Check Point Harmony SASE (formerly Perimeter 81) Reviews

I needed the solution to attach it to the vendor's file in our accounting software. The customer service team provided such an efficient and fast service. We have an account manager, which is great as we get personalized attention. I asked for the W-9 form once, and it was provided to me. I was not able to download it and then forgot about it. I asked for it again, and without any hesitation, the team provided it again. They were not rude about it. I later realized and apologized for asking for it twice.

Our organization is more secure with Perimeter81's Virtual Private Network (VPN). We manage sensitive information of clients. In my department, we manage bank and credit card information. It is a lot of responsibility to have access to that kind of data. Now that our company has implemented Perimeter81's services with the VPN, personally, I feel more secure when navigating through these different platforms. It is a great investment for today's workplaces - especially when we handle critical information virtually.

The feature that I have found to be most valuable is the reputation that the company has regarding privacy. Nowadays, this is critical, especially when you do all of your work online. 

Similarly, I find that the work that Perimeter 81's customer service team does is very valuable. I have heard from our IT department that Perimeter 81's team is quite knowledgeable and efficient. These are important traits and they describe not only the company's service but the quality of its product as well. So far, our company is very happy with the product.

Overall the product is very efficient. However, personally, there is something that I dislike. I have found that the log-in/out process takes quite some time. I usually click on the app, and it asks me to login in through the web, and then after I log in it takes me back to the app. It seems to me that I should be able to log out without having to leave the app. I do like that it connects automatically/logs in as soon as I sign on. I am not sure why login in is easier than logout. 

The resolution took a couple of hours to be solved, around six hours.

The stability is good.

The scalability is good.

The experience with technical support was great. The team is professional, polite, and efficient.

This is the first time that we used a VPN in the company.

I'm not able to say what the setup is like.

I'm not able to say if we had any outside assistance.

I'm not able to say what the ROI would be.

I am not able to advise on the cost/pricing.

This decision was made by the IT department, however, naturally, they did evaluate other vendors

I am a remote developer and I use Perimeter81 as a VPN to access development and UAT servers for booking systems that service tier1 airlines. Those servers are mostly on the cloud, however, some are physical. We use AWS servers and physical servers in Dublin, Manchester, Amsterdam, Bejing, and Altlanta. We have individual team members spread out possibly 15-20 countries that need to be managed so it's important that we can be grouped and organized in a manner that allows us to authorize not just depending on our location but also our roles.

Our organization is made up of permanent and contract employees both onsite in our office worldwide and in remote individual locations across the globe. Perimeter81 allows us to develop software as a service (SaaS) collaboratively in a safe and efficient manner. We can authorize our web services not just by our team members' roles but also by our team members' locations based on the IP addresses on an individual level but also based on the group role for that member. The benefits are really built into the underlying protocol, however, Perimeter81 makes these available in a user-friendly way.

As a virtual private network, it enables us to communicate through development groups that segment our organization through the correct allocation of bandwidth and easily configured groups. 

Being able to add individuals to groups is the single most valuable feature, simple as it may seem. This combined with the underlying protocol makes for a powerful and easy-to-use feature for our organization. Adding and removing individuals is simple and easy to do which adds to the overall convenience and usability.

There is a very small amount of downtime. As a general user of the network, I'm not sure if this is down to maintenance time needed by our own network engineers who support our organization or indeed if it is up to Perimeter81 and its maintenance. What would be helpful is if this downtime was reduced. This may or may not involve some collaboration with Perimeter81 engineers and our own organization's engineers to ensure more up time, although I'm not complaining as this is very infrequent.

I've used the solution for over one year now.

The solution is highly scalable.

I don't directly deal with technical support.

Positive

Openpath was our old solution. We switched simply for better service and more uptime.

I did not handle the initial setup.

I did not handle the initial setup.

I don't know anything about the ROI - it's not my area.

Licensing is not my area.

I don't what other solutions were considered.

It was installed on the machines of the organization due to the need to filter all the incoming and outgoing content and to protect the teams - mainly our units that use laptops and have to be constantly moving. 

In the last two years with the appearance of Covid-19, this solution gave us that protection outside the organization that had been neglected for strengthening internal security. 

Another great advantage is the possibility of being able to protect our mobile devices by integrating the solution into all mobile devices.

The solution has given us an additional layer of protection in our equipment and applications, mainly now that the equipment is portable and in many cases, we must connect to various public Wi-Fi networks.

Its Granular Access Control over and within each resource, based on dynamic and contextual evaluation of user attributes and device states is great. 

A broad set of rules can be applied across all users, servers, and enterprise data stores, including user commands and database queries - giving users well-managed access.

Review of exported and imported packages and protection and content filtering have been useful. 

Advanced behavior analysis and machine learning algorithms shut down malware before it does damage. 

The solution offers high catch rates and low false positives to ensure safety,
efficacy, and effective prevention.

The automated forensic data analysis delivers insights into threats. 

Complete attack containment and remediation can quickly restore any infected system. 

It blocks malware coming from web browsing or email attachments before it reaches the endpoints. 

It is important to locally validate the consumption exerted on the equipment. At times, when I lose connection, I feel that the equipment is slowing me down. They could improve this detail or indicate that the application, while it is being restored, can generate latency in the communication processes. That said, it is definitely a very good solution for the protection layer in teams inside and outside the organization. 

In mobile devices, there is also sometimes a bit of tear when it is via LTE, however, that must be due to connectivity.

I have been using the solution for two years and it really works.

It is very stable and normally any problems generated are from loss of internet.

Scaling is easy and fast, thanks to the fact that it is licensed.

We did not use a different solution previously.

It is a quick solution to install, however, its cost is really medium and not low.

We did not evaluate other options.

It is perfect for keeping all my devices protected.

We are a company of around 30-50 people who have been working from home since the pandemic began. Our environment is completely cloud-based and all our computers are managed by our organization. 

We needed a solution that would help us protect users and the information that is handled in our company. This solution had to comply with characteristics such as the protection of network connections, prevention of threats such as malware and phishing, data protection, and, above all, it had to be easy to implement and manage. This is why we implemented Check Point Harmony Connect.

Check Point Harmony Connect helped us create a more secure environment in our organization, since our users can be safer when browsing and not being attacked by malicious actors who try to affect them with phishing or malware. On the other hand, administrators have more visibility of the sites to which users navigate and be able to control them, they can also access audit reports that allow them to make better decisions on security rules that must be applied. The protection of data in our company is the most important.

The characteristics that I have liked the most are the ease of implementation and administration. It is a cloud-based service it can be configured easily and very quickly and the administration center is very friendly for administrator users who do not know or have used the product. 

In addition, it is a cloud-based service that helps prevent cyber attacks by ensuring internet access for our users who work remotely, facilitating access control. 

Another valuable feature is that company information is kept protected by internet access control, applications to be managed, and URL filtering protection.

Sometimes downloading PDF files can be slow. It may take a while to scan the downloaded files. On some computers, the Check Point Harmony Connect agent can be a bit heavy to run in terms of CPU and Memory resources. 

Transparency to end-users could be improved. 

More compatible applications can be included. 

The support provided could be improved for when problems arise that require support from the Check Point team. Check Point is an expensive product so support should be more adequate. 

Some EDR features may still be under development and may need more time to be ready for use on a larger scale.

I've used the solution for one year.

Stability is 90% good. File scanning and web console stability could be improved.

The scalability is good.

Support is good, however, in some cases, they could improve the response time.

Neutral

I have not used any other option before.

The initial configuration was very easy to perform; the installation on the endpoints was very simple for the users.

The initial setup was handled by an internal team with supervision or support from the provider.

There have been savings related to the number of hours of implementation and administration.

I recommend that you evaluate using Check Point Harmony Connect, since, although its price may be a little more expensive, it is a solution that adds advanced security to the organization.

I only evaluated Microsoft and evaluated if Fortinet had any product that met the requirements.

The development of mobile devices and wireless technologies in recent years has revolutionized the way people work and communicate. The growing use of these technologies makes mobile devices one of the main targets of cyber threats. 

The proliferation of mobile devices in recent years, together with the increase in their capabilities, features, and possibilities of use, makes it necessary to evaluate in-depth the security offered by this type of device. On top of that, the mechanisms for protecting the information they manage, within the Information and communications technology environments are key.

Harmony Mobile has enabled us to provide the necessary information for the evaluation and analysis of the risks, threats, and security vulnerabilities to which mobile devices are currently exposed, as well as the technology used to address these risks.

In addition, the document presents a list of general security recommendations aimed at protecting mobile devices, their communications and the information and data they manage and store.

We are using malicious application detection to identify known and unknown threats through threat emulation, advanced static code analysis, application reputation, and machine learning. The solution captures apps as they are downloaded to devices and runs them in a cloud-based virtual environment to analyze how safe they are.

The solution has many valuable aspects, including:

Anti-Phishing, which blocks phishing attacks in all applications (email, messaging, and social networks).

Safe Browsing, which blocks access to malicious sites in all browsers based on dynamic security intelligence provided by Check Point ThreatCloudTM, the world's largest threat database.

Conditional Access, which blocks infected devices from accessing corporate applications and data, regardless of UEM solutions.

Anti-Bot, which detects bot-infected devices and automatically blocks their communication with command and control (C&C) servers.

URL filtering, which prevents access to websites deemed inappropriate by an organization's corporate policies. It allows companies to blacklist and whitelist websites at a granular level of detail, and to enforce policies on mobile devices across all browser applications as well as non-browser-specific applications.

Wi-Fi network security, which detects malicious network behavior and man-in-the-middle attacks and automatically disables connections to malicious networks.

The product needs to work on the integration of alerts with different SIEM or security solutions. Harmony provides visibility of device security, yet, precisely due to the growth of attacks and threats on these technologies, it is important to integrate the information it generates with the rest of the intelligence handled by cybersecurity areas.

In the same vein, it would be important to have detailed information on the type of threats and new intelligence that the platform is providing, so that it is easy to alert users when it provides value.

I've used the solution for one year.

The solution offers excellent support service.

Positive

We did not use a different solution. Instead, we were just using an MDM solution but although we can make configurations oriented to protect the devices, it is far from being a complete solution like Harmony. 

The initial setup is easy.

We handled the implementation in-house.

I'd advise a potential new user to talk with their account manager.

We also evaluated McAfee and Cortex, but Harmony fixes better with my company requisites in order to run in background for end user.

We use the EDR solution for servers and endpoints for a lot of customers. The use case is for offering protection at the OS level. 

We wanted a better solution than legacy antivirus to secure each OS in the organization. Harmony Endpoint gives us a complete security package with a lot of security features that regularly require a lot of separate security products and a lot of overhead management. 

The environments include on-premise servers - mostly Windows - as well as laptops and desktops with Windows and Mac OS. We also have some cloud services in Azure and AWS.

It's improved the security of every single OS in the organization as well as the visibility and security capabilities. With Harmony Endpoint, we give each computer advanced anti-malware protection and internet browsing protection (like proxy protection), and advanced phishing protection inside websites. 

It takes care of the concern about ransomware. Today, it's more important to secure each endpoint in the organization at the OS level rather than the organization network level as users are connecting from everywhere. This is why Harmony is so important to us.

The solution offers very good features including anti-malware, URL filtering, and anti-ransomware. The product offers a complete solution in one package and it's on every single OS. 

The most valuable part of this product is the complete security package in one single endpoint that includes the legacy anti-virus protection, advanced anti-malware protection, browsing protection, and even firewall capabilities at the OS level. 

In a lot of cases, when we want to give all these security features to every endpoint, we need to implement a lot of separate security products.

More report and alert options would be useful. The reports are not good enough and alerts are not usable. 

We need more user-friendly alerts and more options for the alerts. The reports are not capable of giving important information from some parts of the system - like inventory details, etc. 

Also, the logs in the product are not very usable. If you have any blocking of a legitimate app or some problem you will have a hard time finding a log about it and most of the time you will not find any information. 

The product doesn't have an automatic shutdown switch. You must uninstall it in order to shut it down.

I've used the solution for about one year.

It's very stable. However, they need to resolve some bugs and feature requests.

It's a cloud solution. We are using the cloud-managed solution which makes it very scalable.

The solution offers the best customer service and support in the market.

Positive

I used Symantec and we wanted to move forward to an EDR solution that gives a more complete security solution for today's needs.

The initial setup is very straightforward.

We implemented it in-house. We learned how to do it by ourselves.

There are only two types of licenses. If you don't need sandbox features, you can take the basic license and it includes everything.

We tried Sentinal ONE, CrowdStrike, Microsoft, Trend Micro, and McAfee.

It's the perfect solution for endpoint protection and has a lot of features included.

We use the solution as an endpoint protection platform, which supports the next-generation antivirus. It offers endpoint detection and response and will help on addressing a single agent that will support multiple features. 

This helps IT Security operations front to minimize the security threats. Also, we can map the MITRE ATT&CK framework in a single dashboard which provides complete endpoint device visibility.

The solution offers runtime protection against ransomware, malware, and file-less attacks, with instant and full remediation features that give good insights into the organization's threat landscape.

The unified agent helps in addressing the system usage. Instead of installing different agents and real-time protection, the platform provides greater visibility to the operation team to see incidents in real-time, instead of creating a lot of false positives. The vaulted space features give more controls on signed processes. In case the malware attempts to perform a shadow copy deletion, the machine will not lose any data. We can also take a backup of the file.

Phishing protection gives good insights about credential theft and zero phishing.

Overall, the unified agent covers endpoints as well as prevents web browser attacks.

Phishing sites are blocked in real-time and protect against previously unknown phishing sites and corporate credential re-use. This will prevent the business end-user from being compromised by attacks.

Zero-day sandboxing is an additional feature that can provide greater visibility on the sandboxing end and gives more control on the threat front. We can sanitize the files if we want, using a threat extraction process with infected files that can be cleaned in the process and provides a safe environment.

The remote browser isolation is not part of the unified agent, as of now. It could protect more on threat intel sources and could give a broader view of threat hunting. 

Soon, the unified agent should take more CPU processing in the systems-deployed Check Point agent. 

Providing USB control in a Linux environment will give more control over data security. Few other OEMs provide Linux USB control. If Check Point could adopt the technology in near future, it would give more of a value add to existing customers. 

I've used the solution for more than six months. We are using the Check Point Harmony end point solution.

We switched in order to avoid multiple agents.

Pricing is purely based on their industry and company decisions.

We did look at the Sentinel product.

We are using the product to secure roaming users who work outside the office as well for protecting a variety of company locations. 

It is great that Check Point continues to be a visionary in the network security market and delivers such anticipated products which allow users to cope with ongoing security challenges and trends.

It is used to protect offices and retail stores and it is a step forward from the traditional connectivity architecture which lacks flexibility and prevents business to advance at the desired pace.

It is great from an operational point of view. There is no need to procure and install HW; a new location could be secured almost instantly.

There is no need to talk about security. It comes from a team of talented developers and has a historic record. The Check Point portfolio showcases very strong products. 

The support from Check Point's side is great as it always and allows you to understand the product, produce and secure design as well as deploy and test it. Furthermore, the product owners are actively looking for feedback. This allows you to express your opinion and shape the product to improve it according to your needs.

The product is great as it allows users to deliver the most security value at the fastest speed. It reduces an operational load in terms of provision, installation, management, patching, and hardware replacement by increasing uptime and reducing the time to deliver to market. It also provides cloud-native availability and allows you not to bother with the sizing and location capacity as long as you stick with Harmony Connect. The price is reasonable.

Last but not least, there is an option to manage Harmony Connect from the centralized management station which allows users to apply existing policies while having a single pane of glass for network security.

An improvement could be made in terms of achieving better coverage in such complicated regions as the Asia Pacific, China, and Russia. Some PoP locations might create complicated traffic flows and impact the latency and load on network infrastructure even further.

Advanced details of log information are missing. However, the Check Point team is definitely open to constructive advice and is happy to make any requested changes.

There are still some limitations that exist while using centralized management with Harmony Connect.

I've used the solution for six months.