Try our new research platform with insights from 80,000+ expert users

Check Point Harmony Endpoint vs N-able EDR comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Mar 1, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Detection and Response (EDR)
7th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
108
Ranking in other categories
Endpoint Protection Platform (EPP) (5th), Extended Detection and Response (XDR) (6th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (2nd)
Check Point Harmony Endpoint
Ranking in Endpoint Detection and Response (EDR)
6th
Average Rating
8.8
Reviews Sentiment
7.3
Number of Reviews
205
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Anti-Malware Tools (3rd)
N-able EDR
Ranking in Endpoint Detection and Response (EDR)
49th
Average Rating
7.6
Reviews Sentiment
7.1
Number of Reviews
4
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of March 2026, in the Endpoint Detection and Response (EDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.4%, down from 4.0% compared to the previous year. The mindshare of Check Point Harmony Endpoint is 2.5%, down from 2.8% compared to the previous year. The mindshare of N-able EDR is 0.7%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR) Mindshare Distribution
ProductMindshare (%)
Check Point Harmony Endpoint2.5%
Cortex XDR by Palo Alto Networks3.4%
N-able EDR0.7%
Other93.4%
Endpoint Detection and Response (EDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
GR
Support at a security firm with 51-200 employees
Remote Access Security Reinforced with Real-Time Device Protection
Dashboard customization is needed for improvements. While the centralized management is strong, the dashboard could offer more flexibility. It would be helpful to tailor views for different roles, such as IT or security support. Regarding needed improvements, custom report building could be enhanced. Current reports are informative, and a drag-and-drop builder would allow teams to create tailored views for compliance, executive summaries, or operational metrics. For further improvements, enhancing threat simulation and testing would be valuable. Building a threat simulation tool and adding native capabilities to simulate phishing, malware, or ransomware scenarios will help teams validate protection and train users without relying on third-party tools.
NM
Senior Operations Specialist at Tagit cc
Reporting effectiveness and advanced AI capabilities improve threat awareness while needing pricing simplification and licensing self-service
With pricing, they can improve by bundling their pricing because sometimes billing comes in a very long process. If they could bundle it as one solution and show the capabilities or features, they would be able to sell it more effectively, and as resellers, we could sell it to customers more easily. The technical support is responsive, but sometimes we experience limitations regarding the ability to add licensing. They could implement a self-service platform for assigning new licenses or ordering more. Currently, we depend on contacting someone who sends a new contract to sign through the process. They could change their licensing model, though I am not the right person to comment on functionality. On the reporting side, everything is covered.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It can automatically correlate events and logs, which is very helpful for an IT administrator. It can correlate different kinds of malware activities over a network, agent, or host system. You do not need to do it manually. It is a good feature. It is also a user-friendly solution. We have deployed it on the cloud because our space does not provide any flexibility for on-premises deployment, but Palo Alto has added some flexibility to install it on-premises. It must be like the same Cortex XDR agent for all the VPN services, web filtering services, and everything else."
"It integrates well into the environment."
"The solution helps find bugs, and it is safe to use to prevent attacks by hackers."
"We can visualize and control the activities in the environment from anywhere."
"The positive impacts I see from Cortex XDR by Palo Alto Networks include a complete 360-degree view of our security posture altogether, being a uniform platform where we are ingesting logs from multiple resources."
"The best feature of Cortex XDR by Palo Alto Networks is that it collects logs from different sections such as the endpoint, the network, and the cloud, making it easy to investigate alerts, collect some of the investigation packages related to the infected machines, and provide live response."
"They did what they said. This solution could apply to any scenario."
"The solution is a new generation XDR that has a lot of artificial intelligence modules."
"Check Point detects files containing malware, which some users are trying to download or access. Additionally, it can consolidate multiple emails into one."
"It has an inbuilt AI system that helps in diffusing the virus in a proactive manner and protects the system from getting damaged at the worst level."
"It is integrated with a cloud platform that takes advantage of many emulation features in real-time filtering of malicious attacks."
"Check Point Antivirus has positively impacted our organization by protecting our systems and computers, saving time, costs, and preventing data loss."
"The most valuable feature of Check Point Harmony Endpoint is it can be used for all kinds of endpoints, including mobile phones."
"The most useful feature so far has been having a functioning and up-to-date anti-malware scanner."
"What I like best about Check Point Antivirus is that it's a strong tool for preventing malicious traffic and threats from entering the environment."
"The security is its most valuable feature."
"The most valuable features are the rollback feature, it's important for us. The AI models and are good."
"We have been using this solution for quite some time, and the AI functionality is quite advanced; we are able to provide insights on different aspects and read the reports easily."
"The most valuable feature, which I can describe as the '360 vision' of the inventory device, provides a complete view of all the devices."
"The most valuable feature, which I can describe as the '360 vision' of the inventory device, provides a complete view of all the devices."
"It provides visibility and a storyline to track the virus or malware's activities, showing infected processes and changes made."
 

Cons

"In the next release, I would like to see more UI improvements. Their UI is a bit basic. When we are speaking about Palo Alto Networks they are the big company, so they can improve the UI a little bit. The UI, the reports, the log system can all be improved."
"Cortex does not offer an on-premises solution. However, some customers would prefer not to be on the cloud. It would be ideal if it could offer something on-prem as well."
"Palo Alto Networks Cortex XDR does not detect malicious activity like in other anti-virus solutions like Trend Micro and Windows with Cisco."
"Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth."
"For Cortex XDR by Palo Alto Networks, if I had to point out improvements, I would say the UI is still somewhat difficult for beginners."
"In terms of areas of improvement, we have not completed our review of the product. We're also looking at other products. So, it's a little bit hard to tell what could be different because we have not completed the review of this product, but based on our experience so far, its implementation is quite complex."
"The solution can never really be an on-premises solution based simply on the way it is set up. It needs metadata to run and improve. Having an on-premises solution would cut it off from making improvements."
"It is a complex solution to implement."
"Legacy VPNs and digital footprints should be minimized."
"Performance and resource consumption should be reduced."
"It would be useful if you could also mark blocks as safe from a client. Now users always have to ask an admin to make exclusions."
"SandBlast Agent had moments in which it had a high load, we escalated it to the CheckPoint support that helped us to stabilize it. We had a problem with the parameterization of the solution. Once corrected by following the CheckPoint instructions, everything worked normally again."
"Customer support varies depending on the person handling the case. Some support staff are effective, while others are not as strong."
"I would like to see them implement a system that would enable us to do certain things from our mobile like applying policies, opening up and blocking ports, and restricting connection. It is because IT personnel are not always around on the premises. We can instantly do these things from our mobile. They should also consider the price so that many people will go for the solution."
"They could be focused on the analysis of USB devices."
"It needs more documentation and better ease of deployment. For documentation, it needs more information about integrating the endpoints on SandBlast Agent mobile as well as on desktop platforms."
"We have a lot of false positives we see in the dashboard. I think this is the only problem we are facing."
"I would rate the scalability as seven out of ten. The capability is useful. Concerning the license, if I add one more device without a license, it will automatically subscribe to a license. I do not appreciate that."
"With pricing, they can improve by bundling their pricing because sometimes billing comes in a very long process."
"Concerning the license, if I add one more device without a license, it will automatically subscribe to a license. I do not appreciate that."
"I would like to see them add support for both Android and iOS smartphones."
 

Pricing and Cost Advice

"It's way too expensive, but security is expensive. You pay for your licensing, and then you pay for someone to monitor the stuff."
"The solution is expensive. It's pricing is on a yearly-basis."
"When we first bought it, it was a bit expensive, but it was worth it. The licensing was straightforward."
"It has a higher cost than other solutions, like CrowdStrike or Microsoft’s EDR tools, but it reduces the cost of our operations because it’s a new generation antivirus tool."
"The pricing seems fair, and I do like the licensing model. You use wherever they are, and it is elastic."
"It's the most expensive solution, but features-wise, it's quite strong. It's very good for protection, so the results are very good in the case of protection. I would rate it a two out of ten in terms of pricing."
"It's about $55 per license on a yearly basis."
"The cost of Cortex XDR by Palo Alto Networks is $55 to $90 USD per endpoint per month."
"There are three different licensing models including basic, advanced, and complete, and it needs to be selected according to the endpoint."
"I rate Check Point Harmony Endpoint's pricing a seven out of ten because it is a little high."
"The tool’s cost has increased by almost 300% in two years."
"Initial monies replacing all AVs with a single product is about £10k."
"Price-wise, the product is affordable. There are no additional costs apart from the licensing charges that are attached to the product."
"The solution is reasonable, but there are cheaper solutions out there."
"In addition to the standard licensing fees, there is a cost for support."
"Licensing comes free in that first year or is included in the base package. From a commercial point of view, it really just is the renewal cost, rather than a one-time fixed cost or buy-in."
"The pricing is average."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
884,873 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
9%
Manufacturing Company
9%
Financial Services Firm
9%
Comms Service Provider
7%
Computer Software Company
10%
Manufacturing Company
9%
Outsourcing Company
8%
Comms Service Provider
6%
Manufacturing Company
18%
Comms Service Provider
14%
Transportation Company
12%
Healthcare Company
10%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business44
Midsize Enterprise20
Large Enterprise47
By reviewers
Company SizeCount
Small Business133
Midsize Enterprise70
Large Enterprise75
No data available
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What do you like most about Check Point Harmony Endpoint?
The platform's most valuable features are the ability to build API, which meets our business requirements, and the VP...
What is your experience regarding pricing and costs for Check Point Harmony Endpoint?
My experience with pricing indicates that the costs have increased compared to last year. Previously, Check Point Har...
What needs improvement with Check Point Harmony Endpoint?
Check Point Harmony Endpoint works well overall, but one area I would like to see improved is the reporting and dashb...
What needs improvement with N-able EDR?
With pricing, they can improve by bundling their pricing because sometimes billing comes in a very long process. If t...
What is your primary use case for N-able EDR?
We are using N-able EDR, but I think Sophos makes sense because of the environment we operate in. The localization an...
What advice do you have for others considering N-able EDR?
I am more focused on operations and procurement. The decision to use this solution was made before I joined the compa...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Check Point Endpoint Security, Endpoint Security, Check Point SandBlast Agent, Check Point Antivirus
No data available
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Boston Properties, Independence Care System, Melbourne Convention and Exhibition Centre (MCEC), Courtagen Life Sciences, Carmel Partners
Information Not Available
Find out what your peers are saying about Check Point Harmony Endpoint vs. N-able EDR and other solutions. Updated: March 2026.
884,873 professionals have used our research since 2012.