What is our primary use case?
We are working in a SOC environment as an
MSSP SOC. Our client has Check Point products, such as next-generation firewall and
Check Point Harmony Endpoint. We monitor these products as users.
For Check Point CloudGuard network security that we currently have, we are focused only on the next-generation firewall and the Endpoint Harmony detection products.
From the end-user or monitoring perspective regarding Check Point Harmony Browse, as a SOC analyst, I have not faced any issues regarding the configuration part.
Regarding Check Point Harmony Browse, our customer has been using it for a long period, so we have not seen anything that needs improvement, though the user interface could be better.
Particularly from the browsing perspective, when suspicious behavior or file exfiltration occurs for web files or any type of outbound communication based on the policies regarding Check Point Harmony Browse, it is helpful in limiting sensitive information going to global clouds.
As a next-generation environment used by AI, regarding Check Point Harmony Browse, we know they were dependent on behavioral patterns, but now with the AI feature, it is becoming more accurate in detecting suspicious behavior of files and collecting details from the AI platform.
In the implementation and operation perspective, Check Point Harmony Browse is helpful in detecting file modifications or the execution of unnecessary commands. These details have helped us contact the end-user and discuss whether these activities are valid. This has greatly helped us monitor from an internal SOC perspective.
What is most valuable?
AI integration makes Check Point Harmony Browse more accurate in detecting suspicious behavior and incidents. Its ability to detect file modifications or unwarranted execution commands has greatly enhanced our monitoring capabilities. From a browsing perspective, it is useful in controlling sensitive information exfiltration to clouds.
It enhances operation when integrated with other Check Point products such as firewalls or WAF, creating a robust ecosystem. It provides accuracy in detection and smoothness in operations, aiding in better SOC monitoring.
AI's role in providing helpful information is commendable, but there is a need for improvement in validation and confirmation processes, including understanding the reference links for AI inputs.
What needs improvement?
There is always scope for improvement for Check Point Harmony Browse, particularly in the user interface and adding the IOC checklist or feature modifications. The user interface can be better, and selecting the action for monitored or watch-listed IOCs can be more refined. Implementing features that quarantine suspicious entities rather than just adding them to an alert list would be beneficial.
On the validation aspect, it would be beneficial to access information about which reference links AI uses to validate. This ensures trusted and verified validations.
For how long have I used the solution?
We have been working with Check Point Harmony Browse for approximately a year and a half.
What was my experience with deployment of the solution?
I did not perform the installation part for Check Point Harmony Browse. I work on the monitoring aspect, reviewing the logs that Check Point
Harmony collects from the device aspect.
What do I think about the scalability of the solution?
We have almost 400 endpoints or more for the deployment of Check Point Harmony Browse. It is scalable as we monitor and manage endpoints and overall users across the system.
How are customer service and support?
Check Point's technical support is very impressive. The phone and email support provide efficient results with direct reachability to support engineers, rating a 10 out of 10.
How would you rate customer service and support?
How was the initial setup?
The setup for Check Point Harmony Browse does not take much time: within one to two hours, depending on the number of endpoints that need policy applications.
What about the implementation team?
Only one system administrator is needed for the deployment of Check Point Harmony Browse.
What other advice do I have?
Regarding Check Point Harmony Browse, even though currently the product is one of the best, more improvements can be made. For its rating and assessment, it is considered highly efficient and recommendable.
Even though AI integration is helpful, manual intervention is necessary for a cybersecurity perspective. More improvement is needed in validating AI references and sources of information.
I rate Check Point Harmony Browse 8.5 out of 10.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other