Check Point Harmony Endpoint Reviews

The platform is our anti-ransomware agent, where it helps us prevent any cyber-attack. We find it intuitive, as it unpacks files and decrypts any hidden malware, thus enabling us to work in a safe environment and keep our own data, as well as that of our customers, safe and secure.

Our work environment is the banking industry and on a daily basis, we handle lots of customer data. This makes us a potential target for malware attacks but with the platform in place, we are able to shun all of that.                       

The platform works on its own and it does not need to have an assigned employee to monitor how it's working, thus bringing efficiency into our company.

It fit well into our environment, allowing us to fight any attempt to corrupt computer resources.

The best thing is that it fits into all environments, which gives any organization a chance to use it intuitively without worrying about the nature of their industry.

Some of the less tech-savvy users sometimes find it difficult in adjusting and learning how to use the platform.

In some areas, the user-communities that ought to help are not readily available. Perhaps in the future, the vendor ought to send a sales representative or a knowledgeable person to each buyer to assess how they are using the platform. In case of any challenges, they should help them in using the platform efficiently.

I have been using Check Point SandBlast Agent for more than five years. 

This platform has been reliable, through and through, since we started using it.

The vendor offers reliable customer support services to users who may be stuck somewhere in using the platform. This ensures that one continues to receive stable services from the platform.

Our company works in the area of developing and delivering online gambling platforms. The Check Point Next-Generation Firewalls are the core security solution we use for the protection of our datacenter environment, located in Asia (Taiwan).

The environment has about 50 physical servers as virtualization hosts, and we have two HA Clusters that consist of 2x5400 hardware appliances, managed by an OpenServer Security Management Server on a Virtual Machine (KVM), all running on R80.10 with the latest JumboHotfix.

The Check Point Antivirus software blade is one of the numerous blades activated on the NGFWs and serves for security improvement in the area of scanning files that are traversing the network for the presence of viruses or other malicious software.

The Check Point HA Clusters are used to protect our company's datacenter, located in Asia (Taiwan). This software blade, the Check Point Antivirus, is activated in conjunction with the others and serves to scan the files traversing via the network. They may be in the form of email attachments or via HTTP/S.

Such files are scanned for the presence of known viruses and malware with the help of the built-in database. The database is updated as per schedule, which for us is four times per day.

The software is quite simple to use, yet still efficient. The antivirus scans are the basic security mechanism, which should be implemented on all the levels. In my opinion, the Check Point Antivirus does its job just right.

1. The Antivirus software blade is part of the Next Generation Threat Prevention license bundle.
   
2. The Antivirus is able to scan files downloaded from the internet or traversing the network via Check Point Gateways/Clusters.
3. The Antivirus software blade is configured via the Unified Threat Prevention policy in the Smart Console (at least for R80.10, the version we use).
4. There is almost no impact on the security Gateway/Cluster performance after the activation of the blade, especially if you don't scan nested archives.
5. The updates for the blade are downloaded every two hours.
6. As with the other Check Point blades, the visibility and logging of events are outstanding.

I think that the pricing for the Check Point products should be reconsidered, as we found it to be quite expensive to purchase and to maintain. Maintenance requires that the licenses and the support services be prolonged regularly.

Alternatively, they should create some additional bundles of the software blades with significant discounts in addition to the current Next Generation Threat Prevention & SandBlast (NGTX) and Next Generation Threat Prevention (NGTP) offers.

We also had several support cases opened for software issues, but none of them were connected with the Check Point Antivirus software blade.

We have been using this product for about three years, starting in late 2017.

The Check Point Antivirus software blade is stable and we haven't faced any issues with it.

The Check Point Antivirus software blade scales well with the gateways we use, since it doesn't affect the overall performance much after activation.

We have had several support cases opened, but none of them were connected with the Check Point Mobile Access Software Blade. Some of the issues were resolved by installing the latest recommended JumoHotfix, whereas some required additional configuration at the OS kernel level.

The longest issue took about one month to be resolved, which we consider too long.

No, we didn't previously use another network antivirus solution.

The setup was straightforward. The configuration was easy and understandable, and we relied heavily on built-in objects and groups.

Our deployment was completed by our in-house team. We have a Check Point Certified engineer working in the engineering team.

Choosing the correct set of licenses is essential because, without the additional software blade licenses, the Check Point gateways are just a stateful firewall.

No, since we had Check Point NGFWs implemented, we just enabled the new software blade.

Our primary use case for this solution is Antivirus capabilities. These include Antimalware, Antibot, Anti-Ransomware, and Threat Emulation and Anti Exploit. We have a mixed environment that includes Windows 2012 R2 Windows 7 Windows 10 and macOS 10.xx. We also use VMware. 

The client has been installed on all servers, PC,s, laptops and MAC machines. 

We need all this infrastructure monitored for malicious activity and reporting if something happens in realtime. This solution has worked very well.

In the past, we have experienced virus problems on our network. It has come in through email attachments, USB drives, internet websites, and so on. The current solution was not performing well. Since we implemented  Checkpoint Endpoint Security we have had no infection thus far. It is able to scan all email attachments, lock the ability to use external USB drives, and scan rouge internet traffic. We are very satisfied with this solution. Since its implementation, we have had no loss in data and no loss of revenue.

One of the most valuable features is the Threat Emulation and Threat Extraction. These features are able to scan email attachments before the user is able to access the file and then provide a safe copy of the attachment. Malicious files never get to the users' machine. This is a very valuable feature of this solution.

The Zero Phishing feature is also very valuable. This feature has the ability to scan the username and password fields on a website before you enter your credentials and verify if the site is legitimate. This brilliant feature prevents the stealing of account information.

As I understand there will be a URL filtering feature included with the browser agent in the future. This will allow URL filtering without the need for a Gateway Device. This is something I am looking forward to and would be a great addition to a list of features.

The best improvement to the product that can be made is to make it less resource-intensive so it may work effortlessly on slower systems.

The ability to push the Endpoint Client over the network without the use of 3rd party solutions would be an asset.

I have been using and implementing this solution for about three years.

My impression of the scalability of the this solution is positive. It can be don't with minimal affect on production. 

They attend to your needs in a timely manner. They are well educated in the product.

We did use a different solution in the past. It was not performing well and we were always getting infected by malicious software. they made us switch to Checkpoint Endpoint Security.

The initial setup is straightforward and can be done by less technical staff.

It was done by an in-house team.

Setup costs can be kept to a minimum as Check Point offers Cloud Management which eliminates the need for on-premise hardware cost.

We did evaluate Avast. Which was not performing well. We also evaluated Kaspersky. Their client was a bit to resource-intensive.

Check Point Endpoint Security just works. You will not be disappointed.

Check Point Antivirus has a great design for network, security gateway deployment, threat detection, and prevention.                                              

Check Point Antivirus is a valuable tool for organizations because it helps them secure the network and data.                                                                              

The most valuable features of Check Point are threat cloud integration, sandboxing, and behavioral analysis.

Performance and resource consumption should be reduced. 

Additional features should be EDR, Advanced sandboxing technology, deeper cloud integration, etc.                                                                                         

I have been using it for the past four years.

The stability is good.

Scalability is good.

The support is good.

Positive

The initial setup is excellent.

We did the implementation in-house.

We have seen good ROI.

We also evaluated CrowdStike Falcon and Sophos Intercept X.

We use the solution for endpoint security.

The solution provides endpoint security, ransomware protection, endpoint detection, and response. Also, cloud-based management is a good feature with an excellent catch rate.

If you're using an endpoint that does not have sufficient resources, it would be very tough to use. Most of them will shut down, but it works well with the detection so far. The solution can reduce the impact of the endpoints.

The performance impact should be improved. Also, the tool should have the ability to search for files. It could make on-premise deployment easier. They might have blocked ports and the control makes it more difficult. They can make implementation much easier even with what they have.

I have been using Check Point Harmony Endpoint as a reseller for three to four years.

The solution is stable.

It is a very scalable solution. It is well-suited for medium business. I rate the solution’s scalability a nine out of ten.

Technical support is responsive.

The tool is easy to set up but the on premise management is difficult. The deployment takes three hours to complete.

I rate the initial setup a seven out of ten, where one is difficult, and ten is easy.

The solution is reasonable, but there are cheaper solutions out there.

Smaller customers go with the cloud, whereas the bigger ones opt for on-premise management.

I recommend the solution.

Overall, I rate the solution an eight out of ten.

Check Point Harmony Endpoint is used for protection.

The most valuable feature of Check Point Harmony Endpoint is it can be used for all kinds of endpoints, including mobile phones.

Check Point Harmony Endpoint could improve mobile device management (MDM).

I have been using Check Point Harmony Endpoint for approximately one year.

The stability of Check Point Harmony Endpoint is good.

Check Point Harmony Endpoint is scalable.

The support from Check Point Harmony Endpoint is excellent.

I rate the support from Check Point Harmony Endpoint a five out of five.

The initial setup of Check Point Harmony Endpoint is easy.

For 100 users of Check Point Harmony Endpoint, we only need one person for maintenance.

The price of Check Point Harmony Endpoint is comparable to SonicWall. The price could be a bit lower.

I rate the price of Check Point Harmony Endpoint a four out of five.

I rate Check Point Harmony Endpoint an eight out of ten.

The solution is primarily used to protect us. It's a tool that we have installed on all the users from sales.

Overall, it's a good tool. It's doing a good job for what it is designed for.

It is easy to set up.

The solution is stable.

It's a scalable product as it is a cloud offering.

You can layer in this solution with others. I like layering myself with various technologies, depending on the environment we're working in.

The product offers good pricing.

Everything can always be improved. Specifically, there are gaps when it comes to security.

I've been using the solution for a couple of years now.

If you go by the recommended version, yes, it's stable.

The cloud offering is scalable. 

We have about two hundred or more users on the solution. 

We're also using Sophos.

The solution is very straightforward to set up. It's not overly complex or difficult. 

To set it up from the server-side, the deployment takes a couple of hours. To set it up from the user side, it's a couple of minutes.

The product is reasonably priced. It's not overly expensive. 

Currently, we're looking at CrowdStrike. We have not yet bought it. We're currently talking about options. I'm already set with a good partner on it and just discussing right now, discussing what is best suited as a product, rather than pricing.

I am a customer and an end-user.

I'm not sure which version we are using currently, however, it is visible in the portal. The solution is a software as a service. 

I'd rate the solution nine out of ten.

The first use case is to detect malware as well as advanced threat protection for known, unknown, and zero-day malware, sandbox emulation and extraction, and enhanced by automated endpoint forensics analysis. 

Zero-day attacks are a risk for the company which seemed very important to us, plus the sandbox in the cloud. We have a cloud console that is easy to use and easy to monitor.

The details of our environment are Harmony Endpoint Advanced for 100 on-premise users with cloud managment console, and support for one year.

It has improved the detection of malware. We are very satisfied with the friendly and easy-to-monitor console. We chose the advanced version as it seemed very important to have advanced threat protection for known, unknown, and zero-day malware plus sandbox emulation and extraction, enhanced by automated endpoint forensics analysis.

At the moment we are very satisfied and confident with Check Point.

All of these features quoted below are valuable for us, as the set of solutions is what makes the solution really valuable. 

• Endpoint Threat Prevention features
• Web Protection (malicious sites/URL Filtering)
• Anti-Ransomware
• Anti-Bot
• Anti-Exploit
• NGAV
• Anti-Virus
• Forensic collection and automated reports
• Threat Hunting
• Sandbox Emulation and Extraction (CDR)
• Endpoint Access Control Features
• Endpoint Firewall
• Application Control
• Port Protection
• Endpoint Compliance
• Remote Access VPN

If we had to choose one, we really like the EDR included.

The Check Point Harmony Endpoint is a very complete solution. Even in the most basic version, it already includes EDR, which today is very important and something that all endpoint solutions should consider having from the most basic versions. We would like to have one more step and that's to give and have full-disk encryption.

Compared to other brands, we would like a dedicated anti-spam to be included in order to close the full circle. We could have it with Check Point Endpoint, mobile, cloud, or firewall. An all-in-one console would be great.

I've been using the solution for six months.

The stability has been positive.

The scalability has been positive.

We did not have any problems. We got good solution training

Positive

We did not previously use the solution.

We had a positive experience with the implementation via a vendor. 

Our ROI has been positive.

If you need the on-premise management console, you have to pay an additional cost. It's not much, however, it's good to ask for a quote.

We also looked into Sophos.

We primarily use the solution for protecting our endpoints from malware. We've provided features to group the endpoints and apply specific policies by including or excluding them in a certain policy group. 

It's great for endpoint security and protection. We are using the VPN feature as well to connect to the corporate network of our organization, which is a good feature. It's used for scanning malware and other malicious files on endpoints which greatly enhances our security posture for endpoints, including Windows and Macs and other operating systems as well. 

Check Point Harmony Endpoint benefits a lot to organizations by providing endpoint protection. There is centralized management through the Harmony portal, which is really nice. 

It is quite easy to use and deploy the agent on endpoints to protect them from bad actors. 

Daily signatures updates are really good and helpful in protecting against zero day vulnerabilities and exploits. 

The firewall and application control greatly improves our security posture. End users are unable to install any suspicious or malicious apps in our environment. 

The sandblast agent, policies implementation, and logs are quite valuable aspects of the solution. 

Threat emulation and anti-exploits are great features to protect the endpoints. 

The remote access VPN within the endpoint agent is quite easy to set up and use. 

The Harmony portal allows us to do a single sign-on using our active directory which makes the life of admins easy. 

Harmony Endpoint scans all website before opening and also scans fields on the website that protects from XSS and CSRF attacks which is really an advanced level feature. 

The endpoint scanning tools are quite enhanced and detect most malicious files. 

Sometimes the portal loads slowly which should be improved. 

There should be an easy option for the administrator to turn off or disable malware protection on a specific asset or computer instead of adding a specific asset in a Disable group as that will make it easy for the admin to disable if and when required for some testing purpose. I would like this feature to be added. 

Logs searching also needs to be more quick and enhanced and more metadata should be stored in the logs for Endpoint for a better view for admins. 

I've been using the solution for two years.

I have found the Zero phishing and IPS features the most useful in Check Point Harmony Endpoint. Additionally, threat emulation sandboxing is effective.

The management in Check Point Harmony Endpoint could be improved.

In a future release, the solution could add more threat intelligence features.

I have been using Check Point Harmony Endpoint for approximately three years.

The solution is approximately 80 percent stable. It can have some bugs at times and can show very unexpected behaviors.

The support could improve, there are long wait times, and the agents are not properly trained. The troubleshooting is complex.

There are a lot of complications in the implementation. There are a few bugs and there is not enough documentation.

My advice to others is they need to have Check Point expertise internally, if they don't have any in-house Check Point expertise, I wouldn't recommend this product.

I rate Check Point Harmony Endpoint a six out of ten.