What needs improvement with Check Point Harmony Endpoint?

There should be an indication when you assign an endpoint to be a local proxy for other endpoints. The current system doesn't clearly indicate whether the assignment was successful. I even talked to Check Point support about considering this as a feature request.

The only drawback is the integration process. For example, I want to integrate with my source platform. It took some time. That's the only concern regarding the integrations. Check Point Harmony Endpoint doesn't have any XDR kind of solution. DLP functionality and all are not yet there. And then, the performance also sometimes gets deep. CPU utilization could be further optimized.

As such there is nothing I can think of additional features. The services of EDR consumption should be reduced and the support needs to be improved.

The drawback associated with the product is related to macOS since some features in it don't work. Some features sometimes do not work at all, and at times, they lag. When you install Check Point Harmony Endpoint, the system lags in between because it is a heavy agent. When you try to deploy some of the features you can deploy, like anti-malware and anti-ransomware, during which your system may sometimes get stuck.

Simplifying the user interface and making it more intuitive can enhance usability; this is more beneficial for those who are new to the industry and lack knowledge about threats. Enhancements in compliance management and reporting capabilities could help organizations meet regulatory requirements more effectively and streamline audit processes. Continuously updating and enriching threat intelligence feeds and research capabilities can improve threat detection and prevention accuracy and effectiveness.

The solution does not support some endpoints, such as iPhones, iPads, and some operating systems. Some endpoints were excluded while scanning all the endpoints, and we didn't understand why this happened. There could be some code issues or bugs in the application, which should be worked on during new upgrades. If you have 100 endpoints connected to your cloud, the solution might skip two to five endpoints during scanning. Hence, you will not get the complete report of all 100 endpoints. Check Point Harmony Endpoint is not capable of AI functionality. Its customer support services and user interface could be improved. The report lacks information, and the scanning is not fully optimized for the endpoints. Some of the fields in reports are still blank while scanning. The solution's customer support and services need to improve. The agents should know how the endpoints work and their functionalities to guide the user. Scanning takes a lot of time and is not fully optimized. If we run the scanning manually, it skips some parts of the endpoints. Check Point should focus on the design of the user interface, provide more options, and make it more user-friendly instead of bulky.

From an improvement perspective, the major challenge we've faced with Harmony is the support. While the technical features and xRail-based aspects are good, support still needs to be improved. However, this concern could be addressed effectively if they focus on improving support.

The heartbeat interval must be improved. Sometimes, when we change the policy in the console, it does not reflect in the endpoint. Sometimes, we find it difficult to change the policy. The tool lags sometimes. When we change the user password in the Infinity Portal, the password does not sync on time. There is a one-minute heartbeat interval from the server to the console. We have a graphical UI in threat hunting in which we can see the attacks. If audit logs have a similar graphical UI, it will be easier to analyze the logs.

The patch management and upgrades are not timely. It doesn’t require downtime, though. We want to enable continuous email services without any downtime. The product must provide integration with emerging technologies like AI and machine learning. It will help predict and minimize security threats, malware, and phishing attacks.

The tool is not too intuitive if you want to monitor and see the results to investigate in a layer. It's not easy to investigate an incident that you find in the company. Users often face trouble when downloading files, so it is very slow in terms of how it works. The tool is not very supportive of all the versions when it comes to the part of loading hash codes, so it may support SHA-1 but not SHA-256, meaning it doesn't support all the formats. Calling the support team for the solution doesn't help. The support team of the solution lacks etiquette. The technical team of the product told our company that we need to get Check Point products through an official vendor only. Technical support for the solution is an area with issues where improvements are needed.

A robust threat intelligence integration could elevate proactive defense, offering real-time insights to anticipate and thwart emerging threats more effectively. Enhanced behavioral analytics would provide a deeper understanding of endpoint activities, fortifying our defenses against sophisticated cyber adversaries. Streamlined incident response tools within the platform would empower security teams to react swiftly and decisively in the face of potential breaches. Integration with emerging technologies, such as artificial intelligence and machine learning, could usher in a new era of adaptive and self-learning security protocols. Furthermore, a user-friendly interface for custom reporting and analytics would empower organizations to derive actionable insights from security data. In this ongoing narrative of cybersecurity evolution, the inclusion of these features in the next release would undoubtedly fortify Check Point Endpoint Security as an even more comprehensive and dynamic guardian in the ever-expanding digital frontier.

Check Point offers solutions with only a few features for our company's customers' sites. My company hasn't found any bugs or didn't find the solution to be complex. Features like zero phishing, sandboxing, threat emulation and extractions, malware detection, and EDR solution capabilities need to be included in the product. My company expects more granular EDR functionalities in Check Point Harmony Endpoint.

There are a number of features behind paywalls which can be frustrating when you are already paying a premium. The support is limited at times and can be quite slow, you are often directed to articles in the support center to read solutions for yourself. As a result, a lot of time has been spent reading Check Point articles on the online platform to increase knowledge around the product and further cyber security awareness in the team. It would be good to have a more direct route to remote support and demonstration.

We would love to have more endpoint hardware and software inventory, as well as tools to perform troubleshooting directly on the endpoint remotely. A further point of improvement would be to be able to optimize the consumption of resources on the device. We would also like the application control module to be further developed in future versions to include applications commonly used or maintained by Check Point in order to be able to configure blocking policies more quickly.

Perhaps the software could be made more resource-efficient. While many improvements come to mind, I don't have them readily available. Essentially, I aim to enhance the software's efficiency so that it places fewer demands on computer resources.

Check Point Harmony Endpoint's agent is a bit heavy. Check Point Harmony Endpoint should probably support more in Linux as well.

Overall, my experience with the product is great, and it's a perfect endpoint solution for multiple purposes. The solution can be made lightweight in order to keep the systems more effective during the background operations of the scanning and security checks. The user interface of reporting dashboard needs to improve for a better understanding of the end users and the administrators. The pricing of Check Point Harmony Endpoint can also be reduced. They are quite expensive at the moment.

I am very satisfied with the performance of Harmony Endpoint and have found it to be a very effective parameter protection tool. However, it can be improved in some aspects. They could offer more customization of security policies to help us gain more control over how security policies apply to different devices and users. They need to improve integration with other security solutions. Also, adding features like a built-in vulnerability scanning tool to identify potential vulnerabilities in my devices and systems will help me take preventative action before an attack occurs.

It has full performance capability to execute the given duties. It blocks safe URLs sometimes when there are network interruptions. The cost of deployment varies with the existing working conditions and the organization's size. The cloud networking infrastructure can be attacked if there are limited security features and poor monitoring capacity from the IT team. The overall performance impressed my team. Check Point Harmony Endpoint is the sure deal for enterprise security coverage and computing device control.

The system has comprehensive data management features that have saved us from incurring unplanned losses. Timely updates and suitable configurations can block malware attacks and provide effective reports on security situations. The setup process was complicated, however, when the customer service team came in, they provided productive guidelines that have kept the system working efficiently. The next release should consider a strong threat detection mechanism that can categorize various levels of attacks for faster analysis.

The current performance of Check Point Harmony Endpoint has impressed all the sectors in the organization. Configuration with some applications did not take place effectively due to setup complications. Interpreting the threat intelligence sensors may lead to poor data tabulation and slow performance. The cost of deployment and maintenance is high, and many small enterprises may not be able to afford premium subscriptions. The set security enhancement objectives have been achieved, and internet threats have been blocked effectively. I totally recommend this software to other organizations for reliable endpoint protection.

This is one of the most innovative solutions due to the fact that it includes many real-time content filtering features, management, and assurance of the transactions of what went in or out of our peripherals. That said, it is important to integrate other solutions to continue innovating in the market. I would very much like to have the opportunity to see applications access at the web level and have applications from different brands and devices give simplicity to the management that we are going to need in the future.

Some areas of improvement could be : 1. Making the user interface on the server more intuitive and user-friendly. 2. Making it easier for the user to do tuning and configuration to the server or the client application. For example, to turn off notifications, the user should be able to do that with some clicks on the user interface instead of searching and reading about how to do it in the knowledge base first and then trying to do it. 3. Our application version is quite old, and Check Point already released a newer version for endpoint protection, which includes a cloud version. After doing some trials, we see that Check Point already made many improvements to the features and user interface.

The improvements that can be mentioned are few. The solution and its architecture are very well done. The Check Point Infinity Portal sometimes has some latency or performance issues that are slightly worse, affecting user management. It cannot be improved by the customer. We would also like to make the documentation for more modern solutions like the Harmony family easier to find. That way, we can implement these solutions with the best practices recommended by the manufacturer.

It would also be great to include DLP capabilities for the endpoint so that we do not have to deploy additional agents on servers or PCs or use additional products. It would also be great to include FIM capabilities for the Endpoint so that we do not have to deploy additional agents on servers or PCs or use additional products. It would be great if we could have additional DLP capabilities to identify personal information or any kind of information to comply with regulations that require information protection.

It is one of the best, however, with respect to its support on iOS and Android, it can improve a little more. Something worth mentioning is the need for support in Spanish and better representation for teams in the Latin American area, where there is a growing demand for these IT services and new technologies. Its guides are identical to the existing ones. These guides should be updated, and they should improve their design. Let people try it, and it will quickly remote users.

We have few disadvantages or improvement points. However, the Infinity Portal sometimes requires more performance. It is a small detail. However, it could be improved. On the other hand, it is also essential that the manufacturer improves the public documentation so that users can better understand how it can be implemented with best practices. Finally, at the support level, we believe that Check Point can improve. Sometimes the answers are provided at dawn, which makes it more challenging to solve.

The price of the product could be more friendly.

Some problems that I have had with this and other Check Point tools in the cloud is when entering the portal since it stops responding or takes a long time to process a query and this causes delays and efficiency. They should also add new functions such as threat hunting. Finally, it should be able to implement with and have a good integration and interaction with Azure in the management of vulnerabilities, and data management that between the two can be integrated 100% with Check Point Harmony Endpoint and thus be able to make good automated management.

The Check Point Harmony Endpoint is a very complete solution. Even in the most basic version, it already includes EDR, which today is very important and something that all endpoint solutions should consider having from the most basic versions. We would like to have one more step and that's to give and have full-disk encryption. Compared to other brands, we would like a dedicated anti-spam to be included in order to close the full circle. We could have it with Check Point Endpoint, mobile, cloud, or firewall. An all-in-one console would be great.

Everything can always be improved. Specifically, there are gaps when it comes to security.

More development in Linux may help, however, the fact that the product could also have some more documentation as suggestions on what to do may also help. The product may take some time to navigate at first but apart from that the log ingesting and working on getting a client installed may take some time. I would like to see more automation. Also, encryption management is not made available in all versions but if it could be extended that would be great. Sometimes it may take some slight delay, however, it's nothing too bad.

Sometimes the portal loads slowly which should be improved. There should be an easy option for the administrator to turn off or disable malware protection on a specific asset or computer instead of adding a specific asset in a Disable group as that will make it easy for the admin to disable if and when required for some testing purpose. I would like this feature to be added. Logs searching also needs to be more quick and enhanced and more metadata should be stored in the logs for Endpoint for a better view for admins.

The lack of time setting for policy application, for example, from 8 am to 9 am, to have a policy applied and then from 9 am to 10 am for another one. A more responsive UI would be nice. Sometimes, with a lot of clients (1,000) the UI is a bit sluggish. The operation of reinstalling a machine also requires a bit of work since we have to delete the object before installing the app on a formatted operating system. It should be able to lock settings and licenses to the machine ID that never changes with an OS installation.

The web filter service could be improved. It would be great to have a self-service user request for sites. An administrator would still need to approve, however. The block screen could have a nicer screen or allow it to be customized. The list of exceptions for URLs could be improved with a separate screen for a large list of exceptions. Having the same exception list for mobile and endpoints would be great. We are hoping to transition to the SOC based service. Think this is still new; we're looking forward to get more information and test.

The management in Check Point Harmony Endpoint could be improved. In a future release, the solution could add more threat intelligence features.

Personally, I'm looking forward to separating server management policies. They could improve memory consumption. Once we installed a CP agent in our system, we found that it was consuming more memory. Even a normal configuration system can be hung. Malware detection is an add-on plan that can't be added on. It's the most important part of endpoint security. There's a forensic addon which is very important after threat hunting against attacks.

We'd like it if the solution continued to add new features. For example, what would be specifically useful to us is a feature that allows threat hunting. They may be already working on that or have something available, however, we need something robust and effective. I'm not sure if they need to improve anything right now. They are already developing new aspects that are quite innovative. The only thing that our customers want, is lower prices.

The solution is mostly very good. The reason why I'm trying to compare it with FireEye is due to the fact that it's supposed to be a mandate by the State. We are trying to justify the fact that we don't need to change our environment. For example, if the only thing that they want is to provide reports for the State, then that's a different story. We can customize the reports based on what they're asking for. We don't need to change or want to, however, the State may require us to. Technical support can be a bit slow at times.

There needs to be compatibility with the most recent versions of the various operating systems. They need to be up-to-date with the signatures of new viruses and the latest ramsonware. With the encompassing of all its solutions in one platform, there should be artificial intelligence for specific analysis to thus be able to anticipate and detect unique risks to the organization. To be able to count on the administration console on any device and online cloud would be ideal. We would like there to be no need to install clients as executables.

An additional feature I would like to see involves the VPN.

Tech Support must be better. Whenever we log a case for any issue it takes too much time to get it sorted. There should be escalation by default. If the case is not being sorted quickly, it must get internally escalated to the team who are experts and they should be empowered to jump in to get the issue fixed. Many times, we have to be on it for weeks to come to a proper resolution. Website blocking and endpoint levels are still a challenge and there needs to be a more sophisticated solution. We are looking forward to having this product work more efficiently.

Endpoint vulnerability management is one of the modules I believe is missing and it is something that is required. I recommend adding this feature in an upcoming release as it will provide complete visibility of endpoint vulnerabilities. Endpoint Patching is another good feature that could be added and is required to mitigate vulnerabilities. Currently, the DLP Module is not available and it is one of the requirements from an endpoint perspective. It would be good to add in an upcoming release. There needs to be improved integration with the on-premises/Azure AD. Software deployment needs to be added.

Technical support needs to be improved, along with the response time. The technical team or any product team should liaise with us and help to deploy the solution to the first few customers so that we can roll out to the rest of the customers. They need to improve the licensing process as well so that it is easier for the end user. At present, we have to wait one to two weeks to get a license, which is not productive. The process is not very smooth or convenient for the end user because Check Point Harmony Endpoint provides two login portals. One is for licensing, and the other is for management. In the future, I would like to the management portal and the licensing portal be integrated or changed to a single sign-on because that will be good for both the panel and the user. If they can make it very convenient for deployment and monitoring, it would be good. If we could get technical support in Singapore, then it will be helpful for our customers.

The Threat Hunting module is not available for on-premises deployment. The user has to connect using the VPN to take Policy Server updates when the solution is hosted on-premises. This adds overhead, as the user has to connect to the corporate network to get the policy. In the case of a hybrid setup where the Policy and Management Server is on the cloud, the Sandbox appliance has to be on-premises. Policy configuration and deployment are complex. The application control and URL filtering features are not very strong. Application Control databases are generated locally and it does not provide any visibility to the admin on which applications are installed on the endpoint. The solution is supported only on Windows and MAC and not any other platform.

The solutions agent could have better performance, it is a little slow sometimes.

The only two bug bearers of Check Point SandBlast that I have come across are as follows: Sometimes, the Cloud Management Portal can become unresponsive or take a long time to process a query. This in turn will cause the browser to freeze, which will require closing and reopening of your browser. The second is that getting useful "administrator" information requires digging into the policy rules via a second management agent installed on your computer. However, once installed, it is easy to navigate and use so is more of a slight inconvenience than a major issue.

We cannot integrate this product with other solutions, which is something that should be improved. I believe that it is in the roadmap. Other vendors have some non-security-related features in their endpoint protection solutions that should be implemented in this one.

I think some work needs to be done to improve the integration with other third-party products, namely SIEM solutions. We found it quite challenging. We found out the hard way that the configuration was lost when we version upgraded the management console.

As of now, product-wise, we haven't found any major concern that needs to improve, although it does not support full MDM and this is something that should be there.

We do like the product, although there are quite a few things that we're asking our Check Point account team to enhance, where we think we probably could get more features from it. We use a couple of Check Point products, like SmartEvent, and SandBlast Agent is not really integrated into that. We haven't gotten the reports working yet. We are working with the account team and trying. As I said, it's still relatively new in terms of what we're trying to achieve. We probably should have had more Professional Services come and help us. But, from our company's point of view, especially at this time in the market, the finances are just not there. But from what I've seen so far, I don't think there's enough integration into SmartEvent. That's something that I've asked our account team to try to focus on in the next versions or as an enhancement request. Integration and deployment are probably the weakest points, and maybe service as well, although they are still at the high end. Would we go out to market and buy this on its own? Probably not, is the honest answer. But because it is a Check Point product and the licensing comes as part of it, it gives us this time to go and prove that, when it's together with all the other products that we have from Check Point, it certainly integrates very well. Would I go and buy this just as a standalone service if we didn't have Check Point firewalls? Probably not.

It needs more documentation and better ease of deployment. For documentation, it needs more information about integrating the endpoints on SandBlast Agent mobile as well as on desktop platforms.

Some of the less tech-savvy users sometimes find it difficult in adjusting and learning how to use the platform. In some areas, the user-communities that ought to help are not readily available. Perhaps in the future, the vendor ought to send a sales representative or a knowledgeable person to each buyer to assess how they are using the platform. In case of any challenges, they should help them in using the platform efficiently.

It is a very complete product but you have to know how to parameterize it well to avoid high CPU consumption. SandBlast Agent had moments in which it had a high load, we escalated it to the CheckPoint support that helped us to stabilize it. We had a problem with the parameterization of the solution. Once corrected by following the CheckPoint instructions, everything worked normally again. It is also missed that it does not have a Linux client since some administrators use this type of operating system.

There should be some way of managing this solution outside the organization's network, possibly with some type of remote access. For example, if I'm the admin of Check Point who manages the entire network, I would like to have access on my home device or maybe a mobile app to get reports, etc.

The solution could be improved in the future with a way to provide online training to customers for free, as other providers do. Ideally, it would be not only for this solution but for all of their systems. I found that there is no Check Point online training center and I think that is something vital for most of us as customers.

Stability. We know that Check Point has a very good database about threats even Check Point tries to make this EDR stable still there are some issues we were facing after upgrading or taking TAC to help its got resolved but Check Point really needs to work on metadata. Check Point agent to Server communication many times got interrupted or cloud-managed infinity portal dashboard gives many issues while creating policy or installing uninstalling agent or packages. Heavy load on the system gives issue which can be in a different manner.

As I understand there will be a URL filtering feature included with the browser agent in the future. This will allow URL filtering without the need for a Gateway Device. This is something I am looking forward to and would be a great addition to a list of features. The best improvement to the product that can be made is to make it less resource-intensive so it may work effortlessly on slower systems. The ability to push the Endpoint Client over the network without the use of 3rd party solutions would be an asset.

I would like to see simple sandboxing for malware analysis. But, they are not the leaders in this market. I would like to see virtual tasking as a feature.

The antivirus is not as friendly as other solutions and can be improved. We would like to have the ability to stop and restart the service remotely, which is something that we can do easily with Symantec but have a hard time with when using Check Point.

It isn't exactly the cheapest, but then it's Check Point. The price could be improved. I'd also love to see them add full MDM support, but I appreciate that that's not the product market. If it did come in, I'd be more than happy to look at additional modules. It was probably one of the easiest products I've ever had to deploy it, but if it's not capable of doing MD, then that's going to impact its usefulness to us.

I would like to see support for a policy in the appliance that will refuse to create a connection if it does not detect an active virus scanner. Two-factor authentication is missing from this solution.

The solution could improve VPN functionality and the VPN user-interface.

One area of this product that has room for improvement is the disc encryption. I'd like to see a patch management solution like Kaspersky has. That's the only feature that's missing.

They should provide bandwidth regulation so we can monitor and regulate bandwidth.

The entire industry may move to the cloud, where we don't have to worry.

The remote deployment with Check Point Endpoint Security requires improvement. We have to depend on some of their deployment tools. I would like a dependable system endpoint protection management tool or remote deployment tool. The deployment on the remote client needs some type of tool to implement it.