IT Central Station is now PeerSpot: Here's why
José Javier Dominguez Reina - PeerSpot reviewer
Project Manager at Junta de Andalucia
Real User
Top 5Leaderboard
Enables us to centralize all the security software used in a console and avoid ransomware
Pros and Cons
  • "The graphical interface is very easy to use and intuitive, which greatly facilitates the work and greatly facilitates the work and the location of threats on the users' computers."
  • "SandBlast Agent had moments in which it had a high load, we escalated it to the CheckPoint support that helped us to stabilize it. We had a problem with the parameterization of the solution. Once corrected by following the CheckPoint instructions, everything worked normally again."

What is our primary use case?

We were looking for a solution as complete as possible to replace the existing antivirus and, if possible, integrate it with other products that we have, such as the CheckPoint firewall. We decided to use the Check Point SandBlast agent to prevent ransomware on users' computers. We subsequently expanded the scope of the solution to detect malicious activity on our network. It is a very complete product but you have to know how to parameterize it well to avoid high CPU consumption. It is also missed that it does not have a client for Linux.

How has it helped my organization?

Check Point SandBlast Agent allows us to centralize all the security software used in a console and avoid, mainly, ransomware in the company.Many of our users have laptops to carry out teleworking, with this tool we can secure their web browsing, and in the event of suffering some type of attack, the computer is notified by SandBlast Agent and provides information about it and the security actions carried out. It even allows you to restore files modified during the attack. You also have the option of performing a forensic analysis of the infected computer by providing a lot of information.

What is most valuable?

What we liked the most about the product, apart from detecting any attempted attack, is the graphical interface.The graphical interface is very easy to use and intuitive, which greatly facilitates the work and greatly facilitates the work and the location of threats on the users' computers.We also highly value the anti-ransomware functionality, which creates a copy of the files on the computers and in case of infection by ransomware is able to restore them to a date when the computer was not infected.

What needs improvement?

It is a very complete product but you have to know how to parameterize it well to avoid high CPU consumption.SandBlast Agent had moments in which it had a high load, we escalated it to the CheckPoint support that helped us to stabilize it. We had a problem with the parameterization of the solution. Once corrected by following the CheckPoint instructions, everything worked normally again.It is also missed that it does not have a Linux client since some administrators use this type of operating system.
Buyer's Guide
Check Point Harmony Endpoint
June 2022
Learn what your peers think about Check Point Harmony Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: June 2022.
606,596 professionals have used our research since 2012.

For how long have I used the solution?

I have been using SandBlast for over 1 year now.

What do I think about the stability of the solution?

It is a very mature product that provides great stability in service.

What do I think about the scalability of the solution?

It is a very mature product with good performance. Currently we have not needed to use its scalability.

How are customer service and support?

Our experience with customer service and support is very good, the support is totally professional and responds quickly.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

Previously, we used third-party antivirus software and switched to Check Point SandBlast Agent for its ease of integration with other Check Point products and to improve protection against ransomware.

How was the initial setup?

Initial setup is easy, policies and user groups are defined and then applied. Then we adjusted the policies until we got what we needed.

What about the implementation team?

We implemented it with an internal team and when we had doubts, we consulted the manufacturer's support with a totally satisfactory result due to their great experience.

What was our ROI?

Currently we have not quantified our ROI but we have avoided the loss of information on user computers due to viruses, ransomware, ...

What's my experience with pricing, setup cost, and licensing?

The cost of the solution is similar to other products on the market.

Which other solutions did I evaluate?

We have been evaluating other products, such as Bitdefender and Broadcom (Symantec Enterprise).

What other advice do I have?

It is a very complete product but you have to know how to parameterize it well to avoid high CPU consumption. It is also missed that it has no client for linux.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Jorge Andrés - PeerSpot reviewer
Presales Engineer at Data Warden
User
Robust and reliable with a useful Full Disk Encryption feature
Pros and Cons
  • "There's the possibility of being able to do the administration from the Check Point portal, maintaining control and visibility of the different security events at all times."
  • "They could be focused on the analysis of USB devices."

What is our primary use case?

We started using the product months before the start of the pandemic. It is a robust solution for the protection of endpoints. It contains the classic antivirus, however, it has anti-bot and disk encryption functions (FDE) as well as the integration of a sandboxing for the consultation and download of files in a safe way (whether they are downloaded from a page or from an email).

It is a very complete tool for users who need to be able to connect from home or some other public access point since it has a VPN service, in addition to different layered-in security solutions.

How has it helped my organization?

The addition of Check Point's Harmony Endpoint as the main security tool for the company's collaborators has represented a reliable source of security since updates can be executed automatically or manually, as may be required. 

There's the possibility of being able to do the administration from the Check Point portal, maintaining control and visibility of the different security events at all times. 

Admin users are able to access an adjustable dashboard that shows the most relevant information about the status of the endoints and the statistics of threats found.

What is most valuable?

Without a doubt, the best security feature is Full Disk Encryption (FDE). In cases where the endpoint is stolen or lost, you are sure that the information will not be accessible without the access password being the correct, maintaining the confidentiality of files at all times.

In addition, if someone tries to extract the physical disk and places it as a removable disk in a PC, they will not have access to the information either, since the files are still encrypted, ensuring that this method of extracting the information does not work without the decryption key. 

What needs improvement?

They could be focused on the analysis of USB devices. It has the ability to block the use of USB storage memories until it is completely scanned for any virus or threat. We need to ensure that the USB device will not be available until the scan has been completed, however, this may represent a malfunction when using other tools such as Rufus, as, by blocking access to USB drives, Harmony Endpoint will block access to these drives, thus Rufus will not be properly detecting USB drives and therefore it cannot operate properly.

For how long have I used the solution?

I've used the solution for one year and eight months.

What do I think about the stability of the solution?

I have had almost no problems with the execution of the software agent and it is very useful when I need to do research on the internet.

What do I think about the scalability of the solution?

It is fully scalable by scheduling updates from the console. When the agent is updated it will be necessary to update the PC, however.

How are customer service and support?

As a user, I have not had contact with the manufacturer's technical support.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

We did not use a different solution.

How was the initial setup?

Although it is an intuitive configuration, due to the variety of blades available, it may take some time to complete the configuration. Everything will depend on the number of blades a company needs to configure.

What about the implementation team?

We handled the implementation in-house.

What's my experience with pricing, setup cost, and licensing?

Licensing is based on sizing and based on the number of users and the desired security blades. All versions include access to the Check Point web portal for administration.

Which other solutions did I evaluate?

We did not evaluate other options.

What other advice do I have?

By acquiring this tool, companies will have a robust and reliable solution for endpoint protection.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Buyer's Guide
Check Point Harmony Endpoint
June 2022
Learn what your peers think about Check Point Harmony Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: June 2022.
606,596 professionals have used our research since 2012.
Adriamcam - PeerSpot reviewer
Cloud Engineer at ITQS
Reseller
Top 5Leaderboard
Good threat extraction, reduces malicious attacks, and offers great features
Pros and Cons
  • "Check Point Harmony Endpoint features different types of features but one of the most useful is an up-to-date and working anti-malware scanner."
  • "They should also add new functions such as threat hunting."

What is our primary use case?

The implementation of Check Point Harmony Endpoint has provided great improvements in the functioning of our organization. Therefore, we wanted to protect our courses from cyber attacks and required an end-to-end security system that could prevent/save us from cyber attacks and protect our sensitive data. 

The advantages that it presents is that you can access the systems on multiple devices, be it laptops, Mac, Windows or mobile devices and this is a great benefit. It provides reports where it brings the details of vulnerabilities.

How has it helped my organization?

Check Point Harmony Endpoint was implemented due to the fact that malware and cyber-attacks have been steadily increasing lately and we needed a tool that would prevent cyber-attacks. With Harmony Endpoint, it is possible to identify those attacks and prevent them. It has also given us the possibility to qualify all these possible attacks and thus take into account where and how they want to penetrate our network.

This implementation provided a fully functional antivirus solution that gave the company the ability to defend against almost all threats occurring inside or outside the network.

What is most valuable?

Check Point Harmony Endpoint features different types of features but one of the most useful is an up-to-date and working anti-malware scanner.

The threat extraction and threat emulation have been a great benefit to give more autonomy to users.

On the other hand, it cannot be left out that it reduces the number of malicious attacks. It has helped us to properly monitor what has been happening with our network traffic and prevent individual attacks from accessing certain sites where we want to have restrictions or limitations.

What needs improvement?

Some problems that I have had with this and other Check Point tools in the cloud is when entering the portal since it stops responding or takes a long time to process a query and this causes delays and efficiency.

They should also add new functions such as threat hunting. 

Finally, it should be able to implement with and have a good integration and interaction with Azure in the management of vulnerabilities, and data management that between the two can be integrated 100% with Check Point Harmony Endpoint and thus be able to make good automated management.

For how long have I used the solution?

it was implemented a year ago.

What do I think about the stability of the solution?

The product is very stable. It has some problems in the cloud where the access is stuck, however, nothing has caused improper functioning.

What do I think about the scalability of the solution?

Check Point Harmony Endpoint is an easy to scale tool.

How are customer service and support?

We have had good experiences. The cases have been successfully concluded.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

Nothing was implemented that was similar to this type of tool.

How was the initial setup?

As mentioned before, the configuration of this tool is very simple and interactive.

What about the implementation team?

When the installation was done, a vendor helped us and explained how it worked.

What was our ROI?

With this tool, you can be sure of and have confidence that the investment made will protect the company's complete information.

What's my experience with pricing, setup cost, and licensing?

Check Point Harmony Endpoint is a tool that I highly recommend. Its implementation is very easy, as is its configuration.

Which other solutions did I evaluate?

Several tools were taken into account, however, Check Point was chosen as we have already used several tools and it has given us confidence and solidity.

What other advice do I have?

It is an excellent tool in the management of vulnerabilities.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
T. BalaMuruganandhan - PeerSpot reviewer
Sr. Manager at Incedo Inc.
MSP
Good security with a useful single dashboard and centralized management capabilities
Pros and Cons
  • "Forensic Analysis provides a complete analysis of threats via detailed reports."
  • "Support's service and the response times can be improved. The triaging of the tickets takes a long time and the tickets are only resolved with escalations."

What is our primary use case?

We primarily use it for end-to-end security for endpoints and the co-relation of events from one single console. We have been able to protect our endpoints with Harmony. The user experience is also good and there is not too much to be done with respect to the endpoint changes (the best part). Features like Threat Emulation/Threat Extraction, Antibot, Anti- Exploit, Anti Ransomware protection, UBA, Zero-day Phishing protection, Behavioral Guard, Encryption, VPN, and compliance makes it more powerful and helpful to our security team in order to protect the environment.

How has it helped my organization?

Our organization's overall security posture has improved with Harmony Endpoint protection. This has helped to secure against all modern age threats and risks that came in during the pandemic. 

During the pandemic, the users, for example, have been forced to work from home and that's been forcing the IT to do overtime to protect the endpoints. After introducing Harmany Endpoint we have seen the incident levels going down to close to zero. 

The single dashboard provides complete visibility over endpoint security and the administration can view the actionable tasks to follow up easily without searching across multiple reports/consoles. 

What is most valuable?

All of the available features are good (for example Threat Emulation/Threat Extraction, Antibot, Anti-Exploit, Anti-Ransomware protection, UBA, Zero-day Phishing protection, Behavioral Guard, Encryption, VPN, and compliance), however, the one I have thought to be very valuable is the Ransomware Protection Feature which has been used widely during the pandemic. It protects as well as saves original file copies to prevent data loss.

Forensic Analysis provides a complete analysis of threats via detailed reports. The threat prevention, which includes a detailed threat landscape is very good.

The VPN connectivity and compliance check are also very good features.

What needs improvement?

Support's service and the response times can be improved. The triaging of the tickets takes a long time and the tickets are only resolved with escalations. 

With respect to the product, we feel Endpoint vulnerability management is one of the modules that is missing and it is something that is required. Adding this will strengthen the product and help in taking proactive steps towards protecting the environment.

DLP Module & Patching are required from an endpoint perspective. It would be good to add those in an upcoming release/version.

For how long have I used the solution?

I've used the solution for more than 6 months.

What do I think about the scalability of the solution?

We have deployed it on the cloud which helps it to be scalable and cost-effective.

Which solution did I use previously and why did I switch?

We were using multiple solutions to protect the environment in the past. These include solutions such as McAfee, Websence DLP, encryption, etc. however, now it is all happening with this one tool and console 

How was the initial setup?

Easy to set up and start using.

A single administrator can manage the complete solution. It's easy to deploy and does not require any additional effort. We're able to have multiple solutions within a single solution.

What about the implementation team?

We implemented the product with the help of our OEM and our in-house team. There were no major challenges during implementation or even in day-to-day operations.

What's my experience with pricing, setup cost, and licensing?

Harmony Endpoint, in terms of the deployment, integration, and setup, costs less than other solutions.

Which other solutions did I evaluate?

Yes, we evaluated other products as well, however, with respect to feature price and integration availability, we selected this product.

What other advice do I have?

Harmony Endpoint is a good product and scalable with business growth. 

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
IT Manager at a renewables & environment company with 51-200 employees
User
Top 20
Great cloud management and reporting with on easy pane of glass
Pros and Cons
  • "The rollout and management of devices were very simple."
  • "The web filter service could be improved."

What is our primary use case?

We wanted to consolidate a several-point solution to one endpoint. With so many new cyber threats and having a growing environment, what we had in place had too many gaps or grey areas between solutions and vendors. 

Also, with a rapid transition to hybrid working, we needed to reconsider our end point protection. Having used Check Point NGFW for five years, it seemed like a good fit. Also, the experience and long term position of Check Point in the security market gave us good confidence. This mature position in the market also helped with finding several resellers and experience.

How has it helped my organization?

There is one pane of glass to all end points, events, and incidents which is providing our team with a clear picture of the environment. We have already experienced several items that previously just got lost in the greyness of a multi-solution environment.

The rollout and management of devices were very simple. It allowed for a rollout of 200+ devices - all remote - in just a couple of weeks. Having cloud-based management also really helped get started, as, within the day, we had a POC running and just started to grow from there.

What is most valuable?

Cloud management and reporting are great. The management interface is very simple and easy to navigate. Just getting a logon to start is very helpful. The Check Point support at this stage was great. While it was very simple and intuitive, having someone talk over the defaults provided recommendations that helped us jump forward very easily.

Again, the cloud management service has a several inbuilt default reports which are easy to customize and provide more visibility than we have had previously with several solutions. 

What needs improvement?

The web filter service could be improved. It would be great to have a self-service user request for sites. An administrator would still need to approve, however. 

The block screen could have a nicer screen or allow it to be customized.

The list of exceptions for URLs could be improved with a separate screen for a large list of exceptions. Having the same exception list for mobile and endpoints would be great. 

We are hoping to transition to the SOC based service. Think this is still new; we're looking forward to get more information and test.

For how long have I used the solution?

We just transitioned to Check Point Harmony, and have been running it now for six weeks.

What do I think about the stability of the solution?

Stability seems very strong, however, it's early days.

What do I think about the scalability of the solution?

Scalability seems very strong, however, it is early days.

How are customer service and support?

We don't know yet.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

The move to hybrids has been working well during Covid.

How was the initial setup?

The initial setup was not complex. 

What about the implementation team?

We did both - we implemented through a vendor and in-house.

What was our ROI?

The product offers a great lower cost than previous solutions.

What's my experience with pricing, setup cost, and licensing?

I'd advise users to talk to your Check Point partners or find a good one.

Which other solutions did I evaluate?

We spent a long time reviewing the marketplace and comparison sites however, we did not test anything.

What other advice do I have?

I am very positive in terms of the solution and Check Point in general.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Team Lead Implementation Services/Systems Integration Engineer at Trinidad Systems Limited
Real User
Top 20
Threat Emulation and Threat Extraction features scan email attachments before the user is able to access the file and then provide a safe copy of the attachment
Pros and Cons
  • "One of the most valuable features is the Threat Emulation and Threat Extraction. These features are able to scan email attachments before the user is able to access the file and then provide a safe copy of the attachment. Malicious files never get to the users machine. This is a very valuable feature of this solution."
  • "As I understand there will be a URL filtering feature included with the browser agent in the future. This will allow URL filtering without the need for a Gateway Device. This is something I am looking forward to and would be a great addition to list of features."

What is our primary use case?

Our primary use case for this solution is Antivirus capabilities. These include Antimalware, Antibot, Anti-Ransomware, and Threat Emulation and Anti Exploit. We have a mixed environment that includes Windows 2012 R2 Windows 7 Windows 10 and macOS 10.xx. We also use VMware. 

The client has been installed on all servers, PC,s, laptops and MAC machines. 

We need all this infrastructure monitored for malicious activity and reporting if something happens in realtime. This solution has worked very well.

How has it helped my organization?

In the past, we have experienced virus problems on our network. It has come in through email attachments, USB drives, internet websites, and so on. The current solution was not performing well. Since we implemented  Checkpoint Endpoint Security we have had no infection thus far. It is able to scan all email attachments, lock the ability to use external USB drives, and scan rouge internet traffic. We are very satisfied with this solution. Since its implementation, we have had no loss in data and no loss of revenue.

What is most valuable?

One of the most valuable features is the Threat Emulation and Threat Extraction. These features are able to scan email attachments before the user is able to access the file and then provide a safe copy of the attachment. Malicious files never get to the users' machine. This is a very valuable feature of this solution.

The Zero Phishing feature is also very valuable. This feature has the ability to scan the username and password fields on a website before you enter your credentials and verify if the site is legitimate. This brilliant feature prevents the stealing of account information.

What needs improvement?

As I understand there will be a URL filtering feature included with the browser agent in the future. This will allow URL filtering without the need for a Gateway Device. This is something I am looking forward to and would be a great addition to a list of features.

The best improvement to the product that can be made is to make it less resource-intensive so it may work effortlessly on slower systems.

The ability to push the Endpoint Client over the network without the use of 3rd party solutions would be an asset.

For how long have I used the solution?

I have been using and implementing this solution for about three years.

What do I think about the scalability of the solution?

My impression of the scalability of the this solution is positive. It can be don't with minimal affect on production. 

How are customer service and technical support?

They attend to your needs in a timely manner. They are well educated in the product.

Which solution did I use previously and why did I switch?

We did use a different solution in the past. It was not performing well and we were always getting infected by malicious software. they made us switch to Checkpoint Endpoint Security.

How was the initial setup?

The initial setup is straightforward and can be done by less technical staff.

What about the implementation team?

It was done by an in-house team.

What's my experience with pricing, setup cost, and licensing?

Setup costs can be kept to a minimum as Check Point offers Cloud Management which eliminates the need for on-premise hardware cost.

Which other solutions did I evaluate?

We did evaluate Avast. Which was not performing well. We also evaluated Kaspersky. Their client was a bit to resource-intensive.

What other advice do I have?

Check Point Endpoint Security just works. You will not be disappointed.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
IT Security Manager at a manufacturing company with 1,001-5,000 employees
User
Great threat emulation and threat extraction features with helpful forensics
Pros and Cons
  • "The forensics allows us to search retrospectively for an URL or file opened by users, for example, when you need to quickly check who else has clicked on a phishing link."
  • "Unfortunately, the web (cloud) management system and log search performance are quite bad."

What is our primary use case?

We use Harmony on every PC to add additional protection primarily to file downloads. We use it alongside our classic AV solution (non-Check Point). Every file is scanned via Threat Emulation (virtual sandboxing) and Threat Extraction (sanitizing files by removal of active content).

The anti-phishing module scans every new web form, that the user is trying to enter data in. Based on visual similarities to known sign-in websites (like Microsoft Azure's) it blocks the phishing ones that are similar.

The forensics module allows us to retrospectively search for a wide number of events on all PCs (for example for now-known malicious URLs or files)

How has it helped my organization?

Harmony mainly filled the gap in e-mail security, allowing us to check what the user has clicked (and blocks it when needed).

It also has a nice phishing form detection blocking users from entering their credentials on many real-life phishing websites.

The forensic log search (as described above) allows us to quickly do a retrospective search for a file or URL that we found malicious.

The features come in handy during Covid-related extended remote work times, when we were able to provide better security to our employees working off-premises.

What is most valuable?

The most valuable features are threat emulation and threat extraction. Despite some false positives, it gives quite good security for file downloading.

Phishing form detection based on on-site similarity (not only on URL) has at least 50% efficiency in real-life examples that passed our antispam systems (and most of the false negatives are pretty general forms, which are not so convincing to the user).

The forensics allows us to search retrospectively for an URL or file opened by users, for example, when you need to quickly check who else has clicked on a phishing link.

What needs improvement?

Unfortunately, the web (cloud) management system and log search performance are quite bad. Sometimes it takes longer to perform simple tasks and scrolling the results of the log is annoying due to frequent refreshes.

The exception management was always the Achilles' heel of Check Point products. It was a bit improved in Harmony, still, you can't for example exclude a site from anti-phishing form checks (which could take a few secs) while not excluding it from attachment scanning.

The forensics module still doesn't allow for HTTPS URLs entered by users. You are limited to DNS search or IP lookup. This doesn't make sense from a technical standpoint as the URLs are passing Harmony checks so they are known to the solution.

Anti-phishing cannot scan a form located inside an HTML e-mail attachment (which is a common practice in real-life attacks).

For how long have I used the solution?

I've used the solution for one year.

What do I think about the scalability of the solution?

Cloud management performance is sometimes quite bad for day-to-day tasks, although it is not related to the number of endpoints.

How was the initial setup?

If you limit browser extension via GPO, there might be conflicts with Harmony's that generally overwrites your config in some modes (per user vs per device enforcement).

What's my experience with pricing, setup cost, and licensing?

Pricing isn't cheap, especially if you want to extend forensic log retention period from default one week.

What other advice do I have?

It's still being actively developed and still needs some improvement.

In general, it's quite good now regarding security and might get even better.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Senior Security Specialist at Tech Mahindra Limited
Vendor
Top 20
Good ransomware protection and URL filtering but support needs to be more knowledgable
Pros and Cons
  • "It prevents the most imminent threats to the endpoint such as ransomware, phishing or drive-by malware, while quickly minimizing breach impact with autonomous detection and response."
  • "The solution has limitations if it's hosted on-prem or as a SaaS."

What is our primary use case?

The solution is primarily used for protecting endpoints.

Harmony Endpoint is a complete endpoint security solution built to protect the remote workforce from today’s complex threat landscape. 

It prevents the most imminent threats to the endpoint such as ransomware, phishing or drive-by malware, while quickly minimizing breach impact with autonomous detection and response. This way, your organization gets all the endpoint protection it needs, at the quality it deserves, in a single, efficient, and cost-effective solution and able to detect/block/monitor and response to any malicious activity happening on the endpoint. With the single agent deployed on the endpoint, it's able to provide complete EDPR functionality with help of multiple security features/modules.

How has it helped my organization?

Harmony Endpoint provides complete EDPR functionality using multiple modules/features which are available with the solution such as Compliance, Anti-Malware, Media Encryption and Port Protection, Firewall and Application Control, Full Disk Encryption, Remote access VPN, Capsule DOC, URL Filtering. Anti-Bot, Anti-Ransomware, Behaviour Guard, Forensic, Threat Emulation, and Anit-Exploit.

We are able to protect endpoints from any next generation of attack and modules can be enabled/disabled based on organization requirements. Harmony Endpoint is able to detect/block/monitor and mitigate attacks at an endpoint using logs which is been captured by an agent installed on the endpoint. 

Agents send telemetry/metadata to a centralized console for forensic purposes. Policies for the endpoints can be created based on the user name or endpoint. 

Integration with a threat intel platform for blocking any attack at an early stage is great. The complete solution can be hosted on-prem or via SaaS - a cloud remote access VPN is provided as default in base licence. 

Different policy servers can be configured and hosted at each location so the agent does not have to reach a central location to take policy updates. Policy servers are created using OVF file which can be installed on any virtual platform such as VMware. This offers a more secure way of communication between the policy server and the management console (using certificate/SIC communication). 

Agent footprints are low on endpoints and integration with other security solutions is great for sharing threat intel within an organizational network or over the cloud. Anti-ransomware modules are very strong and are able to detect any ransomware attacks at a very early stage. 

The host-based firewall policy configuration is simple. 

What is most valuable?

    The solution allows us to reduce the attack surface via:

    • Host Firewall
    • Application Control
    • Compliance
    • NGAV: Prevent Attacks Before They Run
      • Anti-Malware
      • ML based NGAV
        GAV: Runtime Detection and Protection
        • Anti-Ransomware
        • Behavioral Guard
        • Anti-Bot
        • Anti-Exploit
          Web Protection
          • Zero-day Phishing site protection
          • Corporate Password Reuse Protection
          • URL Filtering
          • Malicious site protection
            Attack Investigation and Response
            • Forensics collection and detection
            • Forensics report – incident visibility, MITRE mapping
            • Automated attack chain full sterilization
            • Ransomware encrypted files restoration
            • Threat Hunting
              Data Protection
              • Host Encryption
              • Media encryption and port protection
                Mobile Protection
                • iOS Protection
                • Android Protection
                  Centralized Management

What needs improvement?

The solution has limitations if it's hosted on-premise or as a SaaS. You need to plan accordingly on the model that suits the organization. On-Premise, for example, does not support threat hunting. Hosting on the cloud will have an impact on the user who is connecting to a central location for internet access as it will add infra cost. 

We also need to look over the expertise of the support executives who require more training and focus as well in this service area and if we can think over the cost of the product.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Buyer's Guide
Download our free Check Point Harmony Endpoint Report and get advice and tips from experienced pros sharing their opinions.
Updated: June 2022
Buyer's Guide
Download our free Check Point Harmony Endpoint Report and get advice and tips from experienced pros sharing their opinions.