Check Point Harmony Endpoint Reviews

The main use of this product is endpoint security, it is very useful when you are trying to centralize endpoint security management and you want an easy and fast setup, I have used this product in POCs and different size deployments with different kinds of clients. Harmony offers several layers of protection and it fits well with all the Check Point "ecosystem", (It is especially useful when you are correlating security data because it can "talk" with Check Point's XDR Solution in order to get more insights).

There are several benefits that you can get with this solution:

1) You get centralized management of endpoints in your organization and you can be very granular in order to create endpoint security policies for different user groups. This improves overall security and visibility for IT departments.

2) Visibility also offers improvement with purchases and making decisions.

3) Information is easily managed and protected (which is particularly useful in lost or stolen endpoints).

4) It can be used with an XDR system (which is very useful with SOCs).

The most valuable aspects include:

1) Cloud Centralized management. This is particularly useful since you don't have to use any on-premise server, the cloud dashboard is activated without a minimum license number.

2) Several layers of security. It is well aligned with actual threats like ransomware and zero-day attacks and offers traditional layers of security.

3) Visibility. You have a single dashboard for all endpoint information that you need from an IT administrative perspective and in a threat incident you are properly advised.

There are some "weak points" that have to be mentioned, including:

1) If the IT department is used to "cloning" endpoints (making images) you are going to have a hard time trying to install the product and you are going to end up reading a lot of Check Point documents.

2) If you are used to the granularity of roles features in Check Point Quantums products you are going to be a little bit disappointed. You can't set customized roles with customized read/write permissions.

3) You need a mature security team to manage this solution in order to get the most value from it.

I've used this product since its release.

The solution is very stable in the correct context; with its cloud nature, it is unlikely to have any downtime.

The solution is very scalable since the console is a cloud; you only have to buy more licenses in order to grow.

TAC is very useful and its dashboard is very intuitive. You can get web, mail, and telephone support.

Positive

We used several solutions, such as Symantec, ESET, and Kaspersky.

The initial setup is straightforward. It is very fast due to its cloud nature.

We implemented the solution with the help of a vendor team; they have good documentation and are experts.

The ROI is very hard to measure. It is best to take a proactive posture of protecting your assets. 

It is a very good security product yet it is not the cheapest one. Licensing is very easy to understand and it includes Check Point TAC support.

We evaluated various solutions, including Symantec, ESET, Trellix, and Kaspersky.

It is a very mature solution and one of the most secure that exists in the security market share.

We use Check Point to manage email security in our O365 environment.  Our previous solution was unable to remove all of the email spam we had. Check Point integrates with Office 365 to provide advanced threat protection for email. It uses techniques like anti-virus, URL filtering, and threat emulation to stop known and unknown threats. It also offers goes beyond email security. It protects all aspects of Office 365 collaboration tools like SharePoint, OneDrive, and Teams. It can prevent data loss, enforce policy compliance, and block phishing attacks.

It manages to capture more spam with a smaller footprint. It has a single agent and management console to streamline security administration. This can save IT staff time and resources compared to managing multiple security products. The endpoint combines Endpoint Protection Platform (EPP), Endpoint Detection and Response (EDR), and Extended Detection and Response (XDR) capabilities. 

This comprehensive approach can safeguard your organization from a wider range of threats, including ransomware, malware, phishing attacks, and zero-day exploits.

Ease of setup and ability to hook into O365 directly without MX record changes. Check Point offers advanced threat prevention capabilities, including SandBlast Network Threat Emulation and Threat Extraction. These features can identify and stop even unknown threats by simulating real-world attacks in a safe environment. Check Point solutions are designed to scale to meet the needs of large organizations. They can handle high volumes of traffic without compromising performance. Check Point integrates with a wide range of third-party security solutions. This allows you to create a comprehensive security ecosystem that meets your specific needs.

I would like to see a better UI for admin functions. While CheckPoint offers threat prevention through SandBlast, some users feel even deeper integration of Machine Learning (ML) could enhance threat detection and improve automation. This could involve automating security responses and offering threat prediction capabilities. As organizations increasingly move to the cloud, Check Point could further strengthen its cloud-native security offerings. This might involve expanding support for various cloud platforms and offering more granular security controls within those environments.

I have used Check Point Harmony Endpoint for six months.

We haven't had issues or outages so far. 

It seems to be able to scale to any size company. 

Their support has been very positive. It's easy to use. 

Positive

Sophos was our previous vendor, we found their coverage lacking.

The setup was straightforward, it's hands-on config. 

CDW was our MSP. 

We expect to see ROI in 12-16 months. 

My advice would be to state terms upfront and always ask to haggle down.

We looked at Fortinet, Palo Alto, Crowdstrike, etc. 

Make sure to review your solutions every couple years as technology changes. 

I use it for end point protection, and I am also using full disk encryption Harmony both solutions are adopted. 

One of the advantages is the reporting functionality. For example, if some critical data is available on a laptop and the laptop gets stolen - I can remotely wipe it immediately. Because, at the end of the day, apart from the device, the data is important.

So, the zero-phishing feature of Harmony Endpoint, the one I have used, was very good.

Those features are very good. Then, zero-day protection is also very important to us.

We can map the MITRE attack framework along with the Cyber Kill Chain completely.

Sandboxing is a great functionality.

The only drawback is the integration process. For example, I want to integrate with my source platform. It took some time. That's the only concern regarding the integrations.

Check Point Harmony Endpoint doesn't have any XDR kind of solution. DLP functionality and all are not yet there.

And then, the performance also sometimes gets deep. CPU utilization could be further optimized. 

I have been using it for one year. 

I faced some issues with stability. Stability was good compared to other endpoint protection. The only thing is that in the Zero Phishing future, which I like a lot, we can see when people are entering password content and other things. Phishing is important.

Since it's a SaaS platform, we can upgrade only a license. We can get it.

I have experience with SentinelOne. SentinelOne has a feature; for example, if a ransomware attack happened and a particular file was affected, we can retrieve it. If some known files got corrupted, we can roll back the file to the last known good configuration. We can do that. 

But this particular feature is not there in Check Point Endpoint. And then, importantly, USB blocking on Linux machines is not currently available in Check Point Endpoint. It supports only the scanning part, but I don't think it is supporting USB blocking and device blocking.

DLP functionality and all, they are not yet there.

The installation is very easy. It takes around 20 minutes only. 

It requires maintenance. There are a couple of people who handle more than 4,000 endpoints. So if there are more, then I can publish them. That is a one-time activity. After that, only one person can monitor. The SOC analyst is only one guy. The person who manages the endpoint completely, email as well as the endpoint, both.

We have seen ROI. Time was saved. Since it's manual, we need to pay a lot to our team. The time-saving was very good. We can establish connectivity on each agent within 20 minutes.

The pricing is okay. It is in the enterprise range. It is not middle range. It is not so costly, but it is an enterprise.

Overall, I would rate it a nine out of ten. 

We use it for the complete protection of more than 5,000 devices of our company and our customers. 

We have Harmony Endpoint (Advanced) managed from the Check Point Cloud, mostly for Microsoft Windows 7, 8, and 10 devices, as well as Windows Servers (mostly 2012 and 2019). We also have a few protected Linux desktops and server devices. 

As for the protections enabled, we have mainly Threat Prevention (including Antimalware, Antibot, Anti-ransomware, EDR, and Threat Emulation/sandboxing); Firewall, application control, compliance, and port protection modules deployed.

We used to use other security solutions (Windows Defender and Kaspersky), however, we had security incidents that affected us (viruses and ransomware) and they were very difficult to identify or when we did identify them it was already a long time after the incident occurred and we did not know the cause and therefore affected the operability of our company considerably. 

Since we made the decision to move to Check Point Harmony we have had greater visibility of everything that happens on our devices and take a preventive approach rather than a reactive strategy, in addition to being more confident that we have Check Point protecting us.

The characteristics that we find most valuable are its anti-ransomware protection, zero-day phishing protection, web browsing filtering, and vulnerability and patch management. The level of security and visibility they provide is great and it is very easy to configure and maintain. We have almost no false positives. 

A feature that we really like is the ease of management and administration that Check Point offers us, in addition to including the management server in its cloud and the predefined dashboards and reports.

We would love to have more endpoint hardware and software inventory, as well as tools to perform troubleshooting directly on the endpoint remotely. 

A further point of improvement would be to be able to optimize the consumption of resources on the device. 

We would also like the application control module to be further developed in future versions to include applications commonly used or maintained by Check Point in order to be able to configure blocking policies more quickly.

We have been using this product for more than three years.

We have not had any problems with stability so far. It has left us with a good impression.

The scalability of cloud management is excellent.

On the few times we have required support, it has taken us some time to resolve the issues completely, however, in the end, it was accomplished.

Positive

We changed solutions since what we had was not effective against the attacks we see today; besides, the visibility was very low and the management was very complicated.

The initial deployment was simple and the solution gave us several tools to do so.

We deployed via an in-house team.

In three years, the expected ROI was achieved.

The management of the solution is very simple and the deployment tools are diverse, which greatly reduces the workload. Licensing is also quite simple with three main options and some add-ons. 

It is licensed per device (whether it is a desktop, laptop, server, etc.), and the price is very attractive and competitive.

We evaluated other options including Cisco AMP and Fortinet EDR.

I'd recommend users to be careful with low-resource devices as the solution has several security modules that can affect the performance of these devices. In our case, we had some old machines where we grouped them and created a more optimized policy for these legacy devices.

We use the solution in hospitals. 

The tool's most valuable feature is its ability to support Windows 7 and other legacy products. We still have users for such systems in the Philippines. I also like its threat-handling and forensic capabilities. The tool is easy to navigate, read, and digest, and its detection capabilities are also good. The solution has good reports that are easy to read. 

Check Point Harmony Endpoint's GUI is old. It needs to have a modern dashboard for logging activities. Compared to other products, the solution is slow in terms of deep scanning. 

I have been working with the product for three months. 

I rate the solution's stability an eight-point five out of ten.

The tool has many modules and is scalable. I rate it an eight-point five out of ten. 

I rate the tool's deployment ease an eight out of ten. The process takes less than a day. In our case, however, it required at least three hours because we were doing a demo for Windows 7. We also needed to update the endpoint, which involved some installation requirements.

I rate the solution's pricing a five out of ten. It costs around ₱2,200 per endpoint. 

Our customers are mostly medium enterprises. You need to be patient with the scanning. The solution will help you with prevention and detection. I rate the overall product a nine out of ten. 

Check Point Antivirus is a one-stop solution for businesses and professionals. It is one of the most advanced security solution software which helps businesses to secure their IT system and the installed software and hardware through antivirus protection riches one of the best and most affordable in the current item market. 

It is one of the most stable software which is globally acceptable and has numerous capabilities and multifarious features and parameters which help businesses to secure their system inside out. 

This antivirus is easily deployed and is integrated into any kind of system within a very short span of time. This antivirus software is quite compatible with various dashboards and other electronic platforms and goes well in securing the installed system in the best possible manner.

Check Point Antivirus has improved the security experience of our ecosystem. Due to this software, now of our workforce is more confident and carefree about any kind of threat entry into the IT system. 

This antivirus software has amazing capabilities to fight any kind of malware and ransomware in the IT system. 

This antivirus software has numerous features which result in wider acceptability and huge capabilities in diffusing threat attempts and hacking attempts.

Check Point Antivirus is a quite stable software in the market right now as this is one of the most mature and highly customizable security solutions for businesses. 

We have been widely impressed by these amazing security features and notifications which help us to have better security compliance in place and also to have up to 100% security protection from any kind of threats and endpoints.

Check Point Antivirus has numerous features which are quite remarkable and have a greater impact on improving the performance of the business some of the features are.

Check Point Antivirus software is highly customizable in nature due to which its acceptability by the majority of the organizations like small medium and large enterprises is huge.

Check Point Antivirus is a cost-effective security solution for businesses and that's why its acceptability by various other fields and organizations is humongous.

Check Point Antivirus has a large number of good peer feedback in the public domain due to which the confidence and trust and transparency are high for this partner.

The software is quite compatible and extremely stable in any kind of IT environment.

This software is easy to integrate and deploy in any IT environment.

We are very much impressed by the business team and the tech team at Check Point who are day and night giving their best and proving their excellence in coming up with extremely viable and innovative security solutions for us.

There is a huge scope for improvement for any good product in the market.

Check Point services and antivirus solutions can improve their customer offerings by offering various discounts in their subscription model and they can also reconsider their pricing model as well. If certain cost reductions can happen and can take place, then it is going to be ultimately very good for medium enterprises like us.

Also, we are requesting the customer service and the business team of Check Point to have more and more features and improved packages to increase the customer experience.

We would be grateful to the entire Check Point team if we could get some discounts and also some extended trial periods. 

I've used the solution for over two years.

The solution has high stability.

The solution has good scalability.

Technical support has been great so far.

Positive

We were using a lot of other security solutions earlier. Some of them were Trend Micros Security and McAfee as well as other enterprise security solutions from Splunk.

We realized that these solutions are not very suitable for us as we need dynamic security services since our product is highly customizable and these security solutions are not fitting into the mainstream business. Due to this, we switched ourselves to Check Point and to date, we have had an exceptional experience with this partner as they are quite customizable in nature.

The initial setup is easy and straightforward.

We implemented the solution through a vendor.

The ROI is great.

The solution is easy with streamlined costing. Licensing is easy and renewal is seamless.

Yes we evaluated a lot of options before switching to Check Point, including:

• McAfee 
• Splunk 
• Kaspersky
• Trend Micro 

This is good to go security software for any kind of business today.

We are using Check Point Harmony Endpoint as an all-in-one solution. The agent acts for both ADR and XDR, allowing it to be installed on personal computers or desktops. This helps protect our company's data and network assets from being attacked by threats or ransomware.

After deploying Check Point Harmony Endpoint, there has been a significant change in our company's security posture. Check Point Harmony Endpoint has shielded us from potential threats, especially ransomware.

One of the best features of Check Point Harmony Endpoint is the portal, along with real-time threat detection and existing threat management. 

Check Point Harmony Endpoint protects our company by warning us against clicking any malicious links and prevents our hosts from becoming vulnerable to cyberattacks. This has given us added security and peace of mind as we feel protected against ransomware threats.

Harmony can detect and display threats. It helps prevent us from clicking on threats. Any cyber attackers that attack our hosts won't get any vulnerable information. It's shielding us from ransomware. 

Check Point Harmony Endpoint poses a steep learning curve and has high resource consumption, requiring high-performance PCs on our endpoint site.

I have been using Check Point Harmony Endpoint for almost eight months.

We did not use another solution before Check Point Harmony Endpoint. Check Point Harmony Endpoint is our first time trying an endpoint solution.

At first, I found the initial setup challenging; however, after about a week, it became straightforward. It was the first time I deployed an endpoint solution, and over time, the setup process became easy and manageable.

The deployment process was smooth, even though there was a learning curve initially. It became manageable over time. It's easy to deploy on-premises and on the cloud. We're just using the cloud. 

The configuration process gets easier over time. The first time you configure it, it's hard. 

The licensing process for Check Point Harmony Endpoint is very easy.

We purchased Check Point directly from Check Point. We are partners. We didn't purchase it from the AWS marketplace. 

I would rate the overall solution a five out of ten.

Our primary use case is to enhance the organization's security posture against attacks like phishing, and malware especially zero-day threats, with low false positives. The product must be able to integrate with the existing infrastructure with relative ease. 

We need detailed reporting and forensics analysis tools for incident response, and the management console must be user-friendly.

We need to improve operational efficiencies in managing endpoints and thousands of users, given the increasing number of remote workforce. There should be minimal impact on endpoints.

The management interface of the product is relatively user-friendly and easy to navigate.

The product manages to block most zero-day attacks and unknown threats in real-time, thus reducing the manual overhead by being the first layer of protection against unknown attacks, easing the workload on the monitoring team, and enabling the team to focus on other tasks simultaneously.

Overall, the product enhances our organization's cybersecurity posture with its comprehensive set of features, supported by a leaner monitoring team.

The product is quite easy to configure and can be deployed in under half an hour.

It has a centralised management console, single panel to triage, escalate, mitigate and respond.

The agent is lightweight on the endpoints and operates seamlessly in the background with minimal impact on the performance of the endpoints.

It has features like firewalling, removable device control, VPN, app control, DLP, file sandboxing, ransomware protection. which can be turned on or off per endpoint, groups, employees.

It should reduce CPU and memory usage. Its technical support could be more timely though it is still acceptable.

It is painful to get deep informational logs to be exported to a SIEM as Check Point requires a user to use its tooling Horizon.

At times, it repeatedly scans the same files without any effective results.

It lacks granular management and configuration.

Additionally, users may encounter challenges with the product's components not performing as anticipated, necessitating the manual addition of exclusions across various areas.

We have been using Check Point Harmony Endpoint for less than three months.

The stability is acceptable.

The scalability is okay.

The support could be faster.

Neutral

The setup could be done in less than 30 minutes.

The licensing is pricy, so weigh the pros and cons.

We looked at CrowdStrike and Palo Alto.