Check Point Harmony Endpoint Reviews

The organization I work for is a bank and we use the solution to protect against malware and viruses.

The most valuable features in this solution are the EDR tool and the integration.

The solutions agent could have better performance, it is a little slow sometimes.

I have been using the solution for one year.

The solution has been working well and we plan to scale the solution to our 300 agents. We have clients that are small to large size businesses using the solution.

The technical support is good.

I would rate the technical support of Check Point Harmony Endpoint a nine out of ten.

The installation is easy.

We have four engineers handling the deployment and maintence of a large company we are involved with.

We have evaluated Palo Alto, Trend Micro, and Kaspersky in the past. 

I recommend this solution to others. It is easy to implement.

I rate Check Point Harmony Endpoint a ten out of ten.

We primarily use this product for the SandBlast module. It is used for sandboxing, malware detection, antivirus, and forensics blade.

The most valuable feature is forensics.

We cannot integrate this product with other solutions, which is something that should be improved. I believe that it is in the roadmap.

Other vendors have some non-security-related features in their endpoint protection solutions that should be implemented in this one.

I have been using Check Point Endpoint Security for approximately one year.

The stability is okay but if you have limited resources then it gets slow.

I have not used this product in a large deployment. Certainly, it scales, but my deployment is for less than 500 endpoints. Our company is really small, with just 25 people. As a partner, we also deploy it for our customers.

The people that work for the vendor are sometimes a little hard to get a hold of, but once you do get in contact with them, they get the problem fixed.

It is rather easy to set up. As a cloud solution, you can have it up and running in a day or less. We have defined different policies, which makes it easy to get up and running. After you, you can customize the setup.

My advice to anyone who is considering Check Point Endpoint Security is that it is a great solution that is very easy to deploy, and it really gives you visibility of what's happening on your endpoint. It helps you do deal with security issues pretty fast.

I would rate this solution a nine out of ten.

The Antivirus Blade is one of the Blades we always buy for all of our Check Point firewalls to protect us against virus propagation into our infrastructure. Check Point has a huge database that protects us against viruses that is especially important for the internet-facing firewalls.

The feature that we find most valuable is the easy way of configuring it via the SmartConsole on Check Point. The configuration is very straightforward and although it has some impact on the firewall CPU and memory, it doesn't impact the IPS, for example. It allows for the scanning of downloaded files from the internet. Scanning files that our users have downloaded to check if they have any virus is the most important thing. IPS and Antivirus work in conjunction. It doesn't even cross the perimeter firewall to the inside.

Sometimes the antivirus updates fail. We don't understand why because sometimes it fails but the next time you try it goes well and the firewall always has access to the internet. We don't understand why it sometimes fails.

We have been using Check Point Antivirus for four years. 

It's very stable. The only thing is that sometimes the Antivirus Blade fails but then the next time it succeeds. We get some alerts that the Antivirus Blades fail. But it then automatically updates. Antivirus is different from IPS, it's always trying to update and it's automatic.

It scales well. You can use the same profile and the same exceptions on all the firewalls on the management. It's deployed to eight firewalls. 

It takes three people to maintain the solution. They are security, engineers, and architects.

Technical support is good. We were getting some logs without any information and we couldn't get to a conclusion of what that was. We gave up because it was not a big deal, but it was the only bad experience we had with them. In general, it's good.

We also used Fortinet's Antivirus. They are equivalent from one to the other. Even the configuration is similar. There's not a big advantage to one or the other.

The initial setup was very straightforward. If you want to block a virus, for example, the signatures have a medium or higher impact. It's very easy to create the initial profile. It's also very easy to deploy exceptions with the SmartConsole.

We could do the deployment without all of the fine-tuning in one day. 

Our implementation strategy was to start with the Blade on detection mode for at least one week, then check the box to see what would be brought in if we were on prevention mode and see if we need to do some exceptions or if there are any false positives. If not, we put it on prevention mode.

Our return of investment is to have our infrastructure protected and to see that something is a working virus that would otherwise be able to reach our infrastructure. 

Usually, Check Point products are not cheap but compared to Fortinet, it's in line with the competition. There aren't additional fees that I'm aware of. 

If you have Check Point firewalls on your infrastructure, this is the best solution to deploy because it's just to enable a Blade. If you don't have Check Point firewalls, you should also consider other solutions. If you already have Check Point firewalls, the traffic is already going through them so it's just a matter of enabling the Blade. 

Try to run through the manuals to see the signatures and how to deploy and to create a profile. You can install the SmartConsole and run the demo mode and you can do some simulations without having to deploy a firewall. It's also good that you can do the demo mode and try to create an exception to create a profile.

It's not very hard to have a network antivirus solution which can be very important to protect the network. It should be as important as having the antivirus on the end-user's machine.

I would rate Check Point Antivirus a nine out of ten. Not a ten because of the updates. 

In our environment, we didn't have an "official" security system. After implementing the Check Point SandBlast Agent system, we have benefited from getting a strong security system that gives us stability and security on our internal network.

Security has been improved. We now feel more secure with our PCs, even more with the non-technical persons.

The most valuable features are the availability, the ease of checking current logs of blocks,  and the option to update the system easily. 

The solution could be improved in the future with a way to provide online training to customers for free, as other providers do. Ideally, it would be not only for this solution but for all of their systems.

I found that there is no Check Point online training center and I think that is something vital for most of us as customers.

I have been using the Check Point SandBlast Agent for a year and a half.

We did not use another solution prior to this one.

We evaluated Symantec before selecting Check Point.

We use it to manage our entire network and protect network traffic in terms of files that go out and come in. This protects our network between any platform we access or interactions between our clients and us. Also, it helps to monitor and block malicious applications, then it prevents these sites from accessing our stuff.

We use it for the endpoints and all the additional points which access the network in the organization. It protects everything across the board, from the server to the many other devices, like your phones and laptops. 

In terms of network usage, it actually reduced the amount of malicious attacks that we had. Before, we really didn't have a secure network. Each endpoint had to protect itself and probably most of them were not actually protected. Now, it's an entire process in which we've been able to cut down significantly the amount of malicious attacks by 60 percent that we get in the organization. It helps us to adequately monitor what has been going on with our network traffic and stopping individual attacks from accessing certain sites where we want to have restrictions or limitations.

The sandboxing feature: I like the entire process. It's one thing for it to detect, but another thing to have a remediation plan. It actually extracts out what we need to make it a clean file. 

There should be some way of managing this solution outside the organization's network, possibly with some type of remote access. For example, if I'm the admin of Check Point who manages the entire network, I would like to have access on my home device or maybe a mobile app to get reports, etc.

I have been using it since sometime from the beginning of last year.

It works just fine. I haven't experienced any issues.

It scales well. It accommodates all the endpoints that we have in our organization. As we grow, we do plan to increase usage.

We use it in our entire organization. Every staff person and device has access to the solution. We have approximately 250 endpoints. 

We have 10 IT managers and systems engineers directly working on it. I also work with the solution as a business analyst/developer.

The technical support is good. It is a straightforward solution. We have not really needed to call for anything because they train you on how to use this solution. You already have the IPS working and know how that works. It's not something that is complex.

We were previously using Sophos. We switched to Check Point because the pricing was much cheaper (by 25 percent).

The initial setup was straightforward. You're required to have some administrative training on how to use the solution. The deployment took between three to six months.

We worked directly with the vendor. The vendor had a partner in my region. Therefore, we worked directly with the partner, who was also working with Check Point. So far, the experience has been great. They were efficient. We have been able to achieve the reason why we set up and procured this solution.

We have seen ROI. It reduces malicious attacks and restricts users from accessing sites via our network.

As we grow, we've been given room to add additional licenses in terms of all our endpoints. 

In terms of licensing, have a buffer zone around your projects in terms of the amount of endpoints that you want to have. You can always have more, but it is best to leave room for a little increase or growth. 

The solution is too pricey.

We only evaluated Check Point and Sophos. There are only two really good cybersecurity solutions locally. You are either doing Sophos or Check Point. It is one or the other.

It is a great fit for any organization. I would rate the solution a 10 out of 10.

Previously, one of our clients was using Symantec and we provided POV to them with Check Point SandBlast agent after that customer found that it's very easy and stable to use after E83 version released.

There were many bugs or cosmetic issues that Check Point rectified and provided the stable version.

It helps us to detect running malicious activity in our network and after the COVID situation, most users are working from home where it becomes very difficult for IT admin to maintain security so such type of solution definitely helps us to prevent cyber attacks.

Compliance check, anti-malware, Media Encryption Full disc encryption, Forensic behavioral ransomware protection are some type of feature that Check Point provides with a single dashboard console. It gives overall host information about when any malicious activity has found and what action by which security blade has taken. So starting from firewall bladed to forensic / ransomware blade it gives us finite detail information on the host. So most of the security load has been transferring to the endpoint which is perfectly doing their work.

Most of EDR solutions which detect malware based on AI or ML. Check Point provides the most sophisticated attack vector information by combining these two. The forensic analysis gives detail information about host compromised how exact payload was executed and bots were communicating and how it prevents them.

Anti-ransomware createS a copy of your entire disk in case any suspicious activity founded then it automatically restored all files to its last backup file date so even after the system gets compromised by ransomware still we get hope to get all data safely.

Stability.

We know that Check Point has a very good database about threats even Check Point tries to make this EDR stable still there are some issues we were facing after upgrading or taking TAC to help its got resolved but Check Point really needs to work on metadata.

Check Point agent to Server communication many times got interrupted or cloud-managed infinity portal dashboard gives many issues while creating policy or installing uninstalling agent or packages.

Heavy load on the system gives issue which can be in a different manner.

2 years.

Needs to work better.

can be scaled upto high value

TAC team is helpful.

Symantec to Check Point.

Not too easy. Need to have basic understanding and require to take local Check Point engineers to help sometimes.

We are a vendor.

Cisco  AMP.

We mostly use Check Point Endpoint Security on-premise. But there are instances in which we use it in the cloud as well. It's mostly integrated into Microsoft Windows and that makes it really simple. They have an integration solution for the whole spectrum of endpoint features. For example, their Keystone solution. They also have a lot of other features. You can easily keep track of user access, how their device has been protected, and what software they have. We can see what processes are running and what network connections they have. We used it to control which devices can connect. It's a balance of freedom for the users and confidentiality. 

Check Point Endpoint Security helps us ensure device control and security. It helps us make sure users can access only the network resources they should be accessing and keep malware to a minimum.

I would like to see simple sandboxing for malware analysis. But, they are not the leaders in this market. I would like to see virtual tasking as a feature.

I have been working with all products of Check Point for about 15 years. They have a strong niche in the market. They have both on-premise and cloud computing. Check Point Endpoint Security is really simple to use.

Check Point Endpoint Security is very stable.

So it means that if you buy a firewall, and discover at the end of the day you need more traffic than what you expected. You can expand easily, and scale-out easily.

I would rate Check Point Endpoint Security at a seven out of a scale of ten.

We use this antivirus as part of our overall security solution. It handles the centralized investigation of internet content.

The most valuable feature is security.

Check Point integrates well with other security products.

The pricing can be improved.

The interface could be more user-friendly.

The initial setup and configuration should be simplified.

We have been using Check Point Antivirus for four years.

This is a very stable product.

We have not had the need to scale. We have about 3,000 people who are protected by Check Point, and three of them are administrators.

I would say that the technical support is okay. There are two levels; there is our installer, who we have known for several years, and there is the engineer, who we do not have much contact with.  

We use Windows Defender for our endpoint antivirus solution. For email protection, we use the FireEye Email Security solution. Our Check Point handles our central filtering and we also use some Infinity products. All of these work in combination with each other for our security.

The initial setup is complex. For the complete installation, our deployment took a few days.

We had the help of a Check Point specialist for our deployment.

This is a good product and one that I recommend.

I would rate this solution a nine out of ten.