Check Point Harmony Endpoint Reviews

We have this at an enterprise level and we have it for all our endpoints. We use the product for disk encryption, anti-malware, and BPM blades.

The solution offers disk encryption, anti-malware, and BPM blades. For example, the Disc Encryption Software Blade is actually a part of this endpoint security solution. The whole thing is good for us.

The product has been proven 100% effective with us. We haven't had anything related to any threats passing to us for the past five years.

The solution is easy to use. It is self updated when there's a new version. It updates seamlessly, no matter what features you have. However, depending on what we use, there are some features that they will not apply in the clinics. We don't have the preview screen. We can customize it in a way that it doesn't disrupt our operation depending on if it is a laptop, it is a desktop.

The security is very good.

The solution is very straightforward.

The solution scales well.

We have found the stability to be very reliable. 

The solution is mostly very good. The reason why I'm trying to compare it with FireEye is due to the fact that it's supposed to be a mandate by the State. We are trying to justify the fact that we don't need to change our environment. For example, if the only thing that they want is to provide reports for the State, then that's a different story. We can customize the reports based on what they're asking for. We don't need to change or want to, however, the State may require us to.

Technical support can be a bit slow at times. 

We've dealt with the solution for ten years.

The solution is very stable. There are no bugs or glitches. Its performance is good. It doesn't crash or freeze.

The scalability of the product is very good.

The solution offers very good technical support. While they may be a bit slow, they always come through with a solution. 

The initial setup is very straightforward. It's not a problem at all. 

I have no information in terms of the pricing. I'm not involved with neither the purchase, maintenance, contract, or anything that has to do with licensing.

The company may be interested in trying to change to FireEye. I'm looking at it now to see what differences and advantages are at play. 

We're just a customer and an end-user.

I'd rate the solution at a ten out of ten. We've had no problems with it at all.

Kaspersky is suitable for small and medium-sized businesses (SMB), while Harmony is for enterprise segments. There are different requirements for enterprises versus SMBs. At an SMB, one administrator handles the firewall, network, and endpoints. You have more specialization in an enterprise. So at a larger scale, where you have a 5,000 or 10,000 users use case, Harmony helps pinpoint where security is lacking on a particular machine. 

Harmony's endpoint sandboxing is really good.

I haven't had any difficulty deploying Harmony for up to 5,000 users.

Check Point support is really good.

Harmony is very easy to deploy.

Check Point Harmony is definitely pricier compared to other endpoints.

I rate Check Point Harmony 10 out of 10. It's a unique product. It's the best in this class. I feel that Harmony is better than Crowd Strike or any other similar solution in that class. However, I would like to see more competitive pricing and better training for partners. 

The main option for which this solution is used is to have all the peripheral equipment protected - avoiding risks due to malware and viruses. The solution can be managed by device, with filtering and analysis of the information of all collaborators available there. 

It's used to analyze emails from key users and for content filtering rules. It does not allow dangerous downloads, which protects the work of the organization outside the main network. It gives tools to the collaborators to make the work outside the installations (home office) easy.

With COVID affecting the world, a solution was needed that could be able to provide security at workstations outside of the organization itself. With the sandblast tool, coverage is made on the equipment that we provide (laptops) and employees can carry out their activities from home. The tool has provided us with security to ensure that the computers are protected while also providing information analysis. It offers easy control and implementation of content filtering rules. Thus, you have control of all the organization's teams outside and within the operational network.

The endpoint agents, which can be installed in one go, are great. The communication with the console is very dynamic and remote, without the need to return to the computer locally. 

From the administration console, we can generate content filtering rules and labels, as well as run an analysis of emails and downloads that the collaborator does to fulfill their functions. Informing the administrator of threats by mail gives us the facility to detect real-time vulnerabilities in order to continue fulfilling the objective of safeguarding the information of the organization.

There needs to be compatibility with the most recent versions of the various operating systems. They need to be up-to-date with the signatures of new viruses and the latest ramsonware. With the encompassing of all its solutions in one platform, there should be artificial intelligence for specific analysis to thus be able to anticipate and detect unique risks to the organization. 

To be able to count on the administration console on any device and online cloud would be ideal. We would like there to be no need to install clients as executables.

I've been using the solution for one year.

We like the idea of ​​continuing to implement more solutions offered by Harmony.

Technical support is good. They comply when we need support or have product questions.

No, Sandblast was chosen as the first option.

The solution meets our business needs. 

We did look at Fortinet solutions.

We use it for multiple purposes. It's for securing the endpoints. We have about 200 endpoints added to this solution and being maintained. Its server is cloud-based and here our in-house IT team takes care of the installation and configuration on endpoints. We are required to secure our endpoint from any external attacks. It's also well controlled so that only required access is to be given to end-users. Whether it's about blocking unwanted websites or port blocking, we use the solution to manage everything.

The anti-malware and port protection, etc., are good. We have about 200 endpoints on this solution being maintained. We like that its server is cloud-based and that our in-house IT team can handle the installation and configuration on endpoints. It's great for securing our endpoints from any external attacks. We can control access to end-users. 

Tech Support must be better. Whenever we log a case for any issue it takes too much time to get it sorted. There should be escalation by default. If the case is not being sorted quickly, it must get internally escalated to the team who are experts and they should be empowered to jump in to get the issue fixed. Many times, we have to be on it for weeks to come to a proper resolution. 

Website blocking and endpoint levels are still a challenge and there needs to be a more sophisticated solution. We are looking forward to having this product work more efficiently.

We have been using Harmony Endpoint for over six Months.

Tech Support needs improvement.

Currently, our servers are not protected by a working anti-virus solution that receives updates. These servers & particularly the business are at extreme risk of not only suffering a breach and losing data, but also have a high risk of infecting the rest of the subsidiaries owned by Tyrion.

The solution hinges on the following requirements:

• The ability to be completely managed from a Cloud environment, including the ability to download new signatures whilst not on the corporate network;

• The ability to generate reports based on set criteria (which can help justify the cost);

• Ability to generate alerts or notifications to an administrator in the event an infection is detected so that Security Incident Response can be initiated;

• Where possible, the tool should have the ability to complement existing tools sets, replace already existing toolsets, or bring something beneficial to the table to help strengthen the security posture;

Implementing a fully functioning anti-virus solution gave the company the ability to defend against almost all threats that occur either on or off the network. It has further given the security team the ability to respond to incidents quicker and perform root cause analysis easier, thus reducing the number of man-hours needed to fix a potential outbreak.

Additionally, it will also give the security team greater reporting capabilities to show the business the types of attacks it faces on a monthly basis. This is through a monthly report & it will help the business tailor security training to its end-users so that they can better defend themselves against these attacks.

The most useful feature so far has been having a functioning and up-to-date anti-malware scanner. This has found multiple dormant threats that have existed within the business that other anti-virus products could not detect.

In addition to this, threat extraction & threat emulation have been a big benefit to give the users more autonomy. For example, allowing them to release their own spam emails that were captured by our spam filter, knowing that the files that are released will be scanned and checked for known viruses.

The only two bug bearers of Check Point SandBlast that I have come across are as follows:

Sometimes, the Cloud Management Portal can become unresponsive or take a long time to process a query. This in turn will cause the browser to freeze, which will require closing and reopening of your browser.

The second is that getting useful "administrator" information requires digging into the policy rules via a second management agent installed on your computer. However, once installed, it is easy to navigate and use so is more of a slight inconvenience than a major issue.

So far, the Check Point SandBlast Agent is in the deployment stage, as we have only had the product for one month.

Stability-wise, we are 90% happy. If the web console could be made more stable, this would go to 100%.

In my opinion, this product is extremely scalable.

We have used multiple different anti-virus products including those by McAfee, AVG, and Kaspersky. This project was to centralize the AV to one single platform.

The initial setup is extremely straightforward. After engaging with Professional services and implementing best practices, we have had only one or two teething issues with the product, which can be easily resolved with a rule change.

Our in-house team implemented the tool with vendor support. Vendor support was extremely knowledgeable of the product and its capabilities

The number of man-hours saved administering multiple AV systems has been the biggest ROI.

Initial monies replacing all AVs with a single product is about £10k.

We looked at Kaspersky, CloudStrike, and VMware Carbon Black.

If you have never used a Check Point product before, I would highly recommend engaging with a Professional Services provider to help with the deployment of the tool & ensuring you implement the tool based on best practices.

Additionally completing the training for the Checkpoint Sandblast tool will equally achieve the same goals.

We have used Check Point Sandblast Agent as an anti-malware solution. We were already working in a Check Point environment, which made the decision to purchase an endpoint security product from Check Point easy.

We first tested it in a Lab environment, where we sampled various malware, some less complicated than others. We were impressed with the results.

Check Point Endpoint Security really helped the business stop various malware attacks throughout the time we used it, including a ransomware attack, which was stopped in minutes.

The Sandblast Agent really made a difference for the organization. It integrated well with the existing Check Point environment we had in place. It was used both for threat protection and remote access VPN.

I think some work needs to be done to improve the integration with other third-party products, namely SIEM solutions. We found it quite challenging.

We found out the hard way that the configuration was lost when we version upgraded the management console.

We have used Check Point Endpoint Security for the past two years.

We did not use another similar solution prior to this one.

We did not evaluate other options.

We are using Check Point Endpoint security to protect our remote users, as well as our roaming users that are accessing our on-premises resources externally.

We have come to know that our remote and roaming users are completely secure with Check Point Endpoint Security. With this confidence, we are now planning to roll out this solution for our on-premises resources, including machines and devices, as well. This will give us complete endpoint security.

Check Point Endpoint Security has improved our organization with features that include Security, Management, and Reporting. We have not yet rolled it out for all users, but that is our intention.

With this product, the data accessible by our endpoints is secure.

We have zero-day protection, which is not available with our other endpoint protection solution. That is the reason we preferred to implement Check Point Endpoint Security.

Finally, from a management perspective, the single point of control makes it more manageable.

The most valuable feature is the Zero-day protection, which covers our on-premises users, and well as those users who are outside of our network. 

With Zero-day protection, we have complied with our customer-specific policies as well.

Most of our users are working on customer-related projects and today, everybody is looking to have zero-day protection at the endpoint level, as well as to protect against unknown threats or viruses.

As of now, product-wise, we haven't found any major concern that needs to improve, although it does not support full MDM and this is something that should be there.

We have been using Check Point Endpoint Security for the last six months.

Scalability is very good and there is no such concern for this solution.

The cost is huge compared to other products that are available on market.

We haven't evaluated other products but we know there are many that are cheaper than Check Point.

In my opinion, it is a very good solution for organizations with a complex environment. We can secure it. From a security perspective, we trust only Check Point endpoint security. This product is a market leader.

With every new firewall that we're purchasing, we're deploying the SandBlast Agent. At the moment we're only running it on about 20 firewalls, just because the licensing isn't retroactive. What we need to do is produce a proof of concept to say, "This is the stuff we're getting." We're looking at it in a learning mode and then we can consider getting into a more aggressive mode of stopping everything. At the moment, we're trying to use it to give us information rather than to fully stop everything.

It's deployed on our physical firewalls, on-prem.

We have seen some attempted ransomware in our network. With the firewall we've already got IPS, but we wanted to integrate the endpoints into that as well. That's something we are seeing. Our IT risk team are getting those reports and seeing them and seeing fewer potential attacks.

It reduces potential downtime through ransomware by reducing risk. I don't think I would go to the CEO and say, "Hey, we've completely eradicated this and that," but it certainly complements other Check Point products that we have. It gives us some more information about what is happening and where it's happening on the network, on-prem, on the applicable firewalls. It's hard to say exactly what it has improved because it just works very well with what we've got. Certainly, with our Windows environment and our VPN, we do see a lot more. But I don't know if there's just more of a focus on the reporting, as a whole, that we're getting.

We have had previous ransomware attacks, and while we can't necessarily quantify any downtime or loss, there certainly was risk around that. This has reduced our risk in that environment. That's one of the big focal points. From a network operational point of view, could you ask, "Well, has it reduced things?" and the answer is "no," but from an IT-risk point of view, our IT risk team have certainly seen less impact from attacks. We're more proactive than reactive, compared to how we were doing things before.

We don't see it leading to a reduced number of security engineers. What we do envisage is information and empowerment. Rather than manually having to check this, that, and the other, we're looking at having these tools available and for them to produce actual results. We definitely see this tool helping us do that.

It's pretty complete for preventing threats to endpoints. Its capabilities are great.

The solution's automated detection and response capabilities are pretty good. It really depends on how aggressive we want to be with it. We've not deployed it in the most aggressive way you can, such as shutting down everything, because we've not deployed it in a greenfield site. It has not been deployed with that in mind. It has been deployed as an add-on service. As such, we don't want to be as aggressive as some top security firms would recommend we should be.

We do like the product, although there are quite a few things that we're asking our Check Point account team to enhance, where we think we probably could get more features from it.

We use a couple of Check Point products, like SmartEvent, and SandBlast Agent is not really integrated into that. We haven't gotten the reports working yet. We are working with the account team and trying. As I said, it's still relatively new in terms of what we're trying to achieve. We probably should have had more Professional Services come and help us. But, from our company's point of view, especially at this time in the market, the finances are just not there. But from what I've seen so far, I don't think there's enough integration into SmartEvent. That's something that I've asked our account team to try to focus on in the next versions or as an enhancement request.

Integration and deployment are probably the weakest points, and maybe service as well, although they are still at the high end. Would we go out to market and buy this on its own? Probably not, is the honest answer. But because it is a Check Point product and the licensing comes as part of it, it gives us this time to go and prove that, when it's together with all the other products that we have from Check Point, it certainly integrates very well. Would I go and buy this just as a standalone service if we didn't have Check Point firewalls? Probably not.

We're relatively new to Check Point SandBlast Agent, once they put it onto their firewall platform with the new environment. It comes built-in for the first year, including the cost. We've sampled it, starting about four months ago.

We had seen it work before. We had demos with it, but it was always something that seemed would be a nice feature to use, but not something the business wanted to buy into, per se. Now that it comes as part of the package for the first year, we thought we'd give it a go and see how it gets on.

I've had no problems from a stability point of view. It just seems to work.

It's definitely scalable. It's whether there is a business appetite. When we get a new firewall, we'll enable it and run it through the service. It's scalable to retrofit. We could do that and we could run that very easily, but that would involve a commercial spend, which at the moment, no one wants to do. We understand that, but the solution is certainly something that is of interest to various people.

If we get approval then it will move from a PoC to across-the-board. At that point, there would be between 100 and 200 people using it and thousands of agents. It could be scaled out to our whole organization. Again, it's funding-dependent.

We have Diamond Support, so it's very good, but we pay for the privilege. We have one engineer and a separate TAC team.

We had a solution but it wasn't really a similar solution. This is the first of its kind for us, for what it does. We do have antiviruses, so that the machines aren't just dead, and we do have our own hybrid package of something that, if you add four of them together, maybe adds up to half of this, but no similar package.

It's relatively easy to set up. There's plenty of documentation out there for how you do it. The way we've done it is probably the easiest way of doing it. We're not going all-out. We've gone with a small approach, mainly due to commercial reasons.

Our implementation strategy is just to switch it on in our new firewalls and see what happens, honestly. That's not always the best approach, but we switch it on in learning mode to give us information on what's out there and to see what we didn't know.

It took us about three weeks with the first two firewalls, and that doesn't include the firewall build time. That's just setting up everything else and the integration piece. There were two of us involved, me and a colleague. There were "dotted lines" into others, such as our IT risk team where we were asking, "Hey, is this what you want to see?" We're not really offering it as a full service, it's a PoC. If it goes live with a view to deploy it to all of our firewalls and all of our endpoints, I wouldn't say we would need any more people. It would be part of our operational team. The same is true for the risk team. I don't think we would need to get more people, although we see the IT risk team having more of an input.

We did it ourselves.  Potentially, if I had an open wallet and a blank cheque book, would we use a third-party? Yes, of course we would, but at the moment that option is just not there.

Return on investment would be not being attacked. Have we seen any? No. Has it identified certain things? Yes. The way we've got to look at return on investment is, all of a sudden we're less vulnerable to attacks. That's a hard measurement to define. Ultimately, not being attacked, and our reputation, is worth a lot more than just a dollar figure.

The cost-effectiveness of SandBlast is knowledge and understanding what is happening on our network. Do we have some infections? Are we seeing certain things which, without this tool, we would be exposed to? Yes, we are seeing that.

Licensing comes free in that first year or is included in the base package. From a commercial point of view, it really just is the renewal cost, rather than a one-time fixed cost or buy-in. That's for new firewalls. For existing firewalls, we haven't even gotten to that point yet. They don't even want us to look at the pricing. First, we need to think about what the product does. Does it do what it says on the tin? And if it does, then it's a commercial thing. We have quite a good commercial model with Check Point, so we don't really need to worry about that too much. The pricing should be good.

The licensing, the way they've changed it, is a positive and a negative. Ultimately, Check Point has changed how it operates and now we have to go back and retrofit.

If this does everything it says it does, I don't see any reason that we would use a different product, because this integrates so well with existing Check Point products.

What we've gained is more of an understanding of what's on our network. If I were to go and do this again from scratch, I probably would have looked to integrate more with our Check Point sales team and would have gotten more help from them.

My advice would be to involve your SE. He can help you through a lot more of the options when you deploy.

We don't use the solution’s Management Platform for the creation of virtual endpoint management services in the cloud. We haven't got to that cloud point yet. It's something we could do, potentially. We're going to work with our account team about that. But that's the one of the lessons learned: We did it by just playing around with it rather than doing a full deployment.

I would rate it at nine out of 10. What comes to mind is its effectiveness. Normally, I don't get involved in the costing too much. Is it doing everything that it said it was going to do? Yes it is, at the moment. Could it be enhanced more? Sure. But we have a relationship with Check Point and they do deliver on the RFEs for us. If we say we want it to do this, they'll get their engineering team looking at that.