Check Point Harmony Endpoint Reviews

We use this antivirus as part of our overall security solution. It handles the centralized investigation of internet content.

The most valuable feature is security.

Check Point integrates well with other security products.

The pricing can be improved.

The interface could be more user-friendly.

The initial setup and configuration should be simplified.

We have been using Check Point Antivirus for four years.

This is a very stable product.

We have not had the need to scale. We have about 3,000 people who are protected by Check Point, and three of them are administrators.

I would say that the technical support is okay. There are two levels; there is our installer, who we have known for several years, and there is the engineer, who we do not have much contact with.  

We use Windows Defender for our endpoint antivirus solution. For email protection, we use the FireEye Email Security solution. Our Check Point handles our central filtering and we also use some Infinity products. All of these work in combination with each other for our security.

The initial setup is complex. For the complete installation, our deployment took a few days.

We had the help of a Check Point specialist for our deployment.

This is a good product and one that I recommend.

I would rate this solution a nine out of ten.

The main feature we use this product for is the firewall. The second thing we use it for is the secure VPN for connections to the corporate office. The third one is intrusion prevention and antivirus. It is an all-in-one solution for peace of mind.

There is really a fourth feature. The appliance has at least four interfaces. This allows users to have a different interface port per user group. It is a way of making network segmentation. There are four ports on that appliance, but there can be six or seven.

One of my favorite features is the logging. The log journal is very descriptive in what it records about the traffic. It is a good way of tracking who comes in and who goes out of your network.

I think this product is made by the market leaders. They have pretty much everything you can ask for as far as features are concerned. The pricing is high and I think it could be more competitive if it was lower. They might resolve that difference by offering even more features.

Another feature I'd like to see is a different way to handle load balancing on the firewall. Sometimes when you are using a firewall, you need another layer to properly balance your traffic. Right now that means adding more equipment, which is expensive. If Check Point could offer another option for a different way of doing load balancing, that would be a cost-savings for the client.

Another option might be offering data fusion. Sometimes you can combine the data stream. If you can and you do, you will have one stream instead of having multiple streams. That is also very cost-saving when you can fuse the data.

The product is stable. I'm quite satisfied with the stability.

I think the technical support is very good. They know what they are talking about and I get answers when I need them.

The setup was straightforward. The deployment took me only a couple of hours.

I am both a consultant and at the same time a systems integrator. I do the installations.

The pricing is really extremely high in comparison to the rest of the market. The cost for the licensing of the Check Point 3100 series is a little bit over 10,000 euros. But they also make the software subscription mandatory. That means that not only do you have to buy the appliance, but you have to also buy a subscription.

The other firewall solutions that my clients usually want to consider when they are looking for an anti-malware tool aside from Check Point are Fortinet (which is also a good product) and SonicWall (which is also a good product).

As far as how these products compare, I would say Fortinet has more accessibility in terms of just getting the product. Check Point is very hard to procure. You have to go through different channels, you have to follow different requirements and give a lot of private information in order to acquire it. Sometimes there are governmental laws and restrictions that affect the procurement of a product with such sophisticated encryption. It is almost like they have to clamp down on the encryption when the product is outside the US. It is like wifi. When you order wifi access points for the UK or for the US, there are different encryption algorithms. As soon as that product goes out of Europe or the US, it is illegal to keep the same encryption type. You have to lower the level of encryption for some reason. It seems very strange.

When leading countries start dictating what you should have and what you should not have, it seems like there is no justice. It should not be that you consider yourself a privileged country and you want to have a high level of encryption and not allow people in other countries to have it. If you believe in fairness, equality, and sharing — all of these values are things we hear them talking about, but that they don't allow us to experience. In just buying the goods, you have different standards for our country. The same product should be the same thing everywhere. We are on the same grounds and the same sky above you. It is not fair and even trades for everybody, but it costs the same.

Advice that I would give to others who are looking to implement Check Point Antivirus in their organization is the same advice I would give to someone considering any solution. Before you invest any money in any product — it could be Check Point, it could be Fortinet — you have to know what you are trying to achieve. If you don't know what you are trying to achieve, there is no purpose in buying anything. It will not serve a purpose. 

First, define your parameters, understand the risk that you are up against without the solution and what the benefits are if you buy. Then after you think about it, it is time to decide if it is worth it according to your actual needs. You do not always need to go to get fancy products and an enterprise solution if the purpose and scope for your plans do not fit the model of those products. Sometimes I hear people just say they want a product because they hear it is the best name. Sometimes a choice like that is more overwhelming. It does not serve the purpose, it is more difficult to deploy and people end up not even using it. The purchase becomes an operating capital that gets burned and spent for no reason when it was money they could have invested somewhere else. They just put the money in the wrong place because they want to do like everyone else. If you are talking about a large insurance corporation, their needs are much different than if you are talking about a small or medium-sized company that does not fall under so many government restrictions.

I would recommend Check Point Antivirus for medium and enterprise-sized organizations. Not for small organizations because it would almost always be too much. 

On a scale from one to ten where one is the worst and ten is the best, I would rate Check Point Antivirus as an eight to nine. That is because they know their market. They are focused on what they do and they do only that. Their focus is not spread out so they produce the best product. 

We use it primarily for mobile phones. That is it. We really aren't using it in depth at all. We're using it just with basic configuration.

The biggest value we found was ease of deployment. I haven't really used it much, so I can't really comment beyond that. I haven't used it much, but it's working.

It isn't exactly the cheapest, but then it's Check Point. The price could be improved.

I'd also love to see them add full MDM support, but I appreciate that that's not the product market. If it did come in, I'd be more than happy to look at additional modules. It was probably one of the easiest products I've ever had to deploy it, but if it's not capable of doing MD, then that's going to impact its usefulness to us.

I haven't had any problems with the stability of the solution.

We've had no issues with scalability so far. We're not using it very extensively at all. I use it for less than 30 people. It's not like we're using it on thousands and thousands of machines, but I don't foresee any issues with it if we did.

We have less than 30 users, currently. I think there are 15 active at the moment. I've got 15 more licenses to buy, but we're not going to be doing that until after Christmas. We're not in any rush for those.

I haven't needed them. I haven't spoken to them. It really was that simple. It's like buying a microwave meal. You read the instructions, which there are not a lot of, and it works.

The initial setup was easier than anything. It took 20 minutes. I was actually on a holiday and I liked it. I set it up and deployed it all from a mobile phone on a beach. It's that easy.

I didn't need any outside help, apart from the people I bought it from, who actually requested the portal and I got an email address and a password. I got a username or password through my email address and then I had to do everything else myself and it was so easy. It's ridiculous.

I bought them for 12 months and I genuinely cannot remember what I paid for them. I think it's about 100 pounds per user per year, so about 10 pounds a month per person.

It's very basic from what I see. It's not a full MDM solution and it's restricted with other MDM provisions. If you want to use an MDM with it to do other things like your email provisioning to mobile devices, you don't have very many options. I think it's AirWatch, MobileIron, Intune, or SOTI: only the most expensive products. If you want to look at something a little bit cheaper, you've got to pay through the nose. You can't have a cheaper solution as an MDM and run this concurrently. That's why they need to look at integrating with more MDM vendors. 

Other than that, it's okay. It does what it needs to do and it's going to tick a box that protects me for the next 12 months until I'm ready for the next project, which I am not yet. I'm one man trying to deal with 140 users across five different countries. So, I'm flat out and I don't have some time to do all the other bits.

The biggest lesson I learned is just because it's expensive, it's not always the best. If you want it to integrate with other products, though, you've got to pay a lot of money for other products as well. That's the only issue that I've got with that.

I would rate this solution as eight out of ten, purely because there are additional features I'd love to see, but that is it. If you're doing it on the deployment side of things, I'd give it a ten out of ten. If you're looking at the product as a whole, however, there are a few things I think are missing, but only as additional features. Nine out of ten other customers would probably give it a ten out of ten because they don't need the features that I need. For me personally, it is a little bit empty in certain places. There's so much more they could do with that to make it the most awesome market cornering product there is, but it's not there yet.

The primary use case for this solution is security.

The most valuable feature of this solution is the VPN.

I would like to see support for a policy in the appliance that will refuse to create a connection if it does not detect an active virus scanner.

Two-factor authentication is missing from this solution.

The stability is very good.

This is a scalable solution.

I would rate this solution a ten out of ten.

We use it for government utility billing, with all of our systems located in different places, working remotely as well. We also have an on-prem data center here in India. We have Check Point to cover all these things.

We used to have Fortigate, the firewall, and endpoints were only protected by an antivirus. We did not have threat management or ransomware protection. We upgraded to Check Point to get this kind of protection at the endpoint level. It covers firewall, availability, VPN, IP security, IPS, application control, URL filtering, antibot, antivirus, anti-spam, and sandblast threat emulation and extraction.

The entire industry may move to the cloud, where we don't have to worry.

The stability is good.

The scalability is there.

Their technical support is good.

We changed from Fortigate because we deal with public data, government data, utility billing. It is very important to maintain security to the greatest extent possible. We can't afford to lose data.

Our billing cycle that takes place periodically. If we miss something, lose data due to ransomware or the like, we are totally out or operation. We can't again continue the billing cycle in such a situation. It is subject to penalties imposed by the local state government.

The deployment was very simple. It took about 20 days.

We had help from a Check Point solution partner.

Check Point offered very good pricing through negotiation. The licensing is done yearly. We have a three-year subscription, including premium, direct support; the Next Generation and SandBlast are for two years. Our cost, including everything, is 18 lakh rupees.

Symantec is expensive so we did not go for it. Many solutions are equally good, you could go for any of them. Check Point offered competitive pricing and additional features. Symantec may be suitable for certain applications and certain data centers. But what we found over a period of time Check Point suits our purpose.

If you have a medium-size environment like ours, this solution should serve the purpose, although you may need different things. In security, one thing cannot suit everybody.

We have about 500 users of the solution. We don't have any immediate plans to increase our usage. Any increase would be at least two to three years in the future, given the type of environment and workloads that we have. 

We primarily use the solution to prevent and detect the abnormalities and viruses on endpoints. 

It's also to monitor endpoints and the use of endpoints when it comes to identifying items like USB sticks, etc. because it's not really in our company policy to allow the use of a USB at work stations.

The most valuable feature is the integration with Check Point's firewalls. You can have one port, and follow the logs from both Endpoint and firewall security.

The solution could improve VPN functionality and the VPN user-interface.

The solution is very stable. We are quite happy with the solution, and we have had very few issues with it.

Scalability is very good. 

Technical support is fairly good. I'd rate it three out five. It's fairly good, but not optimal. 

Check Point could offer better personal support. They have a ticket system, but once you create a ticket, it can take up to seven to days before you get any feedback at all. Depending on the situation or the problem that we have, that's far too long.

We previously had a Cisco solution.

The initial setup was complex. From an IT department perspective, we don't have that many IT technicians, so, for us, it was complex. If we had put an IT engineer on Check Point, it might have been easier. 

Implementation took about two days. The strategy was to do the implementation outside of office hours, so it was actually done over a weekend.

We are outsourcing the maintenance, which is about 4 hours of work a month.

We had a consultant assist us in the implementation.

We pay roughly 80,000 Swedish krona per year. When it comes to the firewall, it's roughly 150,000 Swedish krona yearly. There's also maintenance, of course, which is roughly 10,000 krona per month.

We evaluated a few solutions, including Cylance. We evaluated the existing solutions and compared them to Check Point.

My advice to others considering implementing the solution is, depending of course on if the company is looking for a new kind of firewall solution, is "Don't do it yourself."

I would rate the solution eight out of ten.

We have implemented Check Point for endpoint protection.

We had a ransomware attack and the SandBlast agent automatically picked up the ransomware. It automatically deleted the ransomware and restored the encrypted files.

The most valuable feature of Check Point Endpoint Security is the SandBlast Agent.

One area of this product that has room for improvement is the disc encryption.

I'd like to see a patch management solution like Kaspersky has. That's the only feature that's missing.

Check Point Endpoint Security is very stable.

Check Point Endpoint Security is very scalable. There are 11 of us. You need a central management station with one person. Everybody here is using it already.

The technical support is good. If you log calls, they're very quick to respond.

We used Kaspersky. The Check Point Endpoint was new. We wanted to roll it out to our clients. We wanted to first try it in-house.

The initial setup is straightforward. It was very quick. It was probably, in total, about 40 minutes.

We are Check Point partners. We did it ourselves, in-house.

Our license is on a yearly basis. It just includes the licensing fee.

We did have a look at some other options like Symantec and McAfee. We found that the anti-ransomware component on the Check Point was better than the competitors.

My advice to others that are looking to implement Check Point Endpoint Security is that it's very secure. The only issue is that the disc encryption is bound to the hardware in the machine that it's in. It takes a bit long to decrypt the hard drive. That's the only issue. 

I'd give Check Point Endpoint Security about a nine out of ten.

We primarily use this solution as the main firewall for the perimeter of the hospital. We use the firewall itself for URL filtering, application filtering, and identity awareness.

Before we used this solution, our mail used to have a lot of spam and most of the time our main email account was blacklisted. Now it works well; we are whitelisted by all organizations, including Google. Also, the security of our institution has really improved.

They should provide bandwidth regulation so we can monitor and regulate bandwidth.

It's 100% stable. It has never failed me in all the years I've used it.

I do not think I have had any higher scale than now. Initially, we used the R77.3, but I have just upgraded to the Gaia R80 operating system. For the amount of user we need, it usually works well. We have 5,000 users on it and it is still running okay.

Actually, we have already ordered two more boxes. We are waiting for them to arrive in the hospital. They are both from the 15400 series.

The technical support is fine. We've got a good relationship with the company. If there is any problem, they respond very well and fast.

For maintenance, we have a service agreement with the vendor who brought it to our institution.

We had SonicWall, but it was not stable. With the number of users we needed, SonicWall became a bit overwhelmed.

When we started it the initial setup was very complex. I have never been given any training on Check Point. I had to learn on the job.

The deployment did not take long, the guys who came to the place from Check Point did it very fast, it was a fast thing, within a day or two.

Return on investment was the first thing we checked. We are okay in that regard. We are not complaining.

We pay on an annual basis. There are no additional fees, they mostly tell us what we have to pay. We have budgeted for it.

We looked at firewalls from Fortinet and Barracuda. We even brought guys here to test their solutions, but they were no match for Check Point. We are comfortable now with Check Point.

My advice is to get Check Point, even without trying it first. Use it, and you will be very, very secure. Check Point guarantees the security and stability of your network.

I would rate this solution as nine out of ten.