Check Point Harmony Endpoint Reviews

We are using Check Point Endpoint security to protect our remote users, as well as our roaming users that are accessing our on-premises resources externally.

We have come to know that our remote and roaming users are completely secure with Check Point Endpoint Security. With this confidence, we are now planning to roll out this solution for our on-premises resources, including machines and devices, as well. This will give us complete endpoint security.

Check Point Endpoint Security has improved our organization with features that include Security, Management, and Reporting. We have not yet rolled it out for all users, but that is our intention.

With this product, the data accessible by our endpoints is secure.

We have zero-day protection, which is not available with our other endpoint protection solution. That is the reason we preferred to implement Check Point Endpoint Security.

Finally, from a management perspective, the single point of control makes it more manageable.

The most valuable feature is the Zero-day protection, which covers our on-premises users, and well as those users who are outside of our network. 

With Zero-day protection, we have complied with our customer-specific policies as well.

Most of our users are working on customer-related projects and today, everybody is looking to have zero-day protection at the endpoint level, as well as to protect against unknown threats or viruses.

As of now, product-wise, we haven't found any major concern that needs to improve, although it does not support full MDM and this is something that should be there.

We have been using Check Point Endpoint Security for the last six months.

Scalability is very good and there is no such concern for this solution.

The cost is huge compared to other products that are available on market.

We haven't evaluated other products but we know there are many that are cheaper than Check Point.

In my opinion, it is a very good solution for organizations with a complex environment. We can secure it. From a security perspective, we trust only Check Point endpoint security. This product is a market leader.

The platform is our anti-ransomware agent, where it helps us prevent any cyber-attack. We find it intuitive, as it unpacks files and decrypts any hidden malware, thus enabling us to work in a safe environment and keep our own data, as well as that of our customers, safe and secure.

Our work environment is the banking industry and on a daily basis, we handle lots of customer data. This makes us a potential target for malware attacks but with the platform in place, we are able to shun all of that.                       

The platform works on its own and it does not need to have an assigned employee to monitor how it's working, thus bringing efficiency into our company.

It fit well into our environment, allowing us to fight any attempt to corrupt computer resources.

The best thing is that it fits into all environments, which gives any organization a chance to use it intuitively without worrying about the nature of their industry.

Some of the less tech-savvy users sometimes find it difficult in adjusting and learning how to use the platform.

In some areas, the user-communities that ought to help are not readily available. Perhaps in the future, the vendor ought to send a sales representative or a knowledgeable person to each buyer to assess how they are using the platform. In case of any challenges, they should help them in using the platform efficiently.

I have been using Check Point SandBlast Agent for more than five years. 

This platform has been reliable, through and through, since we started using it.

The vendor offers reliable customer support services to users who may be stuck somewhere in using the platform. This ensures that one continues to receive stable services from the platform.

Our company works in the area of developing and delivering online gambling platforms. The Check Point Next-Generation Firewalls are the core security solution we use for the protection of our datacenter environment, located in Asia (Taiwan).

The environment has about 50 physical servers as virtualization hosts, and we have two HA Clusters that consist of 2x5400 hardware appliances, managed by an OpenServer Security Management Server on a Virtual Machine (KVM), all running on R80.10 with the latest JumboHotfix.

The Check Point Antivirus software blade is one of the numerous blades activated on the NGFWs and serves for security improvement in the area of scanning files that are traversing the network for the presence of viruses or other malicious software.

The Check Point HA Clusters are used to protect our company's datacenter, located in Asia (Taiwan). This software blade, the Check Point Antivirus, is activated in conjunction with the others and serves to scan the files traversing via the network. They may be in the form of email attachments or via HTTP/S.

Such files are scanned for the presence of known viruses and malware with the help of the built-in database. The database is updated as per schedule, which for us is four times per day.

The software is quite simple to use, yet still efficient. The antivirus scans are the basic security mechanism, which should be implemented on all the levels. In my opinion, the Check Point Antivirus does its job just right.

1. The Antivirus software blade is part of the Next Generation Threat Prevention license bundle.
   
2. The Antivirus is able to scan files downloaded from the internet or traversing the network via Check Point Gateways/Clusters.
3. The Antivirus software blade is configured via the Unified Threat Prevention policy in the Smart Console (at least for R80.10, the version we use).
4. There is almost no impact on the security Gateway/Cluster performance after the activation of the blade, especially if you don't scan nested archives.
5. The updates for the blade are downloaded every two hours.
6. As with the other Check Point blades, the visibility and logging of events are outstanding.

I think that the pricing for the Check Point products should be reconsidered, as we found it to be quite expensive to purchase and to maintain. Maintenance requires that the licenses and the support services be prolonged regularly.

Alternatively, they should create some additional bundles of the software blades with significant discounts in addition to the current Next Generation Threat Prevention & SandBlast (NGTX) and Next Generation Threat Prevention (NGTP) offers.

We also had several support cases opened for software issues, but none of them were connected with the Check Point Antivirus software blade.

We have been using this product for about three years, starting in late 2017.

The Check Point Antivirus software blade is stable and we haven't faced any issues with it.

The Check Point Antivirus software blade scales well with the gateways we use, since it doesn't affect the overall performance much after activation.

We have had several support cases opened, but none of them were connected with the Check Point Mobile Access Software Blade. Some of the issues were resolved by installing the latest recommended JumoHotfix, whereas some required additional configuration at the OS kernel level.

The longest issue took about one month to be resolved, which we consider too long.

No, we didn't previously use another network antivirus solution.

The setup was straightforward. The configuration was easy and understandable, and we relied heavily on built-in objects and groups.

Our deployment was completed by our in-house team. We have a Check Point Certified engineer working in the engineering team.

Choosing the correct set of licenses is essential because, without the additional software blade licenses, the Check Point gateways are just a stateful firewall.

No, since we had Check Point NGFWs implemented, we just enabled the new software blade.

Our primary use case for this solution is Antivirus capabilities. These include Antimalware, Antibot, Anti-Ransomware, and Threat Emulation and Anti Exploit. We have a mixed environment that includes Windows 2012 R2 Windows 7 Windows 10 and macOS 10.xx. We also use VMware. 

The client has been installed on all servers, PC,s, laptops and MAC machines. 

We need all this infrastructure monitored for malicious activity and reporting if something happens in realtime. This solution has worked very well.

In the past, we have experienced virus problems on our network. It has come in through email attachments, USB drives, internet websites, and so on. The current solution was not performing well. Since we implemented  Checkpoint Endpoint Security we have had no infection thus far. It is able to scan all email attachments, lock the ability to use external USB drives, and scan rouge internet traffic. We are very satisfied with this solution. Since its implementation, we have had no loss in data and no loss of revenue.

One of the most valuable features is the Threat Emulation and Threat Extraction. These features are able to scan email attachments before the user is able to access the file and then provide a safe copy of the attachment. Malicious files never get to the users' machine. This is a very valuable feature of this solution.

The Zero Phishing feature is also very valuable. This feature has the ability to scan the username and password fields on a website before you enter your credentials and verify if the site is legitimate. This brilliant feature prevents the stealing of account information.

As I understand there will be a URL filtering feature included with the browser agent in the future. This will allow URL filtering without the need for a Gateway Device. This is something I am looking forward to and would be a great addition to a list of features.

The best improvement to the product that can be made is to make it less resource-intensive so it may work effortlessly on slower systems.

The ability to push the Endpoint Client over the network without the use of 3rd party solutions would be an asset.

I have been using and implementing this solution for about three years.

My impression of the scalability of the this solution is positive. It can be don't with minimal affect on production. 

They attend to your needs in a timely manner. They are well educated in the product.

We did use a different solution in the past. It was not performing well and we were always getting infected by malicious software. they made us switch to Checkpoint Endpoint Security.

The initial setup is straightforward and can be done by less technical staff.

It was done by an in-house team.

Setup costs can be kept to a minimum as Check Point offers Cloud Management which eliminates the need for on-premise hardware cost.

We did evaluate Avast. Which was not performing well. We also evaluated Kaspersky. Their client was a bit to resource-intensive.

Check Point Endpoint Security just works. You will not be disappointed.

We use this solution for endpoint protection in our office.

In the tests that we have done, this solution is working okay. We were under an attack in our environment, and the Check Point response was good because we didn't lose anything.

The antivirus is not as friendly as other solutions and can be improved. 

We would like to have the ability to stop and restart the service remotely, which is something that we can do easily with Symantec but have a hard time with when using Check Point.

We have been using Check Point Endpoint Security for one and a half to two years.

We haven't had any issues with stability. It's okay.

I think that scalability is okay.

We have about 300 users.

I have spoken with Check Point technical support here in Portugal a couple of times. These were cases where I had a problem that the integrator could not quickly answer. They usually try to resolve things quickly.

In the past, I worked with Symantec for five or six years. I have also worked with a solution by McAfee. I found that the interface for Check Point is not as user-friendly as these solutions. The initial setup is also not as easy as Symantec.

We switched because of the pricing. Our cost was about $20 USD for each end-user, whereas with Check Point it is $3 USD or $4 USD per end-user.

The initial setup is a little complected in the beginning. I would say that it is of medium difficulty, and not as easy as Symantec.

Our deployment took between seven and ten days because we were transitioning from Symantec to Check Point. We did it slowly, starting in groups of about twenty people at a time. Once we saw that things were working okay, we did the full deployment.

In the beginning, we had help from an integrator. It was partly because our in-house team had some trouble understanding how Check Point works, so they had some problems.

The licensing cost for Check Point is $3 USD or $4 USD per end-user.

My advice to anybody who is researching this type of solution is to consider their budget. This does not seem to be Check Point's area, although they are getting better.

I would rate this solution a nine out of ten.

We use it primarily for mobile phones. That is it. We really aren't using it in depth at all. We're using it just with basic configuration.

The biggest value we found was ease of deployment. I haven't really used it much, so I can't really comment beyond that. I haven't used it much, but it's working.

It isn't exactly the cheapest, but then it's Check Point. The price could be improved.

I'd also love to see them add full MDM support, but I appreciate that that's not the product market. If it did come in, I'd be more than happy to look at additional modules. It was probably one of the easiest products I've ever had to deploy it, but if it's not capable of doing MD, then that's going to impact its usefulness to us.

I haven't had any problems with the stability of the solution.

We've had no issues with scalability so far. We're not using it very extensively at all. I use it for less than 30 people. It's not like we're using it on thousands and thousands of machines, but I don't foresee any issues with it if we did.

We have less than 30 users, currently. I think there are 15 active at the moment. I've got 15 more licenses to buy, but we're not going to be doing that until after Christmas. We're not in any rush for those.

I haven't needed them. I haven't spoken to them. It really was that simple. It's like buying a microwave meal. You read the instructions, which there are not a lot of, and it works.

The initial setup was easier than anything. It took 20 minutes. I was actually on a holiday and I liked it. I set it up and deployed it all from a mobile phone on a beach. It's that easy.

I didn't need any outside help, apart from the people I bought it from, who actually requested the portal and I got an email address and a password. I got a username or password through my email address and then I had to do everything else myself and it was so easy. It's ridiculous.

I bought them for 12 months and I genuinely cannot remember what I paid for them. I think it's about 100 pounds per user per year, so about 10 pounds a month per person.

It's very basic from what I see. It's not a full MDM solution and it's restricted with other MDM provisions. If you want to use an MDM with it to do other things like your email provisioning to mobile devices, you don't have very many options. I think it's AirWatch, MobileIron, Intune, or SOTI: only the most expensive products. If you want to look at something a little bit cheaper, you've got to pay through the nose. You can't have a cheaper solution as an MDM and run this concurrently. That's why they need to look at integrating with more MDM vendors. 

Other than that, it's okay. It does what it needs to do and it's going to tick a box that protects me for the next 12 months until I'm ready for the next project, which I am not yet. I'm one man trying to deal with 140 users across five different countries. So, I'm flat out and I don't have some time to do all the other bits.

The biggest lesson I learned is just because it's expensive, it's not always the best. If you want it to integrate with other products, though, you've got to pay a lot of money for other products as well. That's the only issue that I've got with that.

I would rate this solution as eight out of ten, purely because there are additional features I'd love to see, but that is it. If you're doing it on the deployment side of things, I'd give it a ten out of ten. If you're looking at the product as a whole, however, there are a few things I think are missing, but only as additional features. Nine out of ten other customers would probably give it a ten out of ten because they don't need the features that I need. For me personally, it is a little bit empty in certain places. There's so much more they could do with that to make it the most awesome market cornering product there is, but it's not there yet.

We primarily use the solution to prevent and detect the abnormalities and viruses on endpoints. 

It's also to monitor endpoints and the use of endpoints when it comes to identifying items like USB sticks, etc. because it's not really in our company policy to allow the use of a USB at work stations.

The most valuable feature is the integration with Check Point's firewalls. You can have one port, and follow the logs from both Endpoint and firewall security.

The solution could improve VPN functionality and the VPN user-interface.

The solution is very stable. We are quite happy with the solution, and we have had very few issues with it.

Scalability is very good. 

Technical support is fairly good. I'd rate it three out five. It's fairly good, but not optimal. 

Check Point could offer better personal support. They have a ticket system, but once you create a ticket, it can take up to seven to days before you get any feedback at all. Depending on the situation or the problem that we have, that's far too long.

We previously had a Cisco solution.

The initial setup was complex. From an IT department perspective, we don't have that many IT technicians, so, for us, it was complex. If we had put an IT engineer on Check Point, it might have been easier. 

Implementation took about two days. The strategy was to do the implementation outside of office hours, so it was actually done over a weekend.

We are outsourcing the maintenance, which is about 4 hours of work a month.

We had a consultant assist us in the implementation.

We pay roughly 80,000 Swedish krona per year. When it comes to the firewall, it's roughly 150,000 Swedish krona yearly. There's also maintenance, of course, which is roughly 10,000 krona per month.

We evaluated a few solutions, including Cylance. We evaluated the existing solutions and compared them to Check Point.

My advice to others considering implementing the solution is, depending of course on if the company is looking for a new kind of firewall solution, is "Don't do it yourself."

I would rate the solution eight out of ten.

Check Point Antivirus has a great design for network, security gateway deployment, threat detection, and prevention.                                              

Check Point Antivirus is a valuable tool for organizations because it helps them secure the network and data.                                                                              

The most valuable features of Check Point are threat cloud integration, sandboxing, and behavioral analysis.

Performance and resource consumption should be reduced. 

Additional features should be EDR, Advanced sandboxing technology, deeper cloud integration, etc.                                                                                         

I have been using it for the past four years.

The stability is good.

Scalability is good.

The support is good.

Positive

The initial setup is excellent.

We did the implementation in-house.

We have seen good ROI.

We also evaluated CrowdStike Falcon and Sophos Intercept X.