Check Point Harmony SASE (formerly Perimeter 81) Reviews

The primary use case has to do with the remote connectivity of sites.

I have found the IPsec VPN to be valuable.

The integration from a management perspective could be improved so that the management can, from an existing Check Point firewall, manage a Harmony firewall through one pane of glass.

I would like to see the use of either GRE or non-IP tunnels in the next release.

I've been working with Harmony Connect for about 18 months. I tested it but did not run it in production.

Stability wise, I'd rate Harmony Connect at seven out of ten. It could be more stable in some respects.

The scalability is good, and I'd give it an eight out of ten.

I found the technical support to be okay. Most of the technical support was geared to the regular equipment, and we had to find specialists within Check Point to look at Harmony Connect. Because of that, I would give technical support a rating of seven out of ten.

The initial setup is simple in some ways but complex in other ways. You need to know a lot about the Check Point side and the portal side to make it work.

I would rate Harmony Connect's pricing at six out of ten. It wasn't particularly expensive, but it wasn't super cheap either.

We evaluated Silver Peak. Comprehensiveness was the main difference between Harmony Connect and Silver Peak. Harmony Connect is a little more suited for smaller branch offices as opposed to full-site connectivity.

Overall, I would rate this solution at seven on a scale from one to ten.

For the past two months, we have been evaluating Harmony Connect because it has some limitations on routing and account control, so we are testing it for three customers to check this function. In some areas, Harmony Connect can replace older VPN products and also add some features, like DRP and security gateway.

The DLP (Data Loss Protection) is the most valuable feature. 

My customers want more remote functionality.  They need another routing option after they connect to the enterprise intranet. For example, let's say a user tries to connect to a remote branch office and headquarters through Harmony Connect. They need a local breakout after connecting to the headquarters, especially in China. They need to put local breakout in the Chinese internet. The current version cannot do something like this.

This solution is new to Taiwan, so I haven't been using it for very long. I started using Harmony Connect in Q3 2022.  

Harmony Connect has been stable so far, but this is still a test. 

There are some limitations on redundancy, and it takes about 30 minutes to switch. This is a significant limitation. Competitors like Palo Alto can do it in around five minutes. It's more appropriate for enterprises because they sell the product license in packages of 50 accounts at least.

I rate Check Point customer service nine out of 10. It is excellent, especially on the customer side. 

Positive

Check Point Taiwan provides me with a lot of flexibility in pricing. If I'm trying to secure a customer, they can give me a good discount on this product. The price is about 350 HKD annually. 

I rate Check Point Harmony Connect eight out of 10.

This is a VPN solution that caters to remote working. I rely on this software heavily in order to connect to my company's internal network. Compared to my last job, which used a different VPN vendor, Perimeter 81 has caused no issues whatsoever. 

I'd easily recommend Perimeter to any businesses that are interested in purchasing the software. As an end-user, speaking from experience, I've found no issues whatsoever with this VPN. Changing between different networks is very easy and straightforward to do.

Perimeter 81 provides a very secure and non-disruptive experience. At my last job, we used a VPN vendor which would interrupt vital connections to the network. Whereas using Perimeter 81 in my new job has been a very stress-free experience without having to worry about disconnections. It's made my working relationship with my new employer easier without having to worry about dropped connections. What I would say is this has improved our organization via its simple and easy-to-use UI. Other users can easily troubleshoot and provide remedies to each other if issues do occur, which are very rare.

The easy but secure way of logging into the VPN makes mornings easier when logging in. It's a straightforward, 30-second sign-in process without any hassle required. I also found the lack of configuration required by end-users a much-appreciated touch. It's incredibly important that my connection is always stable and reliable. That is what I'd say is valuable about Perimeter 81. I rarely see any complaints on Perimeter 81 amongst other colleagues. This wasn't the case with the last vendor we used at my previous place of employment.

I am struggling to find improvements in particular that would benefit users. What would be useful would be a notification/warning that a session is due to timeout after exceeding the default connection limit. This can help me prepare for imminent disconnection due to my existing organizational connection limit. However, that being said, it could be a setting somewhere but I thought I'd add this as a point anyway. In terms of constructive feedback, I can't find any other improvements or suggestions from an end-user point of view.

I've used the solution for less than one year.

We are using Harmony Connect (clientless and client) with Harmony Mobile, Harmony End Point, Harmony Office security.

Before we were using Fortinet Client with Token and we are now using Harmony Connect in Saudi Arabia. 

We use Check Point for application control, IPS, and web filter on-premises and wanted an in-kind solution for off-prem users. The primary requirement was for the Harmony policy to be able to be managed from the same SmartConsole instance as our on-premises gateways are managed.

The solution is secure, scalable, and easy to handle with good support

The Check Point portfolio showcases very strong products.

It very easily allows users to leverage their home office via safe access. If they had any type of issue with the machine, the disk is already encrypted.

The client's requirements were that the solution could:

• Be designed to prevent the most evasive cyberattacks
• Have Zero-Trust network access to enterprise applications
• Secure Internet access for remote users
• Protect branch office (SD-WAN) connections to the Internet and the cloud

Harmony Connect Client is very powerful tool.

I find it very easy to implement and deploy in the organization. One point to note is that it is a very user-centric solution.

The integration that this solution has with the different routers or perimeter equipment is exceptional. We were able to implement the solution on the same hardware as the SD-WAN equipment in each branch and central site.

Mainly, Zero Trust Network Access is one of the most important features of this Check Point Harmony Connect solution. It's of the Secure Access Service Edge (SASE) type since it gives us secure access to the organization as if we were physically in the organization.

The suspend feature needs more control.

Zero Trust Network Access can be a security breach if not used correctly. I have implemented it and it turns out that access to the organization's applications must be complemented with user awareness.

It is important to note that the Zero Trust Network Access feature is an important feature for the solution, however, at the same time, the organization's applications can be accessed if user access is available. A double authentication factor could solve this gap.

I've been using the solution for one year.

We were using Fortinet Client Token Solution. We switched as CP gives more control and visibility.

The tool is very handy at a good price.

We did not look at other options.

We needed to connect the branches with the users, and, in turn, we needed to connect the users with the applications of the organization. However, we needed to secure this connection since the users were at home. The branches had Citrix SD-WAN and therefore we needed a solution that would integrate with the current solution that connected the branches to the central site.

The client's requirements were that the solution could:

• Be designed to prevent the most evasive cyberattacks
• Have Zero-Trust network access to enterprise applications
• Secure Internet access for remote users
• Protect branch office (SD-WAN) connections to the Internet and the cloud

I have worked with Check Point Harmony Connect, which is a Secure Access Service Edge (SASE) solution, which unifies multiple cloud-delivered network security products to prevent sophisticated cyberattacks and simplify policy management.

I find it very easy to implement and deploy in the organization. One point to note is that it is a very user-centric solution.

The integration that this solution has with the different routers or perimeter equipment is exceptional. We were able to implement the solution on the same hardware as the SD-WAN equipment in each branch and central site.

One point to keep in mind is that it is a user-centric solution. 

Additionally, the solution has an integration with Citrix SD-WAN that allows a remote implementation in each of the branches. 

Mainly, Zero Trust Network Access is one of the most important features of this Check Point Harmony Connect solution. It's of the Secure Access Service Edge (SASE) type since it gives us secure access to the organization as if we were physically in the organization. 

I find it very easy to implement and deploy in the organization.

A ZTNA architecture is designed to reduce cybersecurity risk by eliminating implicit trust within an organization's IT infrastructure.

Zero Trust Network Access can be a security breach if not used correctly. I have implemented it and it turns out that access to the organization's applications must be complemented with user awareness.

It is important to note that the Zero Trust Network Access feature is an important feature for the solution, however, at the same time, the organization's applications can be accessed if user access is available. A double authentication factor could solve this gap.

I've been using the solution for almost two years.

Check Point Harmony Connect is quite stable in the implementation I did together with Citrix SD-WAN.

Citrix SD-WAN appliances are SDN/NFV-ready platforms designed to host virtualized network functions (VNFs).

Hosting a Check Point virtual machine (VM) on Citrix SD-WAN branch appliances provides customers with granular control of their security and data.

Together, the integrated SD-WAN and advanced Threat Prevention platform provide secure and optimized WAN connectivity over Internet links and WAN connections. By dramatically simplifying deployments and reducing costs, Check Point and Citrix SD-WAN provide enterprises with an affordable and secure remote branch office security solution.

I find it very easy to implement and deploy in the organization.

I did not previously use a different solution.

This is a SaaS. For this reason, the cost, pricing, and licensing depend according to your necessity.

I also looked into Forcepoint SASE.

Even with our old anti-virus solution, users were able to download files and receive it through e-mail with no inspection or emulation. Also, they were able to use external pen drives or external HDs with no control of the data that was being transferred and where it was going to.

The internet navigation had no filter and even the traffic to porn websites or malicious websites was passing normally with no inspection.

If one of the machines were stolen or lost we did not have something to block access to the data inside the disk, sensitive information could have been lost.

Now that we use Harmony Connect, the files are inspected and we are sure that no malicious content is inside the company. Before installing Harmony Connect all the downloads were made by anyone with no check on that information.

Anyone could download something malicious and as we use shared folders with sensitive information one infected machine could go to any other server or user machine and cause a big data loss or machine infection.

Now, it very easily allows users on home office safe access. If they had any type of issue with the machine, the disk is already encrypted.

Emulation of files, control of USB connections, and full disk encryption are great features. Due to the coronavirus pandemic, we were not confident in having everybody working from home with an unsecured system where the user could, for example, copy all data from the computer to an external HD or Pendrive. if they did, we would not even know that it happened.

Now, after using the Harmony Connect Endpoint, we have full control of the actions that the user does with the company data and we can also monitor/block their access to the internet.

We have noticed that sometimes even performing just a few changes in the portal, the installation takes a long time to finish.

The access to the portal should be faster. It shouldn't crash a lot. We have a lot of crashes right now. 

We noticed that, for some days of the month, the portal would be down and not accessible depending on the time that we tested. Sometimes we performed some changes after work or at dawn to minimize the impact that it could cause to the users. However, sometimes the portal is not online as we expect it to be or we need to reload the page a few times before it works.

I would give it a score of eight out of ten due to the portal being slow.

I've been using the product for about six months.

The stability is not that good; sometimes the portal fails.

In terms of scalability, it's easy to increase the users/licenses in the environment.

Check Point support takes a long time to resolve issues.

Neutral

We previously used the Kaspersky antivirus.

The initial setup was not straightforward. 

We had a vendor assist with the implementation and we had a very good experience.

We have seen an ROI.

Usually, other products are cheaper than Check Point.

We evaluated all other antivirus/endpoint sollutions.

Primarily I use the product for work purposes. My work environment is currently remote, therefore, I tend to move between private and public networks pretty often. Having this solution for public networks is key in ensuring that you are staying secure while browsing or using work-related software or services. While working from home, people tend to travel and never realize that public networks are very insecure and they allow hackers to access information from your computer very easily, especially if you don't have a VPN service.

Perimeter 81 has increased my security and privacy while maintaining solid internet performance. 

Without this software, I tend to always be concerned with security and privacy while browsing the web, however, when I'm using this software, I tend to feel more comfortable browsing knowing that I'm covered. It has made working from home feel more secure while not impacting computer performance. 

Many other services that I've used heavily affect the overall performance of my computer, however Perimeter 81 doesn't affect it at all.

The Perimeter 81 VPN is fast and secure. It also is very easy to use, with a simple yet elegant UI. I like how this software will automatically turn on my VPN and connect whenever I hop on my machine. The Always On VPN really can't be beaten. 

While I'm using this service, I never even notice that I'm using it (due to the overall performance of the program), which is really what you want when you're using a VPN. This has to be the most valuable part of this software, along with the user-friendly interface. 

I don't think that this service can be improved. Speed and privacy could always be improved, however, the current product doesn't lack these criteria. I also think that the overall UI could be improved and updated to bring a simpler feel to the application, but again, the software doesn't truly lack in this category. 

Aside from this, the service is really pleasant to use and I've never once had the thought of uninstalling the application. While it would be great to have the ability to move the location of the VPN, I don't think that this is required to increase the overall performance.

I've used this solution for about two months.

I've gotten a great first impression in terms of stability.

The scalability has given me a great first impression.

I haven't had to reach out to support.

I've used other services. That said, I didn't have a great experience with their UI and performance lacking abilities.

The setup was a breeze.

I'm not too sure if we had assistance or not.

This service is very affordable and worth it for what you actually get out of the software.

I didn't look into other options before choosing this service, however, I don't think there is a need to at the moment.

I work from home primarily, however, in a multi-unit complex. I often worry about internet security. From time to time, I also work from a coffee shop and that's when I really lean on Perimeter 81. 

It's definitely nice to know that no matter where I am I can use Perimeter 81 to make my connection more secure. Sometimes there is sensitive information or documents I work with and this extra layer of protection gives me a lot of peace of mind while I'm working (though I still tend to only work from home in those cases). 

It keeps us all accountable and ensures secure internet connections while we all work remotely. 

We have team members that live all over the country and some that chose to work abroad or in different locations periodically (since the pandemic). Having Perimeter 81 as a solution in those instances to keep our team secure has been really great. 

We eventually will have even more employees that are working remotely, and maybe even some international employees, so I'm sure we'll find it even more useful then. 

I would say the multiple networks are the most valuable aspects. I think it's cool that, depending on where I'm located, I can join a network with a specific gateway for my region. 

I don't exactly know what other features I could be using. Getting more of a tutorial or walkthrough would be awesome. I know our IT team doesn't have time for that kind of thing, however, so I would think it best to come from the solution's team. Even if it was just a quick video or animations that show you new features as you're getting acquainted with the product, that would be great. I wouldn't want a lot of emails, however, maybe a banner pop-up would work from time to time.

I don't know all the other ways I could be using the product, so I'd love to learn more about all of the features. Maybe a monthly spotlight of features or having a banner that explains more ways certain features could be used would be helpful. I wouldn't want anything too exhaustive or frequent - just something that could share some high-level features that may be helpful for at-home workers or even security tips. I'm not super-versed in that kind of thing, so I would find that valuable. I would love a little tutorial that's quick. 

I've been using it for about four months and I really love it. Not only is it easy to use but it adds some peace of mind.