Check Point Harmony Connect OverviewUNIXBusinessApplication

Check Point Harmony Connect is the #5 ranked solution in top Secure Access Service Edge (SASE) tools. PeerSpot users give Check Point Harmony Connect an average rating of 8.4 out of 10. Check Point Harmony Connect is most commonly compared to Prisma Access by Palo Alto Networks: Check Point Harmony Connect vs Prisma Access by Palo Alto Networks. Check Point Harmony Connect is popular among the small business segment, accounting for 51% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a security firm, accounting for 33% of all views.
Check Point Harmony Connect Buyer's Guide

Download the Check Point Harmony Connect Buyer's Guide including reviews and more. Updated: May 2023

What is Check Point Harmony Connect?

With the shift to hybrid work, and applications residing everywhere, shouldn’t your security be everywhere, too?

Check Point Harmony Connect, the only prevention-focused Secure Access Service Edge (SASE) solution, is redefining SASE by making it easy to access corporate applications, SaaS and the internet for any user or branch, from any device, without compromising on security.

Built to prevent the most evasive cyber attacks, Harmony Connect is a 100% cloud service that unifies multiple network security products, deploys within minutes and applies Zero Trust access policies with a breezy user experience for all.


Harmony Connect Remote Access – ZTNA https://youtu.be/z95DOtkSR5c

Harmony Connect Internet Access – cloud SWG and FWaaS https://youtu.be/MZMP440U6FM

Check Point Harmony Connect Video

Check Point Harmony Connect Pricing Advice

What users are saying about Check Point Harmony Connect pricing:
"The pricing is good, especially when you compare it to other firewall or UTM solutions from FortiGate or SonicWall, where you would have to invest about four hundred thousand rupees for 100 users over a three-year period."

Check Point Harmony Connect Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Information Security Team Lead at Oregon State Treasury
Real User
Top 20
Does not have the ability to send/merge Harmony logs, technical support isn't helpful, and there are issues with reliability
Pros and Cons
  • "HTTPS decryption is a valuable service and not always found in cloud-based secure web gateways."
  • "Harmony lacks this ability when anything more than a vanilla access policy is used (we use layers and source user objects in our policy which make this impossible according to Check Point)."

What is our primary use case?

Our primary use case is as a Security Web Gateway for off-premises users. 

We use Check Point for application control, IPS, and web filter on-premises and wanted an in-kind solution for off-prem users. The primary requirement was for the Harmony policy to be able to be managed from the same SmartConsole instance as our on-premises gateways are managed. 

We wanted to be able to have one single policy, managed in one place, and for our users to have the same browsing experience whether off-prem or on-prem. It was also a primary requirement to be able to have the logs generated from Harmony merged into the same locations (SmartConsole and our SIEM) as our on-prem gateway logs go.

How has it helped my organization?

It has not improved our organization due to being unable to fully implement in the manner it was sold to us as being able to. 

After attempting to use the same policy for Harmony that we use for on-prem users (managed by on-prem smartConsole), and after much time going through Check Point account reps and support, we were informed it is not possible to manage Harmony Connect policy from SmartConsole if layers or source objects (such as AD users, machines) were used. 

We then were told by Check Point it would be possible to manage both policies from the same platform if we used the Management-as-a-Service Smart1Cloud smartconsole, but after further investigation, we were then later told by Check Point account executives and support that we are unable to manage Harmony policies from Smart1 Cloud, even though they are both housed in the Check Point Infinity Portal. 

It is also not even possible to send our Harmony Connect logs to the Smart1Cloud portal, again - even though they are both within the Infinity portal.

What is most valuable?

HTTPS decryption is a valuable service and not always found in cloud-based secure web gateways. With as much traffic being HTTPS as opposed to HTTP these days it is very important to be able to run that traffic through all the security modules such as IPS and Application Control

We also found the SAML integration to be useful. It is handy to be able to access the portal from anywhere in the world, though as mentioned above we are not fully implementing the product at this time due to other issues.

What needs improvement?

We want the overall ability to manage Harmony and on-prem policies from the same platform. Harmony lacks this ability when anything more than a vanilla access policy is used (we use layers and source user objects in our policy which make this impossible according to Check Point). 

Also, we need the ability to send/merge Harmony logs into the same SmartConsole as our on-prem Gateways send logs to. Have been told this is not possible by Check Point. It makes it really difficult when you have to use two different platforms/portals to see logs

Buyer's Guide
Check Point Harmony Connect
May 2023
Learn what your peers think about Check Point Harmony Connect. Get advice and tips from experienced pros sharing their opinions. Updated: May 2023.
706,951 professionals have used our research since 2012.

For how long have I used the solution?

I've used the solution for about six months.

What do I think about the stability of the solution?

I have not had any issues with stability, although we have not fully used the solution in the manner intended.

What do I think about the scalability of the solution?

I have not had any issues with cloud-based resources, so I assume it would be easily scalable.

How are customer service and support?

We have had many issues with customer support on this product. 

One example: I created a support ticket for a simple issue on the product not being able to be installed on our client machines. 

It took over a month to resolve with my team having to repeatedly follow up with support in order to get a result. My team eventually had to dig into the issue at a great depth ourselves and discovered the problem - it was that Check Point developers did not properly sign multiple scripts associated with installation, which would not allow it to install in our secure environment. 

My team had to unpack the installer and dig around to examine the files and find the mistake in signing. The issue was then finally solved by Check Point developers in Tel Aviv.

How would you rate customer service and support?

Negative

Which solution did I use previously and why did I switch?

We previously used Check Point Cloud Capsule, which is a similar product. However, we were never happy with its performance and its Application Control objects were very out of date. Support was always hard to get on it from Check Point as well. It was also unable to be used alongside our VPN solution (Microsoft Always-On VPN).

How was the initial setup?

The initial portal setup was straightforward in that the portal is automatically provisioned. 

Getting users integrated through SAML was not straightforward in that the instructions from Check Point on linking it with Azure AD were not accurate. The pre-built Enterprise Application object within Azure AD that is provided for Harmony did not work either. We had to adjust several of the settings to make it work (which were not covered by any support article).

What about the implementation team?

We handled the implementation in-house.

What was our ROI?

We have seen a negative return on investment

What's my experience with pricing, setup cost, and licensing?

Pricing and licensing seemed acceptable; we have no complaints there. 

Which other solutions did I evaluate?

We also evaluated solutions from Cisco and Palo Alto.

What other advice do I have?

Users should just make sure the solution will actually do what is expected, regardless of what the company says it can do.

Which deployment model are you using for this solution?

Hybrid Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Yunus Yavuz - PeerSpot reviewer
Yunus YavuzProduct Manager at Neteks
User

How many devices does our customer have on average? They should use Harmony.

Srini Krish - PeerSpot reviewer
Business Development Sales Engineer at Orca Tech
User
Top 10
Simple, easy to manage policies, and offers good reports
Pros and Cons
  • "The reports give a simple overview of the traffic pattern within the organization."
  • "Branding could be better."

What is our primary use case?

The solution is predominantly used for Internet access when mobile. In the office, we have already deployed a Quantum Spark appliance, and this was focused on mobile users. 

We don't have on-premise applications or servers, so there is no use case for Remote access. However, we were keen to try it out from an evaluation perspective by bridging to the existing Check Point gateway at the site. 

Simplicity was needed, and importantly, we wanted something to not be too intrusive to mobile users. The interface has a few simple options, and it makes it easier.

How has it helped my organization?

We believe in defense in depth, and Harmony connect SASE adds another layer of protection for internet access. 

We have already deployed the entire Harmony suite, from Email & Collab protection to Harmony Endpoint. This adds a layer on top. Being a mobile user, securing Internet access was very important, and the product's pricing was simple enough and unlike other multiple add-ons on top of the base products from other vendors.

The reports give a simple overview of the traffic pattern within the organization. Though we don't use it to track user productivity, we can if necessary. There are reports specific to SaaS applications as well, which do come in handy.

What is most valuable?

The simplicity is good. It's good for consolidating security and being manageable from the Infinity portal with other Harmony solutions and makes management easy. We can use this instead of managing multiple-point solutions. It has a unified policy for private and internet access, making it easier to manage policies. 

The weekly reports have been informative as well. We are also keen on trying clientless access to provide restricted access to applications for third-party users.

Deployment was a breeze. We just key in the target users' email, and the rest is easy.

What needs improvement?

Branding could be better. Not many Check Point users realize there is a SASE offering at all. Policies could have layers as they do with their Firewalls, though I understand that's more of a functionality within the Smart dashboard. The threat prevention profiles like IPS, file, and URL protections could have more fine-tuning options.

Though all the policies are managed from the Infinity portal, we still have to manually configure different solutions. It would be nice to know how the new XDR option will bridge this gap.

Also, for Multi-factor authentication, there was an option for G-auth. However, I'm not sure about other forms of authentication they offer in their gateways. Bringing the backend closer to the gateway management would make it more granular.

For how long have I used the solution?

I've been using Harmony Connect for more than three months now. 

What do I think about the stability of the solution?

We haven't had any glitches or issues with it at all. It's very transparent to the user.

What do I think about the scalability of the solution?

It's very scalable and easy to deploy. It's scalable with users and it's scalable with the existing CP gateway deployments as well. There isn't much information on how it integrates with other end-point solutions. We had a full Check Point environment and it was clean.

How are customer service and support?

We haven't run into any issues so far. We did need some assistance during the initial policy configuration, and the Check Point solutions team was there to assist.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We did not use any other SASE offering before. 

How was the initial setup?

It's a simple setup; we just key in the end user's email address and it sends an invite to download the client. 

What about the implementation team?

We implemented it in-house with the assistance of Check Point's solutions team.

What was our ROI?

The ROI is better than using a traditional VPN to connect back to the office gateway. We needed something that was light and transparent without the hassle of having to connect manually. We aren't planning to remove the gateway yet, however, in the long run, we will consider it, and that should negate the gateway costs.

What's my experience with pricing, setup cost, and licensing?

Setup is a breeze. You key in the target user's email, and the rest is a click away. Pricing is competitive compared to the top players in the SASE market. 

Also, there is no concept of add-ons which makes it easier. 

Licensing with a minimum of 50 users could be a show-stopper for smaller organizations. However, a small company has probably got to do it with the infra in the backend to make it worthwhile.

Which other solutions did I evaluate?

Since we were keen on consolidating, we did not focus on multiple options.

What other advice do I have?

The product seems to be transparent to the users. It lacks application segmentation options which some competitors offer.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: We are Checkpoint Distributor as well but the comments are based on my experience with the product.
Flag as inappropriate
PeerSpot user
Buyer's Guide
Check Point Harmony Connect
May 2023
Learn what your peers think about Check Point Harmony Connect. Get advice and tips from experienced pros sharing their opinions. Updated: May 2023.
706,951 professionals have used our research since 2012.
Bala_Krishna - PeerSpot reviewer
Director at a tech vendor with 11-50 employees
Real User
Top 5
Easy-to-deploy VPN connectivity for the enterprise, and ideal for remote workforces
Pros and Cons
  • "What I like about Harmony Connect is that every packet through the network is screened and filtered so that only clean packets can enter the PC. This is useful for a variety of security reasons because you no longer need to worry about things like DDoS attacks."
  • "The main problem with Harmony Connect is that, because it's in a new category of offerings by Check Point, there's very little marketing of the product so far, and this means that many potential users don't even know this kind of solution is available. There are also few testimonials or case studies talking about people who have used the product and fell in love with it, for example."

What is our primary use case?

I have experience with Check Point Harmony Connect and Harmony Endpoint, mainly in an enterprise setting for the cloud-based access control and firewall functionality. It is a good, easy-to-deploy solution that is ideal when it comes to managing access to enterprise resources for those working in a home office type of scenario.

What is most valuable?

What I like about Harmony Connect is that every packet through the network is screened and filtered so that only clean packets can enter the PC. This is useful for a variety of security reasons because you no longer need to worry about things like DDoS attacks, etc.

Nowadays a lot of people are working from a home office, and Harmony Connect is an ideal solution when it comes to remote working. Let's say there is an organization of around 100-200 people — if they are working from home, they will have a strong need for enhanced firewall and UTM functionality. In this case, the organization can simply deploy Harmony Connect and the employees will have access to secure VPN connectivity.

Another point to mention is that Harmony Connect's real advantage over other solutions is that their support is excellent and they have really awesome technical staff.

What needs improvement?

The main problem with Harmony Connect is that, because it's in a new category of offerings by Check Point, there's very little marketing of the product so far, and this means that many potential users don't even know this kind of solution is available. There are also few testimonials or case studies talking about people who have used the product and fell in love with it, for example.

The second area in which they could improve is the performance of their management portal. For the end user of Harmony Connect, the performance is great and lightweight, but there is often some slowness when using the management portal as an administrator.

For how long have I used the solution?

I have six months of experience with Harmony Connect.

What do I think about the stability of the solution?

Harmony Connect is very stable and its performance is good in the production environment. One of my customers has been using it for six months so far and no issues have been found.

What do I think about the scalability of the solution?

It's a cloud offering so it scales nicely. I don't know about managing Harmony Connect beyond 1,000 users, but I'm not finding any difficulty with scaling because you just need to push the agent to the end user. I believe Check Point are using a major cloud provider such as Amazon, and I don't think scalability is an issue at all for them.

How are customer service and support?

The real advantage of Harmony Connect is their support team. They are excellent, and their technical guys are really awesome. If there is any issue, you simply call them, and most of the time the issue will be resolved on the first call.

They are not very aggressive in their promotion of Harmony Connect, so you would expect that the support might be lacking but this is not the case. And when it comes to new feature requests, they are open to listening. If you can convince them to bring out a new feature, they will keep you updated and perhaps even connect you with their R&D team, no matter how small you might feel to them. Check Point's support team is truly one of the best.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

Earlier, we used to deal with Symantec, but lately Symantec has not been operating well in India. It is very difficult to even get quotations for the pricing, so we don't deal with them much nowadays.

How was the initial setup?

You hardly have to click more than three times and your Harmony Connect will be configured.

What about the implementation team?

The implementation for about 1,000 users is not particularly difficult. It will need a system administrator for the data, managing the security features, and maintenance, but typically two or three staff members are more than enough to handle it.

What's my experience with pricing, setup cost, and licensing?

The pricing is good, especially when you compare it to other firewall or UTM solutions from FortiGate or SonicWall, where you would have to invest about four hundred thousand rupees for 100 users over a three-year period. On top of that, for those solutions you would also need to pay for the expertise to manage the solution, including 24/7 monitoring and so on.

Which other solutions did I evaluate?

We have considered another solution called Prisma Access from Palo Alto Networks, and it may turn out that we will need that solution instead of Harmony Connect to fulfill our future ambitions, but I don't have any personal experience with it yet.

What other advice do I have?

I would rate Harmony Connect a nine out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
PeerSpot user
Network & Information Security Expert at Malam-Team
User
Offer excellent anti-malware, URL filtering, and anti-ransomware features
Pros and Cons
  • "It's improved the security of every single OS in the organization as well as the visibility and security capabilities."
  • "More report and alert options would be useful."

What is our primary use case?

We use the EDR solution for servers and endpoints for a lot of customers. The use case is for offering protection at the OS level. 

We wanted a better solution than legacy antivirus to secure each OS in the organization. Harmony Endpoint gives us a complete security package with a lot of security features that regularly require a lot of separate security products and a lot of overhead management. 

The environments include on-premise servers - mostly Windows - as well as laptops and desktops with Windows and Mac OS. We also have some cloud services in Azure and AWS.

How has it helped my organization?

It's improved the security of every single OS in the organization as well as the visibility and security capabilities. With Harmony Endpoint, we give each computer advanced anti-malware protection and internet browsing protection (like proxy protection), and advanced phishing protection inside websites. 

It takes care of the concern about ransomware. Today, it's more important to secure each endpoint in the organization at the OS level rather than the organization network level as users are connecting from everywhere. This is why Harmony is so important to us.

What is most valuable?

The solution offers very good features including anti-malware, URL filtering, and anti-ransomware. The product offers a complete solution in one package and it's on every single OS. 

The most valuable part of this product is the complete security package in one single endpoint that includes the legacy anti-virus protection, advanced anti-malware protection, browsing protection, and even firewall capabilities at the OS level. 

In a lot of cases, when we want to give all these security features to every endpoint, we need to implement a lot of separate security products.

What needs improvement?

More report and alert options would be useful. The reports are not good enough and alerts are not usable. 

We need more user-friendly alerts and more options for the alerts. The reports are not capable of giving important information from some parts of the system - like inventory details, etc. 

Also, the logs in the product are not very usable. If you have any blocking of a legitimate app or some problem you will have a hard time finding a log about it and most of the time you will not find any information. 

The product doesn't have an automatic shutdown switch. You must uninstall it in order to shut it down.

For how long have I used the solution?

I've used the solution for about one year.

What do I think about the stability of the solution?

It's very stable. However, they need to resolve some bugs and feature requests.

What do I think about the scalability of the solution?

It's a cloud solution. We are using the cloud-managed solution which makes it very scalable.

How are customer service and support?

The solution offers the best customer service and support in the market.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I used Symantec and we wanted to move forward to an EDR solution that gives a more complete security solution for today's needs.

How was the initial setup?

The initial setup is very straightforward.

What about the implementation team?

We implemented it in-house. We learned how to do it by ourselves.

What's my experience with pricing, setup cost, and licensing?

There are only two types of licenses. If you don't need sandbox features, you can take the basic license and it includes everything.

Which other solutions did I evaluate?

We tried Sentinal ONE, CrowdStrike, Microsoft, Trend Micro, and McAfee.

What other advice do I have?

It's the perfect solution for endpoint protection and has a lot of features included.

Which deployment model are you using for this solution?

On-premises

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Karol Méndez - PeerSpot reviewer
Administrador de Office 365 y Azure at ITQS
User
Top 20
Easy to implement with good visibility and helpful audit reports
Pros and Cons
  • "The characteristics that I have liked the most are the ease of implementation and administration."
  • "Sometimes downloading PDF files can be slow."

What is our primary use case?

We are a company of around 30-50 people who have been working from home since the pandemic began. Our environment is completely cloud-based and all our computers are managed by our organization. 

We needed a solution that would help us protect users and the information that is handled in our company. This solution had to comply with characteristics such as the protection of network connections, prevention of threats such as malware and phishing, data protection, and, above all, it had to be easy to implement and manage. This is why we implemented Check Point Harmony Connect.

How has it helped my organization?

Check Point Harmony Connect helped us create a more secure environment in our organization, since our users can be safer when browsing and not being attacked by malicious actors who try to affect them with phishing or malware. On the other hand, administrators have more visibility of the sites to which users navigate and be able to control them, they can also access audit reports that allow them to make better decisions on security rules that must be applied. The protection of data in our company is the most important.

What is most valuable?

The characteristics that I have liked the most are the ease of implementation and administration. It is a cloud-based service it can be configured easily and very quickly and the administration center is very friendly for administrator users who do not know or have used the product. 

In addition, it is a cloud-based service that helps prevent cyber attacks by ensuring internet access for our users who work remotely, facilitating access control. 

Another valuable feature is that company information is kept protected by internet access control, applications to be managed, and URL filtering protection.

What needs improvement?

Sometimes downloading PDF files can be slow. It may take a while to scan the downloaded files. On some computers, the Check Point Harmony Connect agent can be a bit heavy to run in terms of CPU and Memory resources. 

Transparency to end-users could be improved. 

More compatible applications can be included. 

The support provided could be improved for when problems arise that require support from the Check Point team. Check Point is an expensive product so support should be more adequate. 

Some EDR features may still be under development and may need more time to be ready for use on a larger scale.

For how long have I used the solution?

I've used the solution for one year.

What do I think about the stability of the solution?

Stability is 90% good. File scanning and web console stability could be improved.

What do I think about the scalability of the solution?

The scalability is good.

How are customer service and support?

Support is good, however, in some cases, they could improve the response time.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

I have not used any other option before.

How was the initial setup?

The initial configuration was very easy to perform; the installation on the endpoints was very simple for the users.

What about the implementation team?

The initial setup was handled by an internal team with supervision or support from the provider.

What was our ROI?

There have been savings related to the number of hours of implementation and administration.

What's my experience with pricing, setup cost, and licensing?

I recommend that you evaluate using Check Point Harmony Connect, since, although its price may be a little more expensive, it is a solution that adds advanced security to the organization.

Which other solutions did I evaluate?

I only evaluated Microsoft and evaluated if Fortinet had any product that met the requirements.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Information Security Analyst at SCANSEC
User
Top 20
Allow control of internet access and file downloads while offering good security
Pros and Cons
  • "Now that we use Harmony Connect, the files are inspected and we are sure that no malicious content is inside the company."
  • "The access to the portal should be faster. It shouldn't crash a lot."

What is our primary use case?

Even with our old anti-virus solution, users were able to download files and receive it through e-mail with no inspection or emulation. Also, they were able to use external pen drives or external HDs with no control of the data that was being transferred and where it was going to.

The internet navigation had no filter and even the traffic to porn websites or malicious websites was passing normally with no inspection.

If one of the machines were stolen or lost we did not have something to block access to the data inside the disk, sensitive information could have been lost.

How has it helped my organization?

Now that we use Harmony Connect, the files are inspected and we are sure that no malicious content is inside the company. Before installing Harmony Connect all the downloads were made by anyone with no check on that information.

Anyone could download something malicious and as we use shared folders with sensitive information one infected machine could go to any other server or user machine and cause a big data loss or machine infection.

Now, it very easily allows users on home office safe access. If they had any type of issue with the machine, the disk is already encrypted.

What is most valuable?

Emulation of files, control of USB connections, and full disk encryption are great features. Due to the coronavirus pandemic, we were not confident in having everybody working from home with an unsecured system where the user could, for example, copy all data from the computer to an external HD or Pendrive. if they did, we would not even know that it happened.

Now, after using the Harmony Connect Endpoint, we have full control of the actions that the user does with the company data and we can also monitor/block their access to the internet.

What needs improvement?

We have noticed that sometimes even performing just a few changes in the portal, the installation takes a long time to finish.

The access to the portal should be faster. It shouldn't crash a lot. We have a lot of crashes right now. 

We noticed that, for some days of the month, the portal would be down and not accessible depending on the time that we tested. Sometimes we performed some changes after work or at dawn to minimize the impact that it could cause to the users. However, sometimes the portal is not online as we expect it to be or we need to reload the page a few times before it works.

I would give it a score of eight out of ten due to the portal being slow.

For how long have I used the solution?

I've been using the product for about six months.

What do I think about the stability of the solution?

The stability is not that good; sometimes the portal fails.

What do I think about the scalability of the solution?

In terms of scalability, it's easy to increase the users/licenses in the environment.

How are customer service and support?

Check Point support takes a long time to resolve issues.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

We previously used the Kaspersky antivirus.

How was the initial setup?

The initial setup was not straightforward. 

What about the implementation team?

We had a vendor assist with the implementation and we had a very good experience.

What was our ROI?

We have seen an ROI.

What's my experience with pricing, setup cost, and licensing?

Usually, other products are cheaper than Check Point.

Which other solutions did I evaluate?

We evaluated all other antivirus/endpoint sollutions.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Senior Security Architect at Enagas SA
User
Great anti-phishing, anti-bot, and URL filtering features
Pros and Cons
  • "The solution has many valuable aspects, including anti-Phishing, which blocks phishing attacks in all applications (email, messaging, and social networks)."
  • "The product needs to work on the integration of alerts with different SIEM or security solutions."

What is our primary use case?

The development of mobile devices and wireless technologies in recent years has revolutionized the way people work and communicate. The growing use of these technologies makes mobile devices one of the main targets of cyber threats. 

The proliferation of mobile devices in recent years, together with the increase in their capabilities, features, and possibilities of use, makes it necessary to evaluate in-depth the security offered by this type of device. On top of that, the mechanisms for protecting the information they manage, within the Information and communications technology environments are key.

How has it helped my organization?

Harmony Mobile has enabled us to provide the necessary information for the evaluation and analysis of the risks, threats, and security vulnerabilities to which mobile devices are currently exposed, as well as the technology used to address these risks.

In addition, the document presents a list of general security recommendations aimed at protecting mobile devices, their communications and the information and data they manage and store.

We are using malicious application detection to identify known and unknown threats through threat emulation, advanced static code analysis, application reputation, and machine learning. The solution captures apps as they are downloaded to devices and runs them in a cloud-based virtual environment to analyze how safe they are.

What is most valuable?

The solution has many valuable aspects, including:

Anti-Phishing, which blocks phishing attacks in all applications (email, messaging, and social networks).

Safe Browsing, which blocks access to malicious sites in all browsers based on dynamic security intelligence provided by Check Point ThreatCloudTM, the world's largest threat database.

Conditional Access, which blocks infected devices from accessing corporate applications and data, regardless of UEM solutions.

Anti-Bot, which detects bot-infected devices and automatically blocks their communication with command and control (C&C) servers.

URL filtering, which prevents access to websites deemed inappropriate by an organization's corporate policies. It allows companies to blacklist and whitelist websites at a granular level of detail, and to enforce policies on mobile devices across all browser applications as well as non-browser-specific applications.

Wi-Fi network security, which detects malicious network behavior and man-in-the-middle attacks and automatically disables connections to malicious networks.

What needs improvement?

The product needs to work on the integration of alerts with different SIEM or security solutions. Harmony provides visibility of device security, yet, precisely due to the growth of attacks and threats on these technologies, it is important to integrate the information it generates with the rest of the intelligence handled by cybersecurity areas.

In the same vein, it would be important to have detailed information on the type of threats and new intelligence that the platform is providing, so that it is easy to alert users when it provides value.

For how long have I used the solution?

I've used the solution for one year.

How are customer service and support?

The solution offers excellent support service.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We did not use a different solution. Instead, we were just using an MDM solution but although we can make configurations oriented to protect the devices, it is far from being a complete solution like Harmony. 

How was the initial setup?

The initial setup is easy.

What about the implementation team?

We handled the implementation in-house.

What's my experience with pricing, setup cost, and licensing?

I'd advise a potential new user to talk with their account manager.

Which other solutions did I evaluate?

We also evaluated McAfee and Cortex, but Harmony fixes better with my company requisites in order to run in background for end user.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Harold Suárez, MGP, PMP® - PeerSpot reviewer
Project Management and Deployment Team Leader at Sefisa
MSP
Top 5
User-friendly, easy to implement, and offers excellent integration capabilities
Pros and Cons
  • "I find it very easy to implement and deploy in the organization."
  • "Zero Trust Network Access can be a security breach if not used correctly."

What is our primary use case?

We needed to connect the branches with the users, and, in turn, we needed to connect the users with the applications of the organization. However, we needed to secure this connection since the users were at home. The branches had Citrix SD-WAN and therefore we needed a solution that would integrate with the current solution that connected the branches to the central site.

The client's requirements were that the solution could:

  • Be designed to prevent the most evasive cyberattacks
  • Have Zero-Trust network access to enterprise applications
  • Secure Internet access for remote users
  • Protect branch office (SD-WAN) connections to the Internet and the cloud

How has it helped my organization?

I have worked with Check Point Harmony Connect, which is a Secure Access Service Edge (SASE) solution, which unifies multiple cloud-delivered network security products to prevent sophisticated cyberattacks and simplify policy management.

I find it very easy to implement and deploy in the organization. One point to note is that it is a very user-centric solution.

The integration that this solution has with the different routers or perimeter equipment is exceptional. We were able to implement the solution on the same hardware as the SD-WAN equipment in each branch and central site.

What is most valuable?

One point to keep in mind is that it is a user-centric solution. 

Additionally, the solution has an integration with Citrix SD-WAN that allows a remote implementation in each of the branches. 

Mainly, Zero Trust Network Access is one of the most important features of this Check Point Harmony Connect solution. It's of the Secure Access Service Edge (SASE) type since it gives us secure access to the organization as if we were physically in the organization. 

I find it very easy to implement and deploy in the organization.

What needs improvement?

A ZTNA architecture is designed to reduce cybersecurity risk by eliminating implicit trust within an organization's IT infrastructure.

Zero Trust Network Access can be a security breach if not used correctly. I have implemented it and it turns out that access to the organization's applications must be complemented with user awareness.

It is important to note that the Zero Trust Network Access feature is an important feature for the solution, however, at the same time, the organization's applications can be accessed if user access is available. A double authentication factor could solve this gap.

For how long have I used the solution?

I've been using the solution for almost two years.

What do I think about the stability of the solution?

Check Point Harmony Connect is quite stable in the implementation I did together with Citrix SD-WAN.

Citrix SD-WAN appliances are SDN/NFV-ready platforms designed to host virtualized network functions (VNFs).

Hosting a Check Point virtual machine (VM) on Citrix SD-WAN branch appliances provides customers with granular control of their security and data.

Together, the integrated SD-WAN and advanced Threat Prevention platform provide secure and optimized WAN connectivity over Internet links and WAN connections. By dramatically simplifying deployments and reducing costs, Check Point and Citrix SD-WAN provide enterprises with an affordable and secure remote branch office security solution.

What do I think about the scalability of the solution?

I find it very easy to implement and deploy in the organization.

Which solution did I use previously and why did I switch?

I did not previously use a different solution.

What's my experience with pricing, setup cost, and licensing?

This is a SaaS. For this reason, the cost, pricing, and licensing depend according to your necessity.

Which other solutions did I evaluate?

I also looked into Forcepoint SASE.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user