Check Point Harmony Endpoint Reviews

Our SOC team uses this solution to observe any unusual behavior or processes running on the endpoint. For example, it is used for phishing detection.

The data is ingested to Splunk.

One of the problems with assessing this type of product is that you don't always know when it's working. You will see when something is wrong, where no threat has been detected. If nothing has happened then you don't know if there was no threat, or instead, the protection was quite good. Also, if no threat is found then it may be that the solution is not good enough to detect these types of malicious activities.

The set of features is quite comprehensive.

The Endpoint security solution integrates with the Check Point firewall services, so it's a combined approach to security.

A unique feature with this product is that it will detect if the user is entering their password on a website, and then block it.

Check Point users a pattern-based security module, which is something that can be improved. Pattern-based security is not the latest architecture and it is insufficient because every day, there are approximately 380,000 new vulnerabilities and threats. Using patterns is difficult because the threats can hide.

I have been using Check Point Harmony Endpoint since I joined the company, several months ago. The company has been using it for longer.

From a stability perspective, I can say that we have had absolutely no problems.

We have not experienced any issues with scalability. We have more than 10,000 users in the company. The users are across a variety of roles. It's used by everybody. As our company grows, the usage also increases.

At this point, there is nowhere we can extend its usage.

I do not have personal experience with technical support so I can't assess them. However, I have heard that it is quite reasonable, so I think that it's fine.

We also use Microsoft Defender for Endpoint.

I am building my own opinion of which is better, between the Check Point product and the Microsoft product. Depending on where you do your research, you get different opinions, although much of that is supplier-driven.

In my former organization, I was using CrowdStrike. It has much better performance when looking only at processes.

I was not part of the implementation because it was in place when I joined the company. 

I have done research on several similar products to try and determine the best-in-class.

From my point of view, I can't see that any features are missing. My primary complaint is that it relies on patterns for threat detection. It does the job, we get our logs, and we get the relevant warnings. Overall, it's a good product.

I would rate this solution an eight out of ten.

There have been improvements in the way our organization functions, as, from an administrative perspective, and being available and taking upgrades out of our court if our users need it, it's going to be out there hanging off of AWS's internet or environment. There is no downtime.  

Theirs (AWS) is probably more highly available than ours. Other than that, it's supposed to be the same product that we were using. It's a Check Point Management Station to a Check Point Management Station in the cloud. Basically, it's not that much of a difference. We have upgraded all the clients since, and we're on one of the later versions of the VPN clients that are supported by the new Management Station. The old Management Station wasn't supporting the newer clients anymore.

The new clients seem to be faster and more stable. Those are improvements that everyone in the company can appreciate. They can VPN and connect faster. They're more resilient. I've noticed that they try to reconnect. If our internet goes out for 20 minutes and you VPN'd in, it will actually reconnect on its own at the same token, which is amazing. Before, if only the slightest instability of the internet connection disconnected you from VPN, you were then required to put in your RSA token and password, and username. That is annoying for people as a lot of people's WiFi's aren't that great and/or they're in some airport or something and might momentarily disconnect.

We love that we don't have to upgrade it anymore. They take care of that.

The upgrade process was nice with the new Management Station compared to the old one. I like how they have the clients already available. I didn't have to download them and upload them as I did with the old Management Station.

We're happy with the solution overall as it takes away the administrative overhead of operating it and patching it and being able to also sign in through the web browser anywhere as opposed to just having to VPN back to our work and connect to the Management Station in order to use it. We can just use the Check Point portal and just use any browser anywhere. That gives us more options, which we like. 

I've noticed they're constantly updating the interface and making it easier to use, which I appreciate. When we first started using it, it was really laggy and it was really slow and it was hard to sort some of the computers and users, however, they make updates almost every time that I log in. It gets better and better every day. It has gotten better and it's not as slow as it was.

There seem to be constant improvements happening, which you can't say for everything. We don't have to upgrade to get the benefits of the improvements, either. That takes a lot off of our plate and allows us to focus on other things. We're taking the good with the bad and the bad seem to be one-offs and we're looking forward to the future.

Therefore, the most valuable feature is its ability to take the management and the administration of the product off of our plate and onto their plate. We don't have to worry about upgrading it, creating downtime, working off-hours, doing all the research and stress of seeing if it's compatible, if there are problems, letting them test it. That's nice. Previously, we would upgrade our products or patch them maybe two to four times a year, depending on if there's a security vulnerability. Each time we do something like that, it was about three to four hours of downtime. Now, that process doesn't exist. 

Before, with on-premise, we had two Management Stations. One was primary, one was secondary and there were two different data centers in case one data center was down. The other one would come up and be the Management Station for all of the clients. Now, in this case, we only have one. It's in their cloud. Their cloud is in AWS. It's a great thing. It's resilient by design and it provides redundancy in a single source of administration for us. We like that too

It would be ideal if they had a migration tool of some sort.

There were some caveats that we encountered on the new Management Station. For example, they had some features that were not supported by older clients. There are the clients that are running on the laptops, and there are the Management Stations, and then we had one on-premise, which was older in terms of the clients that we were running. Then we had the new Management Station in the Cloud that Check Point is administering as it is a SaaS, which is a benefit.

The newer Management Station has features that it enforced on the clients that the clients weren't able to support. For example, Windows Service or Windows Subsystem Linux. Everyone in my company that uses Windows Subsystem Linux, which is about 15 or 20 people, that need it on a daily basis, were running the older clients of course, as they were migrated over the new Management Station and they weren't allowed to use that. It was being blocked automatically due to the fact that that was the new policy being enforced that was literally a tick box in the new Management Station that I didn't set. Even if I enabled WSL, it didn't matter. The older clients couldn't take advantage of the new newer Management Station telling them to use it. That was annoying trying to troubleshoot that and figure it out. tNo one at Check Point really knew that was the problem. It took a while to resolve. We finally figured out upgrading may solve the problem. When we did that, we upgraded those users, however, that created a little bit of an issue in the company, as we upgraded those users. We like to test them with a small group and make sure they're stable and make sure nothing weird happens. We were forced to upgrade them without testing first. 

One thing they still haven't improved on from the old Management Station to the new Management Station, which should totally be an improvement, is when you create a Site List for the VPN clients and you deploy it from the Management Station, you are not able to get that Site List. You have to play around with something called the Track File, which is a miserable process. You have to download the client, decrypt the Track File, edit it, then upload it again to the Management Station and download the client a second time and then test it and make sure the Track File's in the right order of sites as well, due to the fact that it's kind of random how it decides to order the Site List. The Site List is what the clients use to connect to the VPN Gateway, and if you have more than one gateway, for example, for disaster recovery, which we do, then they'll need that list.

It's something they've never improved on, which I was hoping by going to the cloud and having this whole thing recreated. Since it's more advanced I thought they'd have that ability to edit the Site List with the initial download. You should be able to just add the sites and then that's it. That kind of sucks that you can't. 

Other than that, the only other thing I could complain about was that they did this process where they did some type of certificate update on the backend of all of their staff solutions. That created downtime for our VPN clients and they didn't notify us of the certificate update. We're using the product in their cloud as opposed to their product on-premise, which seemed to be more stable in that regard. They didn't communicate that out. However, when we spoke to support after about a week, they told us there was this thing they did the past week, and that's the reason why we had that problem. Everyone that had that product had that problem. That really wasn't ideal.

I've been using the solution for about a year. Maybe a little bit more. 

We've been a Check Point shop for approximately 15 years. We're very well versed in Check Point.

Seeing that it's in the Cloud, I think it's very scalable and I am impressed with that aspect of it.

For this solution, in particular, we are using 100% of the Cloud VPN Management Station and all users are phoning home up into the cloud. We're going to stick with it unless they have some severe outages or certificate updates without telling us like they did last time. Right now, there's no reason for us to change and I'm very pleased with the product.

To set it up, we relied heavily on technical support as it was new. That said, it's really the same ball of wax, so we're good now. It was just the initial setup we needed help with as it was new to us. We hadn't done much. We had to learn how to connect our software clients to the cloud. We had to use special cloud keys that were proprietary to Check Point. It's like learning a new suite from Check Point. 

We literally got on this as it was cutting edge. We're like one of their first customers using their SaaS. We were using their VPN and Smart-1 Cloud before most people. When we were setting it up, we're setting it up with their actual product engineers or whatever. It was interesting.

They changed it a lot since we started setting it up. 

I'd call them to their support and they didn't even know about anything due to the fact that the support wasn't even trained on the cloud yet. They weren't even trained on their Smart-1. They would just say "we don't know about that yet and/or we can't help you." It was kind of funny. I told our sales team that and they got pissed.

They called them and they're like, no one should ever tell the customer that you don't know about this yet and it became a big deal in Check Point. 

That said, I'd rate their service as pretty high. I respect those in the endpoint or firewall department as they largely understand what's going on. At the same time, they do need to get people more people trained up. They don't seem to have trouble keeping people around for a few years so that they learn.

After signing up with Check Point, the migration of users took about a month and a half. 

We had to build out the Management Station in Check Point too and that took from probably January to almost July as we had to build it from scratch. They didn't have a migration tool for our current policy, as it enforces firewall policy on the endpoints locally on the local firewall and that wasn't ideal. We had to build that whole Management Station from scratch.

I had to go back and forth between the on-premise Management Station and the Cloud Management Station and literally look at every single feature, every single function, every single rule. I had to recreate every single object. I had to recreate every single everything. That took a very long time.

It was very manual. It's literally two screens and comparing items. That took a couple of months while doing other things, of course. However, that was my priority for about a month and a half. I worked on that a lot. I wish they had a migration tool, like a migrate export for the policy and the features. Once that was created, however, everything pretty much worked. That said, there were a couple of caveats. 

We're customers of Check Point.

I've been working on setting it up and migrating users from the on-premise platform since January of this year. This is their Cloud Endpoint, VPN Management Station versus their on-premise VPN Management Station for Endpoint. We had to migrate the users from the on-premise version using a special tool that you have to ask them to make, which is kind of weird, however, their product is so new that that's the way that they do it. I had to deploy that tool to all the users in our company and that switched them over to their Cloud Management Station.

I'd rate the solution at an eight out of ten. There's room for improvement, however, I respect it and it works well.

We are using the Antivirus blade to protect our organization against threats such as viruses/malware that could propagate in our information system and harm it in various ways. 

Thanks to the important database maintained by Check Point that relies on this blade, we can enforce a strong security policy on our devices and be compliant with the latest best practices regarding internet threats. 

We operate several firewalls in our organization and we especially need this kind of efficiency on the internet-facing ones.

The Antivirus blade has improved our organization in several ways, including having better global security against viruses and malware, having better visibility and protection regarding files that go in and out of our company, offering better scaling and integration with other security products, and probably offering better threat management. 

It globally helps us in having centralized management of all internet content, which is efficient in terms of managing exploitation and helps our technical support teams to fulfill their daily missions.

One of the features that we find most valuable is the simplicity of the configuration through the Smart Console interface. 

It is very easy to manage the Antivirus blade, even for newcomers in our technical support team, which is a key area of interest for us. 

Also, the sandbox feature is very interesting as it can automatically isolate an infected machine from the network, which is valuable. 

We could also talk about the real-time detection scan feature that can monitor files as they are being accessed, which allows for a quicker response time.

It may be interesting to improve this solution against zero-day attacks, as they happen very frequently and are clearly a severe threat. 

On a more practical level, the complaint opening process through technical support could be better, as it must be done through the portal only for now. 

On a financial level, prices for CP products could be improved. We know for sure that they are all high-quality products, however, sometimes it doesn't justify high prices on some products.

We have been Check Point Antivirus for two years now.

The solution is easily scalable among CP devices.

We used the Stormshield solution and we switched to have a better integration with other security devices.

The setup can be painful, and pricing/licensing can be high. That said, the quality is there.

Yes, we also evaluated Fortinet.

Kaspersky is suitable for small and medium-sized businesses (SMB), while Harmony is for enterprise segments. There are different requirements for enterprises versus SMBs. At an SMB, one administrator handles the firewall, network, and endpoints. You have more specialization in an enterprise. So at a larger scale, where you have a 5,000 or 10,000 users use case, Harmony helps pinpoint where security is lacking on a particular machine. 

Harmony's endpoint sandboxing is really good.

I haven't had any difficulty deploying Harmony for up to 5,000 users.

Check Point support is really good.

Harmony is very easy to deploy.

Check Point Harmony is definitely pricier compared to other endpoints.

I rate Check Point Harmony 10 out of 10. It's a unique product. It's the best in this class. I feel that Harmony is better than Crowd Strike or any other similar solution in that class. However, I would like to see more competitive pricing and better training for partners. 

We primarily use the solution for anti-malware. We installed it on around 300 systems. Since we required some application to safeguard ourselves in this situation of work from home, so we were evaluating Antimalware products. 

After some research, we finalized Check Point and took a demo. The product seems fine as per our scenario and fits current conditions. We were evaluating it for work-from-home situations. it had a multifeatured tool that helps in safeguarding the current digital attack vector for organizations of all types.

It helps in safeguarding our infra from malicious attacks. However, initially, we faced lots of challenges while implementation as the vendor who was implementing it made blunders, which resulted in chaos for the organization. 

Our team worked almost 24/7 for 3 to 4 weeks to resolve the issues. We haven't requested the encryption feature, yet they implemented it. Our laptops were already encrypted, so it started decryption and re-encryption, which was a nightmare for us. We are still facing a few challenges for which we couldn't find any reason for the issues we've since found that were not there before installation.

We found all features valuable - other than the encryption since we were already using that feature. Since we required some application to safeguard ourselves in this work from home situation. We were evaluating anti-malware products specifically. 

There can be scenarios where this encryption feature will be applicable and fruitful if it is implemented with proper planning and organized with respect to a particular organization. There have to be proper requirements gathering and a plan to work effectively.

There are improvements required in terms of accuracy. It gives you an alert for malicious sites, which, after searching on the Google database, don't come out to be the same.

There can be scenarios where specific planning will be required before even giving thought to implementing it into an organization - be it small, medium, or large. Everything needs to be organized with respect to each particular organization. There has to be proper requirement gathering and a plan for the SOW to work accordingly. 

I would suggest that the Check Point team always allocates an SME to all the vendors before implementation as it will improve the first impression. In my case, I had pretty much faced disaster after implementation that I would not suggest anybody go with the product.

The product needs to improve the security infra.

I've been using the solution for three months.

In terms of stability, I would rate it at a five out of ten. There were issues like once a version was installed and was not working properly, even the checkpoint team couldn't uninstall it and as a result, we had to format the system. few cases were reported for software installed but was not visible in the control panel.

The scalability is good.

Our ROI has been neutral.

Cost-wise it's cheaper than other options.

We did evaluate another solution. However, I can't reveal the name.

We primarily use the solution as an antivirus. We want to protect our systems from malware and viruses.

We are still doing work from home and we are not sure how long this will last. Before Check Point Harmony software, we depended on Windows Defender Antivirus, but we realized that it was not so good. We wanted some good AV so that users who are working on a VPN would have an antivirus installed on their system. 

Also, we wanted a sandbox feature so that, if any machine got infected, we can automatically isolate it from the network.

When starting, we faced many issues. It was due to a partner mistake, however. The partner gave us the wrong setup which caused laptops to crash and it lowered the efficiency. We escalated to our Check Point sales account manager. He immediately set us up with some other partner and tried to resolve the issue. He found the root cause, but still, we needed to format the system. It has been more than 3 months, and now the user's system is working fine. 

We always receive alert emails from Check Point regarding malware or virus status, which is helpful.

We like the sandbox feature. If any machine got infected, it would get automatically isolated from the network. As such, we haven't faced any issues. We like that we have an option to isolate. 

The alert email from Check Point is also very valuable. If any machine didn't get a scan or has a virus due to visiting various websites on a browser, it automatically sends us an email to warn us. Accordingly, we can take action on that particular machine. 

Overall, the antivirus is good.

Technical support could be better. When we register a complaint, we need to register it via the portal only, which is atime consuming.

When we register the complaint, it says there's a minimum of four hours of turnaround time which is high. It should be a minimum of 60 minutes. 

The GUI of Harmony is very slow to upload. I'm not sure if it is due to the internet, but still, at times, we found that when we click on any tab, it takes a minimum of five seconds to get it open.

All other things are okay from our end.

One feature we want to add is an EDR/XDR into this antivirus module.

I've been using the solution for 4 months.

The stability is good.

I found the solution to be okay. I'm not sure how others are providing the support as we haven't checked that.

Technical support is good.

No, we haven't used any other antivirus. It was by default in Windows.

The initial setup was okay.

We implement it through a vendor. 

I would rate their level of service at a 2 out of 5 where 1 is lowest and 5 is best.

If we talk about ROI, then the solution is good, as we are getting a sandbox feature in it plus the VPN licenses if we have the Check Point firewall.

The setup is okay depending on the partner and what the relationship is with you and your partner. The pricing is okay.

Yes, we have evaluated other options. For example, we've evaluated Sophos.

We primarily use it for end-to-end security for endpoints and the co-relation of events from one single console. We have been able to protect our endpoints with Harmony. The user experience is also good and there is not too much to be done with respect to the endpoint changes (the best part). Features like Threat Emulation/Threat Extraction, Antibot, Anti- Exploit, Anti Ransomware protection, UBA, Zero-day Phishing protection, Behavioral Guard, Encryption, VPN, and compliance makes it more powerful and helpful to our security team in order to protect the environment.

Our organization's overall security posture has improved with Harmony Endpoint protection. This has helped to secure against all modern age threats and risks that came in during the pandemic. 

During the pandemic, the users, for example, have been forced to work from home and that's been forcing the IT to do overtime to protect the endpoints. After introducing Harmany Endpoint we have seen the incident levels going down to close to zero. 

The single dashboard provides complete visibility over endpoint security and the administration can view the actionable tasks to follow up easily without searching across multiple reports/consoles. 

All of the available features are good (for example Threat Emulation/Threat Extraction, Antibot, Anti-Exploit, Anti-Ransomware protection, UBA, Zero-day Phishing protection, Behavioral Guard, Encryption, VPN, and compliance), however, the one I have thought to be very valuable is the Ransomware Protection Feature which has been used widely during the pandemic. It protects as well as saves original file copies to prevent data loss.

Forensic Analysis provides a complete analysis of threats via detailed reports. The threat prevention, which includes a detailed threat landscape is very good.

The VPN connectivity and compliance check are also very good features.

Support's service and the response times can be improved. The triaging of the tickets takes a long time and the tickets are only resolved with escalations. 

With respect to the product, we feel Endpoint vulnerability management is one of the modules that is missing and it is something that is required. Adding this will strengthen the product and help in taking proactive steps towards protecting the environment.

DLP Module & Patching are required from an endpoint perspective. It would be good to add those in an upcoming release/version.

I've used the solution for more than 6 months.

We have deployed it on the cloud which helps it to be scalable and cost-effective.

We were using multiple solutions to protect the environment in the past. These include solutions such as McAfee, Websence DLP, encryption, etc. however, now it is all happening with this one tool and console 

Easy to set up and start using.

A single administrator can manage the complete solution. It's easy to deploy and does not require any additional effort. We're able to have multiple solutions within a single solution.

We implemented the product with the help of our OEM and our in-house team. There were no major challenges during implementation or even in day-to-day operations.

Harmony Endpoint, in terms of the deployment, integration, and setup, costs less than other solutions.

Yes, we evaluated other products as well, however, with respect to feature price and integration availability, we selected this product.

Harmony Endpoint is a good product and scalable with business growth. 

In my organization, we have deployed the Harmony Endpoint Check Point tool with the idea of being able to secure the deployed part of our mobile corporate devices in order to start the security processes at the point as close to the user as possible. 

Using its ease of deployment capacity and its power in detecting malware or insecure elements, this tool provides us with the peace of mind we were looking for in an environment of several thousand terminals deployed on the network in many places and environments.

By using the Check Point Harmony Endpoint tool we have improved our network visibility, have extensive control of our network and our users, and, above all, have a level of security against cyber attacks that we did not have before. 

Now, we are able to detect and avoid security breaks. We can better understand the use that our users make of the devices, and, most importantly, we can apply security policies that keep our users safe as well as the organization's own systems and data. The personal information of our users is also secure.

Right away, we noticed when using Check Point's Harmony Endpoint tool, was the ease of deployment. In our case, it was deployed without too many difficulties, considering the deployment involved several tens of thousands of devices. 

Once deployed, the dashboard and all the inventory information that we had been able to obtain and that we did not know about before proved to be very interesting. 

One of the strengths of Harmony is its power to detect threats and keep us safe. Also the ability to apply policies specifically to users or groups is very useful.

I still don't have a clear opinion of the possible improvements that the tool may need. There are still functionalities that I have not been able to try completely and I would like to spend more time using the tool before offering an opinion to the IT Central community on this point. 

Something that is very important to me is the remediation or recovery capabilities after an attack. From what I have seen so far, this tool maintains the quality line of Check Point products and is always ahead of the needs of the market.

I've used the solution for seven months.

This was the first endpoint tool we use in my organization. We didn't use anything previously.

The only thing I don't like about the solution is the time to pay for the licenses. That said, I really believe that it is a fair price according to the quality of the product offered.

We also looked at Panda Security Adaptive Defense, Cisco Secure Endpoint, ESET Endpoint Security, and Microsoft Defender for Endpoint.

After analyzing and comparing other solutions, we determine that Harmony has the best value for money.