The pricing could be improved, because when I first bought it, it was cheaper than it is now. And the first time, I had more features than the trial license. It’s more costly now, but I have fewer features.
The ability to customize based on existing organizational goals, milestones, and current or future state designs is important. Customizable policies regarding how to handle specific email files, their contents, and appropriate remediation steps are critical in product selection. In larger organizations, the sheer volume of emails can be daunting when evaluating solutions. Ensuring the integrity of communications and proper collaboration is crucial to establishing the CIA triad. This solution has reduced insecurities and made scaling this product rather seamless. Initial Learning Mode takes a while. I would like to have protection go live immediately and then have learning mode kick in after the initial scan Email Search can be clunky at times. It would be nice if there was a way to auto-fill recipients or sender fields with known users' payment options.
System Analyst at a university with 201-500 employees
Real User
Top 20
2024-06-27T11:07:47Z
Jun 27, 2024
Some emails, specifically false positive emails, are, at times, detected by Microsoft under the phishing category. Check Point also detects phishing emails. Check Point Harmony Email & Collaboration is a tool that does not pass emails through the user's inbox, even if it feels like an email is not spam or involves phishing. Suppose a tool like Microsoft Defender detects any phishing activity. In such scenarios, emails are quarantined by Microsoft, and then Check Point Harmony Email & Collaboration cannot pass such emails to the user. I feel it is an area that can be improved. There are good options with Check Point Harmony Email & Collaboration, as one can still quarantine suspicious emails, and the users can see those in just a few clicks. The false positives are an area where the tool can introduce certain improvements they can improve by releasing emails to a user's inbox if it feels that there are certain areas consisting of false positives. In the future, it would be great if it is possible to use the tool with Microsoft to help in the area revolving around false positives. Check Point should be able to release emails to the inbox even if there are some phishing emails. If Check Point finds something to be described as a clean email, it should have the option to automatically release it to the user. At the moment, we don't have that option. They have an option for spam emails but not for the emails associated with phishing.
* Phishing incidents and functionality bugs are misrepresented and can lead to inconsistent email encryption, affecting user experience and potentially compromising security. * This product should prioritize a zero-trust approach. * There are unexplained settings in the security console that lack proper documentation or explanation from the vendor, leaving users without support. * For instance, the back-end query language used to process user-based phishing reports is not documented. * Additionally, certain features, such as the inability to whitelist DLP events by user, are lacking and their inclusion would reduce unnecessary alerts.
Learn what your peers think about Check Point Harmony Email & Collaboration. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
AVP IT & Communication at Proactive Construction Pvt. Ltd at Techtronics Global Innovations Pvt Ltd
Real User
Top 20
2024-05-16T07:13:50Z
May 16, 2024
In India, pricing is a concern, especially for SMEs. Check Point needs to address the pricing segment for SMEs. Apart from that, the technology and other aspects like sales and marketing are satisfactory. Most OEMs provide similar capabilities. If any OEM introduces new features, Check Point must match those capabilities. It could improve by offering an on-premise solution for customers still using Microsoft Exchange, which currently provides only cloud-based services.
Check Point could improve its marketing strategy. They need to better reach customers and partners, providing more demonstrations and proof-of-concepts (POCs) to raise awareness and drive business growth.
Senior Information Technology Administrator at Aighospital
Real User
Top 5
2024-02-27T08:34:54Z
Feb 27, 2024
At the time of the purchase of the product for the users in my company, I am unable to see or get details of the users for whom the product has been purchased. I need to go to Check Point's admin portal if I want to see the license list and the details of the users of the tool, making it an area of concern where some ease of process should be provided from an improvement perspective.
The product is a very effective tool. It provides a lot of security to ensure the confidentiality of the information. Although it has good characteristics, it should improve the graphical interface and the latency that it sometimes presents. They should also improve the quality of technical support since, in the last few years, they have lowered the quality of SLA response and do not provide concise solutions. They should also generate a knowledge base where the unified information or the most common errors are found so as not to depend so much on support.
Senior IT Security Manager at a tech services company with 51-200 employees
User
Top 20
2023-11-16T14:19:00Z
Nov 16, 2023
There are a few features that are more geared towards Microsoft users rather than Google, for example, user-reported phishing. It's not fully integrated with Google Workspace, and the statistics don't update in real-time. We appreciate that Microsoft has the larger market share, and Check Point has been improving its Google integration. However, more advancements would be appreciated. That being said, the "What Google wouldn't have caught" report was extremely valuable to us in showing value.
There are a few areas for improvement. One is the occasional sluggishness or latency, which is likely due to the cloud-based nature of the solution. So, the performance can be better. Additionally, while Harmony Email can detect phishing emails that Google has missed, it would be even better if it could automatically quarantine or delete these emails. Since we use multiple Google Workspace accounts across three separate domains, it would be incredibly helpful if Check Point Harmony Email could provide a single dashboard that consolidates all of this information. Additionally, Harmony Email should support other email providers beyond Microsoft and Google, as I also use Joho with over a thousand email IDs. Having a unified dashboard and expanding support to other email providers would significantly enhance the product's usability for many users. Currently, I have to rely on a separate gateway solution, like Cisco, to protect my Joho emails. It would be much more convenient if Harmony Email could handle all of my email protection needs.
Senior Information Security Engineer at Glidewell Laboratories
User
Top 10
2023-10-11T20:11:00Z
Oct 11, 2023
It would be good to have the option to export the respective record data from dashboards or logs to .csv or other files. That will help in creating more filters and analyzing the data. Providing more Training videos and documentation will be helpful for beginners to understand how checkpoint works.
They should consider a module that allows the customizing of reports so we can generate executive information for the client (to explain in simple language the general security situation in the SaaS environment). Reports should be presented in such a way that they are readable by non-technical work groups who are involved in information protection and who may misread the information on the dashboard and make incorrect decisions.
The integration with Gsuite could be improved, especially when reporting the amount of emails it manages to filter. It could be improved to obtain a greater level of detail, unlike Office 365, which offers an extreme level of detail and facilitates the management and comparison of what is happening with respect to the mail. Its integration with Gsuite is simpler and has that point against it, however high levels of detail can be obtained in the reports of the solution. On the other hand, the ease of administration and threat detection capabilities are its strong points, and it stands out from other solutions that I have had the opportunity to test before.
The left-hand feature can be made more granular for the implementation of the policy. Our clients want two solutions integrated into one, so this feature would help.
They must provide security to Rediffmail and other email service providers. At present, it is limited to only two email services. They should also offer additional protection to Zoom, Cisco Webex, BlueJeans, and StarLeaf.
The price has room for improvement. Perhaps, if Check Point offered an SMB bucket for up to 100 users or a similar option. This could be beneficial as it would likely result in a more cost-effective solution. I would like Check Point to extend its coverage to include more cloud applications. Currently, 95 percent of our customers are using Office 365 or Google Mail. It would be beneficial if the solution covered a broader range of applications.
With the kind of features we are looking for, be it with Barracuda or Check Point, we are looking at how we can showcase them to the customer and claim that this one is the best solution for your infrastructure and use cases. I would like Check Point's technical support to be improved.
It would be nice to see them expand their collaboration capabilities to include other suites and integrate with lesser-known products. For example, there are other collaboration tools besides Box and Slack that they could explore.
Maybe they could integrate the solution with Avanan. Doing that would really make it a very robust solution. They could improve Check Point support response times. Sometimes it takes days to resolve or even days to get a first response. The solution lacks public documentation and some documentation is not so clear, which means that the client does not understand the implementation that must be carried out. You can only see the costs through a Check Point partner.
I am happy with the powerful performance of the set features. We have achieved the most set goals, and we are grateful for this robust solution. There are sometimes leakages of viruses when the system is experiencing network failures. The information may land in unsafe hands and lead to unpredictable attacks. Timely updates and system maintenance are encouraged to enhance continuous business operations. Efficient categorization of viruses will help filter out advanced phishing attacks before they affect the conversation infrastructure.
The system has programmed categories of threats that are detected automatically. This can lead to virus leakage and spread malicious data across the enterprise. The cost of deployment and integration with other applications is high. Some files are not scanned thoroughly due to occasional network failures. We have experienced the best services from the performance of this platform despite a few operational challenges that rarely occur. Monitoring the system operation for new teams is not easy due to complicated configuration techniques.
The set collaboration and email security features have been stable since we deployed this software. Check Point Harmony Email & Collaboration cost is high, and the deployment process may take longer in a new environment. It blocks secure communication if the settings are not well set and defined for a given time frame. The most set objectives have been achieved with this leading anti-phishing platform that helps to keep the entire organization safe. It has prevented account takeover and created the best infrastructure for sharing files and data. After updates, the internet connection fails, and I have to restart my desktop to resume initial functionalities. It is not easy to establish the number of computers that have access to this network.
Project Consultant at a consultancy with 10,001+ employees
User
Top 10
2022-11-22T04:36:00Z
Nov 22, 2022
They could continue to offer more stringent security policy measures for threat point management. Their zero-day threat protection can be further strengthened to have better compliance control, as 1% data loss and data breaches are still possible through existing systems. Even this 1% carries the potential to harm the system for a long time. We should have more and more pilots of security systems across different business environments to have 100% security checks and compliance.
The solution really has many outstanding features. It is quite easy to install and configure and is very complete. We could analyze services such as SharePoint and have more seamless integration. They could help us be integrating features with solutions from third parties. That would be very helpful. Right now, we do not have complete analysis when it comes to analyzing and detecting all the data that is saved. Having a product that could sweep repositories would be great.
Something worth mentioning is the need for Spanish language support and better representation for teams in the Latin American area. There is a growing demand for these IT services and new technologies. Its guides are not great. It would be more pleasing if these guides could be updated and improved in their design. The support that most requires attention is the phone calls or the cases through the support page. Several times, through the chat function, we found that it gets stuck and does not bring up the live chat.
Check Point Harmony Email & Collaboration presents a problem similar to the other Check Point tools that it was able to manage, and that is the access to its administrative functions. Since the portal to the management and administration entry sometimes has performance problems and takes a long time to respond to what has arrived, the handling of the tool is difficult. It presents problems in the management of technical support since the SLA is not optimal, causing delays. This means that security problems may arise since it does not provide a quick response or a concrete solution.
Cloud Support at a tech company with 51-200 employees
User
2022-06-20T05:35:00Z
Jun 20, 2022
Since this solution is administered through Check Point Infinity Portal, this would be the entry key for management. Sometimes the portal has performance problems, and sometimes it takes time to respond, which causes difficulty in managing the tool. It would also be very good if they improved the support management since sometimes they take a long time to respond, or offer help only during office hours, which is not the most convenient. Sometimes you choose to investigate by your own means or using the Check Point documentation.
It is one of the best solutions for cloud-based email security. Almost all features are available, which is required by most organizations. Still, some other features could be added to create more advantages, such as integration with on-premises exchange integration with other SaaS clouds. Integration with other threat clouds and AI engines would be helpful. A phishing simulator would be helpful as a user training module. Publishing future roadmaps would help us understand what to expect. The product should offer integration with other SIEM tools. Improvement is a key element of any product and Check Point is doing improvements very effectively - therefore there are no major concerns.
Cloud Guard would be a complete solution if Check Point added a comprehensive data loss solution that included capabilities such as bulk data transfer detection. I would like to see a centralized gateway so that anyone from any geolocation can access the infrastructure with minimum latency. I would like to see additional work on protecting against phishing emails by adding more filters to minimize risk or to harden the security. Stability is the main area that Check Point needs to focus on. Integration with third-party APIs should be supported, as AI and ML can get more inputs to minimize the false rate ratio.
Network Security Engineer - Presales at a tech services company with 201-500 employees
Real User
2020-12-09T05:46:00Z
Dec 9, 2020
The false positive rate is one of the problems that we had faced with Check Point's information. For example, we have a number of false positives in both CloudGuard SaaS and CloudGuard IaaS, which has been quite disappointing when we find them. However, the moment when we whitelist or blacklist false positive things, the solution gives us more efficient security than other solutions. When I teach Check Point IaaS, I feel like it is putting devices into learning mode and feeding more stuff to the solution, which gives me more efficient security. We download the SmartConsole from AWS, installing it on our computers, then managing it from our end only on local machines. I need to download agents for every machine from the Check Point instance. To connect with the SmartConsole, then I need to give public access to Check Point's machine. At that moment, there is no configuration in my machine so I need to give some public access to our machine. Giving public access without configuring anything is the first defect or drawback. It takes a few times for every engineer to download the agent and configure the policy, and that takes five to 10 minutes. Within those five to 10 minutes, it is insecure. The integration with the Check Point console needs improvement, e.g., accessing the SmartConsole is difficult.
The NAVEX metrics that I have been using on the CloudGuard dashboard cannot be exported. If they were to add report exporting capabilities on each of metric objects on the dashboard, that would be awesome.
From time to time, the system's administrators notice the increase in the false-positive alerts being reported by CloudGuard SaaS. The increase usually lasts for several days, with the longest we observed being about a week. During these periods, some number of the "clean" emails are blocked and not delivered to the end-users. I hope the Check Point team would work on improving the detection algorithm and the amount of the false-positive alerts would be more predictable, stable on the minimal level.
IT Security Analyst at a energy/utilities company with 1,001-5,000 employees
Real User
2020-07-28T06:50:00Z
Jul 28, 2020
We still get some false positives. There are times when legitimate stuff gets flagged and it could be that somebody is expecting a very important email but they don't end up getting it. On the flip side, when we alert Check Point about stuff like this, it is corrected, so they are improving. That's a plus. In terms of additional features, right now it shows you login activity for Office 365, a bit of a broad overview. I would like to be able to drill down further into that to see real-time login events on a map.
Manager Firewall and Security at a manufacturing company with 1,001-5,000 employees
Real User
2020-05-21T06:20:00Z
May 21, 2020
One of the areas that I would like to see them develop into the product would be in the user feedback arena. Today, if a phishing email were to get through and bypass the product — which very few do — it would be nice if, when a user clicked on that phishing email, they got a second-chance opportunity, a chance to double-check that they really wanted to proceed to that website.
Technology Security Manager at a energy/utilities company with 1,001-5,000 employees
Real User
2019-02-12T12:12:00Z
Feb 12, 2019
I have a keen interest in being able to consolidate and being able to have one viewpoint. I want to be able to integrate directly into our centralized login. I would love to see the ability to integrate into our SIEM solution which is on-premise. I see where in a later update, they have built ability to integrate with an on-premise logging solution, so this is a big plus.
Check Point Harmony Email and Office is a cloud-based software offering complete protection to stop malware attacks through emails. The software is designed to provide protection for organizations using Office 365, G Suite, Google Workspace, and all other collaboration and file-sharing apps. Access permissions can be granted and custom policies can be defined for any user of choice.
Check Point Harmony Email and Office identifies and blocks advanced malware, phishing, and ransomware attacks...
Check Point should integrate with features available in Barracuda - like more advanced threat management.
The pricing could be improved, because when I first bought it, it was cheaper than it is now. And the first time, I had more features than the trial license. It’s more costly now, but I have fewer features.
The ability to customize based on existing organizational goals, milestones, and current or future state designs is important. Customizable policies regarding how to handle specific email files, their contents, and appropriate remediation steps are critical in product selection. In larger organizations, the sheer volume of emails can be daunting when evaluating solutions. Ensuring the integrity of communications and proper collaboration is crucial to establishing the CIA triad. This solution has reduced insecurities and made scaling this product rather seamless. Initial Learning Mode takes a while. I would like to have protection go live immediately and then have learning mode kick in after the initial scan Email Search can be clunky at times. It would be nice if there was a way to auto-fill recipients or sender fields with known users' payment options.
Some emails, specifically false positive emails, are, at times, detected by Microsoft under the phishing category. Check Point also detects phishing emails. Check Point Harmony Email & Collaboration is a tool that does not pass emails through the user's inbox, even if it feels like an email is not spam or involves phishing. Suppose a tool like Microsoft Defender detects any phishing activity. In such scenarios, emails are quarantined by Microsoft, and then Check Point Harmony Email & Collaboration cannot pass such emails to the user. I feel it is an area that can be improved. There are good options with Check Point Harmony Email & Collaboration, as one can still quarantine suspicious emails, and the users can see those in just a few clicks. The false positives are an area where the tool can introduce certain improvements they can improve by releasing emails to a user's inbox if it feels that there are certain areas consisting of false positives. In the future, it would be great if it is possible to use the tool with Microsoft to help in the area revolving around false positives. Check Point should be able to release emails to the inbox even if there are some phishing emails. If Check Point finds something to be described as a clean email, it should have the option to automatically release it to the user. At the moment, we don't have that option. They have an option for spam emails but not for the emails associated with phishing.
The solution should include DMARC or DKIM-related features.
* Phishing incidents and functionality bugs are misrepresented and can lead to inconsistent email encryption, affecting user experience and potentially compromising security. * This product should prioritize a zero-trust approach. * There are unexplained settings in the security console that lack proper documentation or explanation from the vendor, leaving users without support. * For instance, the back-end query language used to process user-based phishing reports is not documented. * Additionally, certain features, such as the inability to whitelist DLP events by user, are lacking and their inclusion would reduce unnecessary alerts.
In India, pricing is a concern, especially for SMEs. Check Point needs to address the pricing segment for SMEs. Apart from that, the technology and other aspects like sales and marketing are satisfactory. Most OEMs provide similar capabilities. If any OEM introduces new features, Check Point must match those capabilities. It could improve by offering an on-premise solution for customers still using Microsoft Exchange, which currently provides only cloud-based services.
Check Point could improve its marketing strategy. They need to better reach customers and partners, providing more demonstrations and proof-of-concepts (POCs) to raise awareness and drive business growth.
At the time of the purchase of the product for the users in my company, I am unable to see or get details of the users for whom the product has been purchased. I need to go to Check Point's admin portal if I want to see the license list and the details of the users of the tool, making it an area of concern where some ease of process should be provided from an improvement perspective.
The product is a very effective tool. It provides a lot of security to ensure the confidentiality of the information. Although it has good characteristics, it should improve the graphical interface and the latency that it sometimes presents. They should also improve the quality of technical support since, in the last few years, they have lowered the quality of SLA response and do not provide concise solutions. They should also generate a knowledge base where the unified information or the most common errors are found so as not to depend so much on support.
There are a few features that are more geared towards Microsoft users rather than Google, for example, user-reported phishing. It's not fully integrated with Google Workspace, and the statistics don't update in real-time. We appreciate that Microsoft has the larger market share, and Check Point has been improving its Google integration. However, more advancements would be appreciated. That being said, the "What Google wouldn't have caught" report was extremely valuable to us in showing value.
There are a few areas for improvement. One is the occasional sluggishness or latency, which is likely due to the cloud-based nature of the solution. So, the performance can be better. Additionally, while Harmony Email can detect phishing emails that Google has missed, it would be even better if it could automatically quarantine or delete these emails. Since we use multiple Google Workspace accounts across three separate domains, it would be incredibly helpful if Check Point Harmony Email could provide a single dashboard that consolidates all of this information. Additionally, Harmony Email should support other email providers beyond Microsoft and Google, as I also use Joho with over a thousand email IDs. Having a unified dashboard and expanding support to other email providers would significantly enhance the product's usability for many users. Currently, I have to rely on a separate gateway solution, like Cisco, to protect my Joho emails. It would be much more convenient if Harmony Email could handle all of my email protection needs.
It would be good to have the option to export the respective record data from dashboards or logs to .csv or other files. That will help in creating more filters and analyzing the data. Providing more Training videos and documentation will be helpful for beginners to understand how checkpoint works.
They should consider a module that allows the customizing of reports so we can generate executive information for the client (to explain in simple language the general security situation in the SaaS environment). Reports should be presented in such a way that they are readable by non-technical work groups who are involved in information protection and who may misread the information on the dashboard and make incorrect decisions.
The integration with Gsuite could be improved, especially when reporting the amount of emails it manages to filter. It could be improved to obtain a greater level of detail, unlike Office 365, which offers an extreme level of detail and facilitates the management and comparison of what is happening with respect to the mail. Its integration with Gsuite is simpler and has that point against it, however high levels of detail can be obtained in the reports of the solution. On the other hand, the ease of administration and threat detection capabilities are its strong points, and it stands out from other solutions that I have had the opportunity to test before.
The left-hand feature can be made more granular for the implementation of the policy. Our clients want two solutions integrated into one, so this feature would help.
They must provide security to Rediffmail and other email service providers. At present, it is limited to only two email services. They should also offer additional protection to Zoom, Cisco Webex, BlueJeans, and StarLeaf.
The price has room for improvement. Perhaps, if Check Point offered an SMB bucket for up to 100 users or a similar option. This could be beneficial as it would likely result in a more cost-effective solution. I would like Check Point to extend its coverage to include more cloud applications. Currently, 95 percent of our customers are using Office 365 or Google Mail. It would be beneficial if the solution covered a broader range of applications.
With the kind of features we are looking for, be it with Barracuda or Check Point, we are looking at how we can showcase them to the customer and claim that this one is the best solution for your infrastructure and use cases. I would like Check Point's technical support to be improved.
It would be nice to see them expand their collaboration capabilities to include other suites and integrate with lesser-known products. For example, there are other collaboration tools besides Box and Slack that they could explore.
Maybe they could integrate the solution with Avanan. Doing that would really make it a very robust solution. They could improve Check Point support response times. Sometimes it takes days to resolve or even days to get a first response. The solution lacks public documentation and some documentation is not so clear, which means that the client does not understand the implementation that must be carried out. You can only see the costs through a Check Point partner.
I am happy with the powerful performance of the set features. We have achieved the most set goals, and we are grateful for this robust solution. There are sometimes leakages of viruses when the system is experiencing network failures. The information may land in unsafe hands and lead to unpredictable attacks. Timely updates and system maintenance are encouraged to enhance continuous business operations. Efficient categorization of viruses will help filter out advanced phishing attacks before they affect the conversation infrastructure.
The system has programmed categories of threats that are detected automatically. This can lead to virus leakage and spread malicious data across the enterprise. The cost of deployment and integration with other applications is high. Some files are not scanned thoroughly due to occasional network failures. We have experienced the best services from the performance of this platform despite a few operational challenges that rarely occur. Monitoring the system operation for new teams is not easy due to complicated configuration techniques.
The set collaboration and email security features have been stable since we deployed this software. Check Point Harmony Email & Collaboration cost is high, and the deployment process may take longer in a new environment. It blocks secure communication if the settings are not well set and defined for a given time frame. The most set objectives have been achieved with this leading anti-phishing platform that helps to keep the entire organization safe. It has prevented account takeover and created the best infrastructure for sharing files and data. After updates, the internet connection fails, and I have to restart my desktop to resume initial functionalities. It is not easy to establish the number of computers that have access to this network.
They could continue to offer more stringent security policy measures for threat point management. Their zero-day threat protection can be further strengthened to have better compliance control, as 1% data loss and data breaches are still possible through existing systems. Even this 1% carries the potential to harm the system for a long time. We should have more and more pilots of security systems across different business environments to have 100% security checks and compliance.
The solution really has many outstanding features. It is quite easy to install and configure and is very complete. We could analyze services such as SharePoint and have more seamless integration. They could help us be integrating features with solutions from third parties. That would be very helpful. Right now, we do not have complete analysis when it comes to analyzing and detecting all the data that is saved. Having a product that could sweep repositories would be great.
Harmony Email & Collaboration could be improved by making the whitelist available on the website and application level.
Something worth mentioning is the need for Spanish language support and better representation for teams in the Latin American area. There is a growing demand for these IT services and new technologies. Its guides are not great. It would be more pleasing if these guides could be updated and improved in their design. The support that most requires attention is the phone calls or the cases through the support page. Several times, through the chat function, we found that it gets stuck and does not bring up the live chat.
Check Point Harmony Email & Collaboration presents a problem similar to the other Check Point tools that it was able to manage, and that is the access to its administrative functions. Since the portal to the management and administration entry sometimes has performance problems and takes a long time to respond to what has arrived, the handling of the tool is difficult. It presents problems in the management of technical support since the SLA is not optimal, causing delays. This means that security problems may arise since it does not provide a quick response or a concrete solution.
Since this solution is administered through Check Point Infinity Portal, this would be the entry key for management. Sometimes the portal has performance problems, and sometimes it takes time to respond, which causes difficulty in managing the tool. It would also be very good if they improved the support management since sometimes they take a long time to respond, or offer help only during office hours, which is not the most convenient. Sometimes you choose to investigate by your own means or using the Check Point documentation.
It is one of the best solutions for cloud-based email security. Almost all features are available, which is required by most organizations. Still, some other features could be added to create more advantages, such as integration with on-premises exchange integration with other SaaS clouds. Integration with other threat clouds and AI engines would be helpful. A phishing simulator would be helpful as a user training module. Publishing future roadmaps would help us understand what to expect. The product should offer integration with other SIEM tools. Improvement is a key element of any product and Check Point is doing improvements very effectively - therefore there are no major concerns.
Check Point has to continue refining the intelligence engine to minimize the number of false positives.
Cloud Guard would be a complete solution if Check Point added a comprehensive data loss solution that included capabilities such as bulk data transfer detection. I would like to see a centralized gateway so that anyone from any geolocation can access the infrastructure with minimum latency. I would like to see additional work on protecting against phishing emails by adding more filters to minimize risk or to harden the security. Stability is the main area that Check Point needs to focus on. Integration with third-party APIs should be supported, as AI and ML can get more inputs to minimize the false rate ratio.
We are unable to export the reports from the dashboard, and if it is possible to do then it is not intuitive.
The false positive rate is one of the problems that we had faced with Check Point's information. For example, we have a number of false positives in both CloudGuard SaaS and CloudGuard IaaS, which has been quite disappointing when we find them. However, the moment when we whitelist or blacklist false positive things, the solution gives us more efficient security than other solutions. When I teach Check Point IaaS, I feel like it is putting devices into learning mode and feeding more stuff to the solution, which gives me more efficient security. We download the SmartConsole from AWS, installing it on our computers, then managing it from our end only on local machines. I need to download agents for every machine from the Check Point instance. To connect with the SmartConsole, then I need to give public access to Check Point's machine. At that moment, there is no configuration in my machine so I need to give some public access to our machine. Giving public access without configuring anything is the first defect or drawback. It takes a few times for every engineer to download the agent and configure the policy, and that takes five to 10 minutes. Within those five to 10 minutes, it is insecure. The integration with the Check Point console needs improvement, e.g., accessing the SmartConsole is difficult.
The NAVEX metrics that I have been using on the CloudGuard dashboard cannot be exported. If they were to add report exporting capabilities on each of metric objects on the dashboard, that would be awesome.
From time to time, the system's administrators notice the increase in the false-positive alerts being reported by CloudGuard SaaS. The increase usually lasts for several days, with the longest we observed being about a week. During these periods, some number of the "clean" emails are blocked and not delivered to the end-users. I hope the Check Point team would work on improving the detection algorithm and the amount of the false-positive alerts would be more predictable, stable on the minimal level.
We still get some false positives. There are times when legitimate stuff gets flagged and it could be that somebody is expecting a very important email but they don't end up getting it. On the flip side, when we alert Check Point about stuff like this, it is corrected, so they are improving. That's a plus. In terms of additional features, right now it shows you login activity for Office 365, a bit of a broad overview. I would like to be able to drill down further into that to see real-time login events on a map.
One of the areas that I would like to see them develop into the product would be in the user feedback arena. Today, if a phishing email were to get through and bypass the product — which very few do — it would be nice if, when a user clicked on that phishing email, they got a second-chance opportunity, a chance to double-check that they really wanted to proceed to that website.
At this time, the two-factor authentication does not work for Active Directory. This is something that we are looking forward to.
I have a keen interest in being able to consolidate and being able to have one viewpoint. I want to be able to integrate directly into our centralized login. I would love to see the ability to integrate into our SIEM solution which is on-premise. I see where in a later update, they have built ability to integrate with an on-premise logging solution, so this is a big plus.