerabilities and find out how to deal with them in order to avoid cyber attacks. 

With this tool, we can guarantee that the equipment will not be an easy target for cybercriminals. It is really simple to implement.        

Checkpoint Harmony Connect helped us to guarantee the protection of equipment not covered by a Check Point Gateway. For example, when a vendor goes out and connects to the network from anywhere or is the target of cyber attacks (which can generate a loss of equipment functionality in addition to infiltrations or loss of company information that is confidential) which is why we decided to use this tool. It generated everything that was needed at the security level. It is an excellent tool.

The most valued features for us are:

The ease of implementation, of installation in the equipment, and the low performance of the equipment that the agent requires to provide security.

Its administration through a portal. Infinity Portal does not need to be implemented in an additional management server; rather, it is web-based and manageable from anywhere.

The application control and granular access feature are very easy to use, intuitive, and effective. It does not require equipment updates, policies are updated quickly.

They could improve on the available public documentation. The most modern applications or features of Check Point are difficult to find in their documentation for implementation. According to the manufacturer, sometimes it happens that the manual is applied, yet the desired implementation is not achieved.

Also, as seen in our support cases, it is somewhat slow to solve problems. There are other manufacturers that have better support. They can improve on that part and prevent customers from complaining about how they provide solutions.

We have used this tool for about two years.

It is an excellent security tool that provides additional features to our existing GWs. We can provide web security with it.

We had not really used other tools; when we had the need, we investigated, and we found Check Point Harmony Connect.

The cost is difficult to find, however, our seller can solve these issues. The cost is normal. It is per protected user.

We validated some security solutions, however, Check Point Harmony Connect was perfectly suited to what we needed.

It's a very modern tool and can be used to achieve security for old and new vulnerabilities.

For the past two months, we have been evaluating Harmony Connect because it has some limitations on routing and account control, so we are testing it for three customers to check this function. In some areas, Harmony Connect can replace older VPN products and also add some features, like DRP and security gateway.

The DLP (Data Loss Protection) is the most valuable feature. 

My customers want more remote functionality.  They need another routing option after they connect to the enterprise intranet. For example, let's say a user tries to connect to a remote branch office and headquarters through Harmony Connect. They need a local breakout after connecting to the headquarters, especially in China. They need to put local breakout in the Chinese internet. The current version cannot do something like this.

This solution is new to Taiwan, so I haven't been using it for very long. I started using Harmony Connect in Q3 2022.  

Harmony Connect has been stable so far, but this is still a test. 

There are some limitations on redundancy, and it takes about 30 minutes to switch. This is a significant limitation. Competitors like Palo Alto can do it in around five minutes. It's more appropriate for enterprises because they sell the product license in packages of 50 accounts at least.

I rate Check Point customer service nine out of 10. It is excellent, especially on the customer side. 

Positive

Check Point Taiwan provides me with a lot of flexibility in pricing. If I'm trying to secure a customer, they can give me a good discount on this product. The price is about 350 HKD annually. 

I rate Check Point Harmony Connect eight out of 10.