Check Point Harmony Endpoint Reviews

We work with Check Point Harmony Endpoint as partners, providing deployment services, particularly for small to medium enterprises (SMEs). We work with both small and large companies.

Endpoint protection is valuable. Stability is good, and the product is well-designed for security needs. It is scalable and offers multiple features, which justify its pricing for enterprise customers. Since security is a major concern, we do not worry about the pricing as the product has features built-in.

Support needs improvement. Currently, support is primarily via email, which leads to longer response times. Fine-tuning for applications and better support from Harmony would be helpful, especially once the environment is hardened. Better technical support would enhance the product's competitiveness.

We have been working with Check Point Harmony Endpoint for almost five years.

Stability is fine, and the product performs well in terms of security. It is considered well and good.

Check Point Harmony Endpoint is scalable, suitable for both small and large companies.

Support service needs improvement. Only email support is available, leading to delays in getting assistance.

Negative

Implementation is straightforward for smaller environments, however, requires significant fine-tuning for larger clients.

We only handle deployment and do not deal with pricing, which is taken care of by another department.

Pricing is a bit expensive but justified by the product’s features, capabilities, and scalability. It is suitable for enterprises but can be challenging to position for small to medium customers.

We recommend Check Point Harmony Endpoint; however, support needs enhancement. With improved support, it could outperform competitors. Rating based on the alone featureset is nine out of ten.

We use Check Point to manage email security in our O365 environment.  Our previous solution was unable to remove all of the email spam we had. Check Point integrates with Office 365 to provide advanced threat protection for email. It uses techniques like anti-virus, URL filtering, and threat emulation to stop known and unknown threats. It also offers goes beyond email security. It protects all aspects of Office 365 collaboration tools like SharePoint, OneDrive, and Teams. It can prevent data loss, enforce policy compliance, and block phishing attacks.

It manages to capture more spam with a smaller footprint. It has a single agent and management console to streamline security administration. This can save IT staff time and resources compared to managing multiple security products. The endpoint combines Endpoint Protection Platform (EPP), Endpoint Detection and Response (EDR), and Extended Detection and Response (XDR) capabilities. 

This comprehensive approach can safeguard your organization from a wider range of threats, including ransomware, malware, phishing attacks, and zero-day exploits.

Ease of setup and ability to hook into O365 directly without MX record changes. Check Point offers advanced threat prevention capabilities, including SandBlast Network Threat Emulation and Threat Extraction. These features can identify and stop even unknown threats by simulating real-world attacks in a safe environment. Check Point solutions are designed to scale to meet the needs of large organizations. They can handle high volumes of traffic without compromising performance. Check Point integrates with a wide range of third-party security solutions. This allows you to create a comprehensive security ecosystem that meets your specific needs.

I would like to see a better UI for admin functions. While CheckPoint offers threat prevention through SandBlast, some users feel even deeper integration of Machine Learning (ML) could enhance threat detection and improve automation. This could involve automating security responses and offering threat prediction capabilities. As organizations increasingly move to the cloud, Check Point could further strengthen its cloud-native security offerings. This might involve expanding support for various cloud platforms and offering more granular security controls within those environments.

I have used Check Point Harmony Endpoint for six months.

We haven't had issues or outages so far. 

It seems to be able to scale to any size company. 

Their support has been very positive. It's easy to use. 

Positive

Sophos was our previous vendor, we found their coverage lacking.

The setup was straightforward, it's hands-on config. 

CDW was our MSP. 

We expect to see ROI in 12-16 months. 

My advice would be to state terms upfront and always ask to haggle down.

We looked at Fortinet, Palo Alto, Crowdstrike, etc. 

Make sure to review your solutions every couple years as technology changes. 

We use it for the complete protection of more than 5,000 devices of our company and our customers. 

We have Harmony Endpoint (Advanced) managed from the Check Point Cloud, mostly for Microsoft Windows 7, 8, and 10 devices, as well as Windows Servers (mostly 2012 and 2019). We also have a few protected Linux desktops and server devices. 

As for the protections enabled, we have mainly Threat Prevention (including Antimalware, Antibot, Anti-ransomware, EDR, and Threat Emulation/sandboxing); Firewall, application control, compliance, and port protection modules deployed.

We used to use other security solutions (Windows Defender and Kaspersky), however, we had security incidents that affected us (viruses and ransomware) and they were very difficult to identify or when we did identify them it was already a long time after the incident occurred and we did not know the cause and therefore affected the operability of our company considerably. 

Since we made the decision to move to Check Point Harmony we have had greater visibility of everything that happens on our devices and take a preventive approach rather than a reactive strategy, in addition to being more confident that we have Check Point protecting us.

The characteristics that we find most valuable are its anti-ransomware protection, zero-day phishing protection, web browsing filtering, and vulnerability and patch management. The level of security and visibility they provide is great and it is very easy to configure and maintain. We have almost no false positives. 

A feature that we really like is the ease of management and administration that Check Point offers us, in addition to including the management server in its cloud and the predefined dashboards and reports.

We would love to have more endpoint hardware and software inventory, as well as tools to perform troubleshooting directly on the endpoint remotely. 

A further point of improvement would be to be able to optimize the consumption of resources on the device. 

We would also like the application control module to be further developed in future versions to include applications commonly used or maintained by Check Point in order to be able to configure blocking policies more quickly.

We have been using this product for more than three years.

We have not had any problems with stability so far. It has left us with a good impression.

The scalability of cloud management is excellent.

On the few times we have required support, it has taken us some time to resolve the issues completely, however, in the end, it was accomplished.

Positive

We changed solutions since what we had was not effective against the attacks we see today; besides, the visibility was very low and the management was very complicated.

The initial deployment was simple and the solution gave us several tools to do so.

We deployed via an in-house team.

In three years, the expected ROI was achieved.

The management of the solution is very simple and the deployment tools are diverse, which greatly reduces the workload. Licensing is also quite simple with three main options and some add-ons. 

It is licensed per device (whether it is a desktop, laptop, server, etc.), and the price is very attractive and competitive.

We evaluated other options including Cisco AMP and Fortinet EDR.

I'd recommend users to be careful with low-resource devices as the solution has several security modules that can affect the performance of these devices. In our case, we had some old machines where we grouped them and created a more optimized policy for these legacy devices.

We use the solution in hospitals. 

The tool's most valuable feature is its ability to support Windows 7 and other legacy products. We still have users for such systems in the Philippines. I also like its threat-handling and forensic capabilities. The tool is easy to navigate, read, and digest, and its detection capabilities are also good. The solution has good reports that are easy to read. 

Check Point Harmony Endpoint's GUI is old. It needs to have a modern dashboard for logging activities. Compared to other products, the solution is slow in terms of deep scanning. 

I have been working with the product for three months. 

I rate the solution's stability an eight-point five out of ten.

The tool has many modules and is scalable. I rate it an eight-point five out of ten. 

I rate the tool's deployment ease an eight out of ten. The process takes less than a day. In our case, however, it required at least three hours because we were doing a demo for Windows 7. We also needed to update the endpoint, which involved some installation requirements.

I rate the solution's pricing a five out of ten. It costs around ₱2,200 per endpoint. 

Our customers are mostly medium enterprises. You need to be patient with the scanning. The solution will help you with prevention and detection. I rate the overall product a nine out of ten. 

Our primary use case is to enhance the organization's security posture against attacks like phishing, and malware especially zero-day threats, with low false positives. The product must be able to integrate with the existing infrastructure with relative ease. 

We need detailed reporting and forensics analysis tools for incident response, and the management console must be user-friendly.

We need to improve operational efficiencies in managing endpoints and thousands of users, given the increasing number of remote workforce. There should be minimal impact on endpoints.

The management interface of the product is relatively user-friendly and easy to navigate.

The product manages to block most zero-day attacks and unknown threats in real-time, thus reducing the manual overhead by being the first layer of protection against unknown attacks, easing the workload on the monitoring team, and enabling the team to focus on other tasks simultaneously.

Overall, the product enhances our organization's cybersecurity posture with its comprehensive set of features, supported by a leaner monitoring team.

The product is quite easy to configure and can be deployed in under half an hour.

It has a centralised management console, single panel to triage, escalate, mitigate and respond.

The agent is lightweight on the endpoints and operates seamlessly in the background with minimal impact on the performance of the endpoints.

It has features like firewalling, removable device control, VPN, app control, DLP, file sandboxing, ransomware protection. which can be turned on or off per endpoint, groups, employees.

It should reduce CPU and memory usage. Its technical support could be more timely though it is still acceptable.

It is painful to get deep informational logs to be exported to a SIEM as Check Point requires a user to use its tooling Horizon.

At times, it repeatedly scans the same files without any effective results.

It lacks granular management and configuration.

Additionally, users may encounter challenges with the product's components not performing as anticipated, necessitating the manual addition of exclusions across various areas.

We have been using Check Point Harmony Endpoint for less than three months.

The stability is acceptable.

The scalability is okay.

The support could be faster.

Neutral

The setup could be done in less than 30 minutes.

The licensing is pricy, so weigh the pros and cons.

We looked at CrowdStrike and Palo Alto.

In the intricate web of digital landscapes, my primary use of Check Point Endpoint Security is a guardian for my organization's digital footprint. This robust solution stands as a vigilant sentinel, meticulously securing each endpoint against the relentless tide of cyber threats. 

Its dynamic threat prevention capabilities, seamlessly integrated into our environment, create an impervious shield against malware, ransomware, and other malicious actors. 

With an intuitive interface and real-time monitoring, it not only defends but also empowers, allowing me to traverse the digital domain with confidence. 

In this narrative of cyber resilience, Check Point Endpoint Security is not just a tool; it ensures that every endpoint under its watch remains secure in our interconnected digital ecosystem.

The integration of Check Point Endpoint Security has been a transformative force within my organization. 

As we embraced this robust solution, a paradigm shift occurred – a palpable enhancement in our digital resilience. The advanced threat prevention mechanisms woven into the fabric of Check Point have acted as an impenetrable shield, thwarting malicious intruders and fortifying the security posture of every endpoint. 

This newfound defense has not only safeguarded our sensitive data but has also instilled a sense of confidence among our team members, enabling them to navigate the digital realm without fear.

Check Point Endpoint Security has proven to be a beacon of resilience, with its multifaceted features illuminating our defense strategy. The real-time threat prevention capabilities stand out as a fortress against malware, ransomware, and evolving cyber threats, offering a proactive defense that safeguards our organization's critical assets. 

The granular control over endpoint activities empowers us to tailor security policies, ensuring a bespoke approach that aligns with our unique operational needs. The intuitive dashboard and centralized management streamline our security operations, enhancing efficiency and providing a comprehensive overview of our digital landscape. 

Notably, the seamless integration with other security components orchestrates a harmonious defense orchestra, fostering collaboration and maximizing the synergy of our security infrastructure. 

In this narrative of fortified cybersecurity, it's the amalgamation of these features that makes Check Point Endpoint Security an invaluable guardian, fortifying our digital realm against the relentless march of cyber threats.

A robust threat intelligence integration could elevate proactive defense, offering real-time insights to anticipate and thwart emerging threats more effectively. 

Enhanced behavioral analytics would provide a deeper understanding of endpoint activities, fortifying our defenses against sophisticated cyber adversaries. 

Streamlined incident response tools within the platform would empower security teams to react swiftly and decisively in the face of potential breaches. Integration with emerging technologies, such as artificial intelligence and machine learning, could usher in a new era of adaptive and self-learning security protocols. 

Furthermore, a user-friendly interface for custom reporting and analytics would empower organizations to derive actionable insights from security data. In this ongoing narrative of cybersecurity evolution, the inclusion of these features in the next release would undoubtedly fortify Check Point Endpoint Security as an even more comprehensive and dynamic guardian in the ever-expanding digital frontier.

I've used the solution for more than three years.

The solution is very stable.

The scalability is very good.

The technical support is excellent.

Positive

We used to use Kaspersky, and we switched for security reasons.

The initial setup was straightforward; it was easy.

We handled the setup in-house.

Its price is competitive.

We also evaluated Trend Micro.

I use it for end point protection, and I am also using full disk encryption Harmony both solutions are adopted. 

One of the advantages is the reporting functionality. For example, if some critical data is available on a laptop and the laptop gets stolen - I can remotely wipe it immediately. Because, at the end of the day, apart from the device, the data is important.

So, the zero-phishing feature of Harmony Endpoint, the one I have used, was very good.

Those features are very good. Then, zero-day protection is also very important to us.

We can map the MITRE attack framework along with the Cyber Kill Chain completely.

Sandboxing is a great functionality.

The only drawback is the integration process. For example, I want to integrate with my source platform. It took some time. That's the only concern regarding the integrations.

Check Point Harmony Endpoint doesn't have any XDR kind of solution. DLP functionality and all are not yet there.

And then, the performance also sometimes gets deep. CPU utilization could be further optimized. 

I have been using it for one year. 

I faced some issues with stability. Stability was good compared to other endpoint protection. The only thing is that in the Zero Phishing future, which I like a lot, we can see when people are entering password content and other things. Phishing is important.

Since it's a SaaS platform, we can upgrade only a license. We can get it.

I have experience with SentinelOne. SentinelOne has a feature; for example, if a ransomware attack happened and a particular file was affected, we can retrieve it. If some known files got corrupted, we can roll back the file to the last known good configuration. We can do that. 

But this particular feature is not there in Check Point Endpoint. And then, importantly, USB blocking on Linux machines is not currently available in Check Point Endpoint. It supports only the scanning part, but I don't think it is supporting USB blocking and device blocking.

DLP functionality and all, they are not yet there.

The installation is very easy. It takes around 20 minutes only. 

It requires maintenance. There are a couple of people who handle more than 4,000 endpoints. So if there are more, then I can publish them. That is a one-time activity. After that, only one person can monitor. The SOC analyst is only one guy. The person who manages the endpoint completely, email as well as the endpoint, both.

We have seen ROI. Time was saved. Since it's manual, we need to pay a lot to our team. The time-saving was very good. We can establish connectivity on each agent within 20 minutes.

The pricing is okay. It is in the enterprise range. It is not middle range. It is not so costly, but it is an enterprise.

Overall, I would rate it a nine out of ten. 

I use Check Point Harmony Endpoint in my company to secure the endpoint devices, including computers, servers, and every single endpoint in the environment.

Check Point Harmony Endpoint offers customers enterprise-level security for all their devices, including servers, laptops, and desktops. The IT personnel can ensure that with the product, all of the devices in an environment are protected with Check Point's enterprise-based solution. The customers who buy the product need not worry about their devices being exposed to threats. In fact, if you check the reports for Check Point in Gartner Magic Quadrant, you will see that the reports are all related to Check Point's endpoint security solutions. Customers try to get information on the value they can derive, along with the other potential prospects in the market, before trying to get or onboard Check Point Harmony Endpoint in their environment.

For IT personnel, Check Point Harmony Endpoint is easy to manage since they don't need to have any expert in order to deploy or monitor devices with the help of the product, and it also allows you to try out different actions on different devices. Whenever there is an attack on any device, Check Point Harmony Endpoint has the capability to isolate the affected device from the environment. Suppose there is an attack on one computer. In that case, the security of the other computers operating in the same environment is compromised, so Check Point Harmony Endpoint isolated the affected computer and notified the required department in the company to look into it while allowing for the other computers to work properly. The product offers good value to the companies that deploy it in their environment.

I would have to describe what I feel is valuable in Check Point as a whole. Check Point provides users with a central point from where they can manage all the devices across a workplace. Whether users use Check Point Harmony, Check Point Quantum, or Check Point CloudGuard, they don't have to log into different portals or solutions since they can manage everything from one central point. I like the fact that products from Check Point are very easy to deploy. Even if a user has 1,000 endpoints in an environment, Check Point can take care of the deployment in minutes. Check Point Harmony Endpoint is a very easy solution to deploy and requires very little maintenance or technical expertise.

I would like to see improvements in Check Point Harmony Endpoint in general because some people use it since it is available at a competitive price. Due to the competitive pricing strategy of Check Point Harmony Endpoint, it is not considered to be a good product, like Fortinet, Palo Alto, or F5. Check Point Harmony Endpoint needs to consider that people should feel that Check Point doesn't compromise on quality even though the price at which Harmony Endpoint is offered is good. People who claim that Check Point Harmony Endpoint is a cheap product don't necessarily mean that it is not a good solution. Fortinet is a very expensive product that offers good value to its customers. If Check Point can work on the value proposition it offers to customers and make them understand that even though the solution is affordable, it is not a bad solution compared to its competitors, then it would be fantastic. The potential customers can opt for Check Point products, considering that they are offered good products at the cheapest price in its categories. It is important for Check Point to ensure that people don't have a wrong perception about the products it has launched in the market.

I don't think there are any features I would like to include, and the tool offers updates when compared with the products from competitors, which I think is a good way to do it. The only challenge is that for many organizations where there is an MDM solution in the environment and an endpoint security tool, my company needs to educate such organizations to convey the message that endpoint and MDM solutions are different products for different purposes, so they are not the same. If Check Point Harmony Endpoint can incorporate MDM into the solution, it can be a fantastic enhancement. Customers need not buy endpoint and MDM solutions if both are made available together in Check Point Harmony Endpoint. My company will have to put extra effort into educating the customers and making them understand the two different solutions. MDM is used to manage your mobile devices, and Check Point Harmony Endpoint is the security for your endpoints.

I have been using Check Point Harmony Endpoint for over three years.

It is a stable solution. My company has not received any complaints regarding the product's stability from our customers who use the solution.

It is a very scalable solution.

My company had to contact Check Point's technical team for the installations that my company carried out when we had to deal with around 40 devices that had firewalls from Check Point, which had reached the end of life. For Check Point Harmony Endpoint, my company never had any reason to contact Check Point's technical team.

Starting with the pros, I would say that Check Point Harmony Endpoint provides value for money. After purchasing Check Point Harmony Endpoint, you need to consider the fact that the cost you pay for the solution and the value you derive from the product is very proportional. When it comes to Check Point Harmony Endpoint, I can say that a user does not pay high prices for a poor solution. A user pays a decent fee for a very good product. I think the first pro is that the value you get from the solution is made available at a very competitive price. The product is seamless and easy to use. With the centralized portal, a user can manage all Check Point products, including Check Point Harmony, Check Point Quantum, or Check Point CloudGuard, from a single point, which is also a fantastic pro for Check Point. Regarding the cons of the solution, I would say that it stems from people's perception of the solution since they feel that an affordable product may not be good enough. There is a need to work around people's wrong perception of Check Point products. Still, I don't know if such a negative perception is something that is widespread across the globe or whether it is exclusive to Nigeria or the markets in Africa. Check Point needs to work in areas like branding and other value propositions to make products stand out in the market despite the solutions being more affordable than the ones offered by competitors.

The product's initial setup phase was straightforward. The product's deployment was done in minutes, so it didn't take long, as there was no need to do any special configurations. There was no need for the people involved in the deployment to have any special skills. The deployment process was seamless and straightforward. The product's deployment was never an issue. The IT department need not worry too much about whether they need to learn new skills to manage the product as it is easy to use and deploy and a product that can be used seamlessly. The product's deployment takes around 30 to 40 minutes.

I work with the solution's SaaS version.

I don't think Check Point Harmony Endpoint is difficult to maintain. I think there is a possibility of scheduling your updates in Check Point Harmony Endpoint, even if you want it to happen outside your working hours, like somewhere between eight o'clock in the evening and midnight. I don't think maintenance is stressful because it can be scheduled outside of working hours.

I would recommend others to use the product since the deployment process is seamless, so you don't need any specialized skills to use the portal provided by Check Point to monitor your devices. There are no specialized skills required to support or maintain the solution. It is also very easy to implement the product. You can keep a tab using the centralized portal offered by the product. In general, the product makes the life of the IT department easier since you need not worry about a lot of the technical stuff related to the solution.

From my point of view, I need to put in extra effort to convince my company's customers to use the solution. In terms of the features and the product's ability to deliver the promised value to its customers, especially when compared to other solutions in the market, I rate the overall product an eight out of ten.