Check Point Harmony Endpoint Reviews

We have many clients using this solution for different use cases.

The solution can be deployed on the cloud and on-premise.

Check Point Harmony Endpoint is mainly used for protection. 

The most valuable feature of Check Point Harmony Endpoint is centralized management.

Check Point Harmony Endpoint could improve by allowing it to work on older systems by reducing the system requirements. Since our systems are dated we can only use the antivirus module features.

I have been using Check Point Harmony Endpoint for approximately two years.

Check Point Harmony Endpoint is very stable.

The scalability of the Check Point Harmony Endpoint is good. It can scale easily.

We have some clients with 10,000 users that are using this solution.

I have opened up many tickets with the support and they have been responsive. I have not had any problems with them. They have helped whenever I faced a problem.

I rate the support from Check Point Harmony Endpoint a four out of five.

Positive

The initial setup of the Check Point Harmony Endpoint is easy. We use the main policy for the installation across the organization.

We have had some problems with connection management because if we install the initial client on the computer, we cannot stop or delete this client or install the full package afterward.

If we have a new signature technical support ticket, they add this signature to the database in three to five days which they could improve.

I rate the initial setup from Check Point Harmony Endpoint a four out of five.

Check Point Harmony Endpoint does not have some features that SentinelOne or CloudStrike has.

I rate Check Point Harmony Endpoint a seven out of ten.

As a financial company, we use the solution to provide security to our CDE environment and compliance with all PCI requirements. This tool enables us to provide security to the endpoints and also, to comply with local and foreign regulations regarding platform security.

We use this solution to protect all our endpoints, including personal computers and mobile phones. 

We have deployed the solution in Windows, Linux servers, workstations, and mobile phones. 

We also use the web filter capabilities both on mobile phones and on corporate computers.  

We now have so many capabilities we did not have before, as follows:

• We are able to manage all our endpoints from a single cloud console
• We don't need adicional on-premise servers to run this solution
• The time that the endpoint refresh and identify new policies is very short. It takes seconds and this is a great value for us to fight emerging threats
• We are now able to protect web browsing in all web browsers and also we don't need additional policies to block browsers in private browsing
• The integratión with our SIEM solution was very smooth and the solution provides valuable information for security analysis
  

The most valuable aspects include:

• Web Filtering. This feature is easy to manage, and it applies new policies in seconds. 
• Real-time Click Protection. It protects the user from phishing attacks in real time. 
• Compatibility with Windows, Linux, Android, and Mac. We don't need additional solution to protect all our endpoint. 
• Cloud Management. This feature allows us to reduce our operating burden and also improve our TCO.

We now have the ability to block a compromised machine from the network.

We now have the ability to block in near real-time IOC.

It would also be great to include DLP capabilities for the endpoint so that we do not have to deploy additional agents on servers or PCs or use additional products. 

It would also be great to include FIM capabilities for the Endpoint so that we do not have to deploy additional agents on servers or PCs or use additional products.

It would be great if we could have additional DLP capabilities to identify personal information or any kind of information to comply with regulations that require information protection. 

I have been using the solution for about three months.

We haven't had any problems or downtime since we acquired the solution. It is stable.

The solution is scalable. It is quite simple to add new endpoints to the solution or add additional features, all with zero downtime. 

Customer support and channel support are also always willing to help. 

Positive

We have been using McAfee Endpoint protection for about ten years. We were missing so many features and needed additional tools and effort to protect our endpoint. 

It took a few minutes to deploy the whole solution.

It was through a vendor. They were experts on the product.

The costs depend on the company size. In my case, I was able to have all the features, including email protection, remote access, mobile protection, and endpoint protection, for a great price. 

I evaluated Trend Micro and McAfee.

We use the product for endpoint protection against viruses, malware and ransomware technologies.

The solution has all the standard features you would expect for endpoint protection.

The price of the product could be more friendly. 

I have been using the solution for one year now. 

We have had no problems with stability so far. 

The solution isn't very scalable, it's a PC, and it's all endpoint. 

Currently, there are 2000 users of this product in my company. This number can change in the future due to company growth. Next year, each employee at the company will have a notebook and each notebook will have this software installed in it. If the headcount increases, the license will increase accordingly.

We previously used McAfee for endpoint protection, it was a corporate decision to switch. This could have been due to a cost or technology issue. 

Installation is straightforward, it took our IT department 20 minutes. 

The product has very fast deployment, as we roll out the product in batches. These batches can vary between one and hundreds. This number depends on how the team schedules the roll-out, as each roll-out is customized to match the bandwidth requirements.

We used an in-house team to implement the solution. 

We implement this solution with a yearly subscription and there are no extra costs. 

I would recommend Microsoft Defender for Endpoint over this solution. 

I would rate this solution a seven out of ten. 

We resell Harmony Endpoint to many of our SMB customers and also use the product ourselves. It concerns environments of endpoints only, as well as (terminal) servers and a mix of these.

Our customers range from one to two endpoints to 100+ endpoints. In addition, as mentioned above, there are also customers where we deploy the Harmony Endpoint tooling on the servers. This also varies from customers with one or two servers to ten or more servers.

Both we and the customers are very satisfied with the use and functioning of the antivirus.

It is very powerful tooling that can be tuned a lot. It gives a lot of insight via Threat Hunting and stops things that other antivirus packages just let through.

Previous antivirus packages that we used and our customers used did not include a browser plugin. Now that users see that the endpoint really does scan everything on the browser page (such as username and password fields) they also see the added value of an antivirus package on the computer. Since users themselves see this added value, they also understand that they sometimes have to wait a little longer (for example, when downloading files, these are also scanned first).

The Harmony Endpoint browser plugin is powerful tooling that is visibly present and doing its job. 

Previous antivirus packages that we used and our customers used did not include a browser plugin. Now that users see that the endpoint really does scan everything on the browser page (such as username and password fields) they also see the added value of an antivirus package on the computer. 

It would be useful if you could also mark blocks as safe from a client. Now users always have to ask an admin to make exclusions.

In addition, it is also very desirable that there is support for Windows Server core machines.

In addition, it would also be useful if administrators could create exclusions directly from logging into the admin portal, instead of only being told where and how to add the exclusion. This will save work.

It would also perhaps be useful if you could connect from one endpoint directly to another tenant. Instead of having to roll out the endpoint again.

I've used the solution for one year.

The solution is very stable.

The management portal could be a bit faster. Sometimes we are waiting for pages.

It's very easy to create a support ticket and they always provide quick answers.

Positive

We previously used Trend Micro and ESET. We couldn't manage the endpoints of multiple customers centrally.

The initial setup was straightforward.

We handled the implementation in-house.

I'd advise users to buy a bundle with more Check Point products in it to better secure their organization and save money.

We did not evaluate other options. We use more Check Point products and are very happy about it.

Harmony Endpoint is able to focus on the ZTNA for applications and in penetration testing for any type of ransomware or man-in-the-middle attacks. 

It helps to protect and secure endpoints, helps to focus on incidents, and prioritizes vulnerabilities. The solution also helps with endpoint protection and recovery from an autonomous response and in conforming to the organization's policy. It helps to do SSL traffic encryption and packet sniffing and has a good way for mobile threat management and defense as well. 

Security across the workspace has been the primary use case. 

Our organization was able to use the analytics and report information to figure out any risk exposure in a remote workspace of mobile and VPN access and email and endpoint security. 

Endpoint analytics helps to showcase any of the gaps that are there with the downloads, attacks on malware, and how to triage incidents. 

It helped to improve upon sensitivity of the data with the data loss prevention technique as well. And stopping any vicious attacks is the priority by making sure any advanced ways of detection come about.

I found the fact of working across multiple attack vectors easy and more beneficial. 

It has helped with USB to human errors to website issues to all types of threats and bot attacks. 

I also found the features of provisioning a VM for some security requirements and the fact of access across SSH and remote terminals also beneficial. 

Client-based access and the suite of products from SaaS API and Browser Protection are also very beneficial. It follows the ZTNA which tells that the VPN model of security would come to be obsolete in a few years with the Harmony benefit of Check Point.

More development in Linux may help, however, the fact that the product could also have some more documentation as suggestions on what to do may also help.

The product may take some time to navigate at first but apart from that the log ingesting and working on getting a client installed may take some time. 

I would like to see more automation. 

Also, encryption management is not made available in all versions but if it could be extended that would be great. Sometimes it may take some slight delay, however, it's nothing too bad. 

I have been using this solution for three years.

We did not use a different solution previously.

I'd advise new users to work with a technical account manager and follow the steps in the documentation.

We evaluated ZScaler.

The solution is primarily used for protecting endpoints.

Harmony Endpoint is a complete endpoint security solution built to protect the remote workforce from today’s complex threat landscape. 

It prevents the most imminent threats to the endpoint such as ransomware, phishing or drive-by malware, while quickly minimizing breach impact with autonomous detection and response. This way, your organization gets all the endpoint protection it needs, at the quality it deserves, in a single, efficient, and cost-effective solution and able to detect/block/monitor and response to any malicious activity happening on the endpoint. With the single agent deployed on the endpoint, it's able to provide complete EDPR functionality with help of multiple security features/modules.

Harmony Endpoint provides complete EDPR functionality using multiple modules/features which are available with the solution such as Compliance, Anti-Malware, Media Encryption and Port Protection, Firewall and Application Control, Full Disk Encryption, Remote access VPN, Capsule DOC, URL Filtering. Anti-Bot, Anti-Ransomware, Behaviour Guard, Forensic, Threat Emulation, and Anit-Exploit.

We are able to protect endpoints from any next generation of attack and modules can be enabled/disabled based on organization requirements. Harmony Endpoint is able to detect/block/monitor and mitigate attacks at an endpoint using logs which is been captured by an agent installed on the endpoint. 

Agents send telemetry/metadata to a centralized console for forensic purposes. Policies for the endpoints can be created based on the user name or endpoint. 

Integration with a threat intel platform for blocking any attack at an early stage is great. The complete solution can be hosted on-prem or via SaaS - a cloud remote access VPN is provided as default in base licence. 

Different policy servers can be configured and hosted at each location so the agent does not have to reach a central location to take policy updates. Policy servers are created using OVF file which can be installed on any virtual platform such as VMware. This offers a more secure way of communication between the policy server and the management console (using certificate/SIC communication). 

Agent footprints are low on endpoints and integration with other security solutions is great for sharing threat intel within an organizational network or over the cloud. Anti-ransomware modules are very strong and are able to detect any ransomware attacks at a very early stage. 

The host-based firewall policy configuration is simple. 

The solution allows us to reduce the attack surface via:

• Host Firewall
• Application Control
• Compliance
NGAV: Prevent Attacks Before They Run

• Anti-Malware
• ML based NGAV
  GAV: Runtime Detection and Protection
  
  • Anti-Ransomware
  • Behavioral Guard
  • Anti-Bot
  • Anti-Exploit
    Web Protection
    
    • Zero-day Phishing site protection
    • Corporate Password Reuse Protection
    • URL Filtering
    • Malicious site protection
      Attack Investigation and Response
      
      • Forensics collection and detection
      • Forensics report – incident visibility, MITRE mapping
      • Automated attack chain full sterilization
      • Ransomware encrypted files restoration
      • Threat Hunting
        Data Protection
        
        • Host Encryption
        • Media encryption and port protection
          Mobile Protection
          
          • iOS Protection
          • Android Protection
            Centralized Management
            
            • Cloud Management
            • On-Prem Management 

The solution has limitations if it's hosted on-premise or as a SaaS. You need to plan accordingly on the model that suits the organization. On-Premise, for example, does not support threat hunting. Hosting on the cloud will have an impact on the user who is connecting to a central location for internet access as it will add infra cost. 

We also need to look over the expertise of the support executives who require more training and focus as well in this service area and if we can think over the cost of the product.

We're using the product to secure our endpoint users internally and for a hybrid workplace setting. 

We wanted to replace Windows Defender with a more professional solution and, after checking some vendors, we opted for Check Point since we've been using their firewall product for quite some time.

The license tier is also nice as we can buy licenses to specific cases and save some money on that end. 

The inclusion of URL filtering was a plus since we replaced another product we used in the company.

We're able to secure all endpoints and manage them from a single console. 

Being able to set policies linked to Active Directory objects made the administration of the platform much simpler and the documentation of those policies very easy. We can just change a setting on Active Directory and the computer gets a totally different policy in a matter of minutes. Of course, this syncronization time must be set up in advance on an agent machine. However, it is a very easy task to do.

The drive encryption was another feature we implemented with the product.

The management of all endpoint settings from a single portal does not need to use more than this one to set all the policies. We used the deployment of this product to push drive encryption to some of the more sensitive users of the company since we haven't had any solution to this problem.

We're also using application control to block some unwanted apps from being executed on clients, however, sometimes the management of those apps can be a little time-consuming due to newer versions being released often.

The lack of time setting for policy application, for example, from 8 am to 9 am, to have a policy applied and then from 9 am to 10 am for another one.

A more responsive UI would be nice. Sometimes, with a lot of clients (1,000) the UI is a bit sluggish.

The operation of reinstalling a machine also requires a bit of work since we have to delete the object before installing the app on a formatted operating system. It should be able to lock settings and licenses to the machine ID that never changes with an OS installation.

I've used the solution for one year.

Our SOC team uses this solution to observe any unusual behavior or processes running on the endpoint. For example, it is used for phishing detection.

The data is ingested to Splunk.

One of the problems with assessing this type of product is that you don't always know when it's working. You will see when something is wrong, where no threat has been detected. If nothing has happened then you don't know if there was no threat, or instead, the protection was quite good. Also, if no threat is found then it may be that the solution is not good enough to detect these types of malicious activities.

The set of features is quite comprehensive.

The Endpoint security solution integrates with the Check Point firewall services, so it's a combined approach to security.

A unique feature with this product is that it will detect if the user is entering their password on a website, and then block it.

Check Point users a pattern-based security module, which is something that can be improved. Pattern-based security is not the latest architecture and it is insufficient because every day, there are approximately 380,000 new vulnerabilities and threats. Using patterns is difficult because the threats can hide.

I have been using Check Point Harmony Endpoint since I joined the company, several months ago. The company has been using it for longer.

From a stability perspective, I can say that we have had absolutely no problems.

We have not experienced any issues with scalability. We have more than 10,000 users in the company. The users are across a variety of roles. It's used by everybody. As our company grows, the usage also increases.

At this point, there is nowhere we can extend its usage.

I do not have personal experience with technical support so I can't assess them. However, I have heard that it is quite reasonable, so I think that it's fine.

We also use Microsoft Defender for Endpoint.

I am building my own opinion of which is better, between the Check Point product and the Microsoft product. Depending on where you do your research, you get different opinions, although much of that is supplier-driven.

In my former organization, I was using CrowdStrike. It has much better performance when looking only at processes.

I was not part of the implementation because it was in place when I joined the company. 

I have done research on several similar products to try and determine the best-in-class.

From my point of view, I can't see that any features are missing. My primary complaint is that it relies on patterns for threat detection. It does the job, we get our logs, and we get the relevant warnings. Overall, it's a good product.

I would rate this solution an eight out of ten.