We changed our name from IT Central Station: Here's why
José Javier Dominguez Reina
Project Manager at Junta de Andalucia
Real User
Top 5Leaderboard
Enables us to centralize all the security software used in a console and avoid ransomware
Pros and Cons
  • "The graphical interface is very easy to use and intuitive, which greatly facilitates the work and greatly facilitates the work and the location of threats on the users' computers."
  • "SandBlast Agent had moments in which it had a high load, we escalated it to the CheckPoint support that helped us to stabilize it. We had a problem with the parameterization of the solution. Once corrected by following the CheckPoint instructions, everything worked normally again."

What is our primary use case?

We were looking for a solution as complete as possible to replace the existing antivirus and, if possible, integrate it with other products that we have, such as the CheckPoint firewall.

We decided to use the Check Point SandBlast agent to prevent ransomware on users' computers.

We subsequently expanded the scope of the solution to detect malicious activity on our network.

It is a very complete product but you have to know how to parameterize it well to avoid high CPU consumption.

It is also missed that it does not have a client for Linux.

How has it helped my organization?

Check Point SandBlast Agent allows us to centralize all the security software used in a console and avoid, mainly, ransomware in the company.

Many of our users have laptops to carry out teleworking, with this tool we can secure their web browsing, and in the event of suffering some type of attack, the computer is notified by SandBlast Agent and provides information about it and the security actions carried out. It even allows you to restore files modified during the attack.

You also have the option of performing a forensic analysis of the infected computer by providing a lot of information.

What is most valuable?

What we liked the most about the product, apart from detecting any attempted attack, is the graphical interface.

The graphical interface is very easy to use and intuitive, which greatly facilitates the work and greatly facilitates the work and the location of threats on the users' computers.

We also highly value the anti-ransomware functionality, which creates a copy of the files on the computers and in case of infection by ransomware is able to restore them to a date when the computer was not infected.

What needs improvement?

It is a very complete product but you have to know how to parameterize it well to avoid high CPU consumption.

SandBlast Agent had moments in which it had a high load, we escalated it to the CheckPoint support that helped us to stabilize it. We had a problem with the parameterization of the solution. Once corrected by following the CheckPoint instructions, everything worked normally again.

It is also missed that it does not have a Linux client since some administrators use this type of operating system.

For how long have I used the solution?

I have been using SandBlast for more than six months.

Which solution did I use previously and why did I switch?

Previously, we used third-party antivirus software and switched to Check Point SandBlast Agent for its ease of integration with other Check Point products and to improve protection against ransomware.

What's my experience with pricing, setup cost, and licensing?

The cost of the solution is similar to other products on the market.

Which other solutions did I evaluate?

We have been evaluating other products, such as Bitdefender and Broadcom (Symantec Enterprise).

What other advice do I have?

It is a very complete product but you have to know how to parameterize it well to avoid high CPU consumption.

It is also missed that it has no client for linux.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Field Services IT Desktop Support Supervisor at a government with 5,001-10,000 employees
Real User
Top 10
Easy to use, very effective, and scales well
Pros and Cons
  • "We have found the stability to be very reliable."
  • "Technical support can be a bit slow at times."

What is our primary use case?

We have this at an enterprise level and we have it for all our endpoints. We use the product for disk encryption, anti-malware, and BPM blades.

What is most valuable?

The solution offers disk encryption, anti-malware, and BPM blades. For example, the Disc Encryption Software Blade is actually a part of this endpoint security solution. The whole thing is good for us.

The product has been proven 100% effective with us. We haven't had anything related to any threats passing to us for the past five years.

The solution is easy to use. It is self updated when there's a new version. It updates seamlessly, no matter what features you have. However, depending on what we use, there are some features that they will not apply in the clinics. We don't have the preview screen. We can customize it in a way that it doesn't disrupt our operation depending on if it is a laptop, it is a desktop.

The security is very good.

The solution is very straightforward.

The solution scales well.

We have found the stability to be very reliable. 

What needs improvement?

The solution is mostly very good. The reason why I'm trying to compare it with FireEye is due to the fact that it's supposed to be a mandate by the State. We are trying to justify the fact that we don't need to change our environment. For example, if the only thing that they want is to provide reports for the State, then that's a different story. We can customize the reports based on what they're asking for. We don't need to change or want to, however, the State may require us to.

Technical support can be a bit slow at times. 

For how long have I used the solution?

We've dealt with the solution for ten years.

What do I think about the stability of the solution?

The solution is very stable. There are no bugs or glitches. Its performance is good. It doesn't crash or freeze.

What do I think about the scalability of the solution?

The scalability of the product is very good.

How are customer service and support?

The solution offers very good technical support. While they may be a bit slow, they always come through with a solution. 

How was the initial setup?

The initial setup is very straightforward. It's not a problem at all. 

What's my experience with pricing, setup cost, and licensing?

I have no information in terms of the pricing. I'm not involved with neither the purchase, maintenance, contract, or anything that has to do with licensing.

Which other solutions did I evaluate?

The company may be interested in trying to change to FireEye. I'm looking at it now to see what differences and advantages are at play. 

What other advice do I have?

We're just a customer and an end-user.

I'd rate the solution at a ten out of ten. We've had no problems with it at all.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Learn what your peers think about Check Point Harmony Endpoint. Get advice and tips from experienced pros sharing their opinions. Updated: January 2022.
564,997 professionals have used our research since 2012.
PRAPHULLA  DESHPANDE
Associate Consult at Atos
Real User
Top 5Leaderboard
Helps us to detect running malicious activity in our network
Pros and Cons
  • "It helps us to detect running malicious activity in our network and after the COVID situation, most users are working from home where it becomes very difficult for IT admin to maintain security so such type of solution definitely helps us to prevent cyber attacks."
  • "We know that Check Point has a very good database about threats even Check Point tries to make this EDR stable still there are some issues we were facing after upgrading or taking TAC to help its got resolved but Check Point really needs to work on metadata."

What is our primary use case?

Previously, one of our clients was using Symantec and we provided POV to them with Check Point SandBlast agent after that customer found that it's very easy and stable to use after E83 version released.

There were many bugs or cosmetic issues that Check Point rectified and provided the stable version.

It helps us to detect running malicious activity in our network and after the COVID situation, most users are working from home where it becomes very difficult for IT admin to maintain security so such type of solution definitely helps us to prevent cyber attacks.

How has it helped my organization?

Compliance check, anti-malware, Media Encryption Full disc encryption, Forensic behavioral ransomware protection are some type of feature that Check Point provides with a single dashboard console. It gives overall host information about when any malicious activity has found and what action by which security blade has taken. So starting from firewall bladed to forensic / ransomware blade it gives us finite detail information on the host. So most of the security load has been transferring to the endpoint which is perfectly doing their work.

What is most valuable?

Most of EDR solutions which detect malware based on AI or ML. Check Point provides the most sophisticated attack vector information by combining these two. The forensic analysis gives detail information about host compromised how exact payload was executed and bots were communicating and how it prevents them.

Anti-ransomware createS a copy of your entire disk in case any suspicious activity founded then it automatically restored all files to its last backup file date so even after the system gets compromised by ransomware still we get hope to get all data safely.

What needs improvement?

Stability.

We know that Check Point has a very good database about threats even Check Point tries to make this EDR stable still there are some issues we were facing after upgrading or taking TAC to help its got resolved but Check Point really needs to work on metadata.

Check Point agent to Server communication many times got interrupted or cloud-managed infinity portal dashboard gives many issues while creating policy or installing uninstalling agent or packages.

Heavy load on the system gives issue which can be in a different manner.

For how long have I used the solution?

2 years.

What do I think about the stability of the solution?

Needs to work better.

What do I think about the scalability of the solution?

can be scaled upto high value

How are customer service and technical support?

TAC team is helpful.

Which solution did I use previously and why did I switch?

Symantec to Check Point.

How was the initial setup?

Not too easy. Need to have basic understanding and require to take local Check Point engineers to help sometimes.

What about the implementation team?

We are a vendor.

Which other solutions did I evaluate?

Cisco  AMP.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
ITCS user
Project Manager at SANDETEL
Real User
Top 10
Easy to use, reasonably priced, and reliable
Pros and Cons
  • "It has a great ability to detect threats and keep us safe."
  • "There are still functionalities that I have not been able to fully test and I would like to spend more time using the tool before offering an opinion to the IT Central community on this point."

What is our primary use case?

In my organization, we have selected the Harmony Endpoint tool after an analysis of the market. We wanted to be able to secure the deployed part of our mobile corporate devices in order to start the security processes at the point closest to the user possible. Thanks to its ease of deployment and its power in detecting malware or insecure elements, this tool provides us with the peace of mind we were looking for in an environment of several thousand terminals deployed on the network in very different environments.

How has it helped my organization?

By using the Check Point Harmony Endpoint tool we have achieved great visibility, extensive control of our network and our users, and, above all, a level of security against cyber attacks that's more effective than what we had before. Now, we can detect and avoid security incidents and we can better understand the use that our users make of the devices, and, most importantly, we can apply security policies that keep us safe - not only on the organization's own systems but also within the data. The personal information of our users is also very much protected.

What is most valuable?

When starting to use Check Point's Harmony Endpoint tool, the first thing that strikes us is its great ease of deployment. In our case, it has been a deployment without too many incidents considering that we are talking about a deployment in the tens of thousands of devices. Once deployed, the dashboard and all the inventory information that we have been able to obtain and that we did not know before are very interesting. Of course, one of the key points of Harmony is its great ability to detect threats and keep us safe.

What needs improvement?

After using Harmony for six months, I still don't have a clear vision of the possible improvements that the tool may need. There are still functionalities that I have not been able to fully test and I would like to spend more time using the tool before offering an opinion to the IT Central community on this point. What is very important, in my opinion, is the remediation or recovery capabilities after an attack. From what I have seen so far, this tool aligns with the quality of Check Point products and the evolution it has is correct and logical. Check Point is always ahead of the needs of the market.

For how long have I used the solution?

I've been using the solution for 6 months.

Which solution did I use previously and why did I switch?

No, it is the first tool of this type that we deployed in my organization.

What's my experience with pricing, setup cost, and licensing?

I would advise all organizations to deploy tools of this type for the security they need. As for Harmony, I recommend it 100% for its ease of use, reliability, and reasonable price.

Which other solutions did I evaluate?

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Head of IT Operations at Puerta de Hierro Hospitals
User
Great for remote workers with excellent endpoint agents and easy communication with the console
Pros and Cons
  • "The communication with the console is very dynamic and remote, without the need to return to the computer locally."
  • "There needs to be compatibility with the most recent versions of the various operating systems."

What is our primary use case?

The main option for which this solution is used is to have all the peripheral equipment protected - avoiding risks due to malware and viruses. The solution can be managed by device, with filtering and analysis of the information of all collaborators available there. 

It's used to analyze emails from key users and for content filtering rules. It does not allow dangerous downloads, which protects the work of the organization outside the main network. It gives tools to the collaborators to make the work outside the installations (home office) easy.

How has it helped my organization?

With COVID affecting the world, a solution was needed that could be able to provide security at workstations outside of the organization itself. With the sandblast tool, coverage is made on the equipment that we provide (laptops) and employees can carry out their activities from home. The tool has provided us with security to ensure that the computers are protected while also providing information analysis. It offers easy control and implementation of content filtering rules. Thus, you have control of all the organization's teams outside and within the operational network.

What is most valuable?

The endpoint agents, which can be installed in one go, are great. The communication with the console is very dynamic and remote, without the need to return to the computer locally. 

From the administration console, we can generate content filtering rules and labels, as well as run an analysis of emails and downloads that the collaborator does to fulfill their functions. Informing the administrator of threats by mail gives us the facility to detect real-time vulnerabilities in order to continue fulfilling the objective of safeguarding the information of the organization.

What needs improvement?

There needs to be compatibility with the most recent versions of the various operating systems. They need to be up-to-date with the signatures of new viruses and the latest ramsonware. With the encompassing of all its solutions in one platform, there should be artificial intelligence for specific analysis to thus be able to anticipate and detect unique risks to the organization. 

To be able to count on the administration console on any device and online cloud would be ideal. We would like there to be no need to install clients as executables.

For how long have I used the solution?

I've been using the solution for one year.

What do I think about the scalability of the solution?

We like the idea of ​​continuing to implement more solutions offered by Harmony.

How are customer service and technical support?

Technical support is good. They comply when we need support or have product questions.

Which solution did I use previously and why did I switch?

No, Sandblast was chosen as the first option.

What's my experience with pricing, setup cost, and licensing?

The solution meets our business needs. 

Which other solutions did I evaluate?

We did look at Fortinet solutions.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Anil Redekar
Senior Network Engineer at Infosys
Real User
Top 5
Great anti-malware, anti-phishing and anti-ransomware capabilities
Pros and Cons
  • "The main advantage of the solution is the ability to implement complete security policies for the terminals in order to address how apps are installed on corporate devices."
  • "The solution needs more alerts to warn of attacks."

What is our primary use case?

In our organization, we are creating Trusted, Untrusted, and DMZ zones. 

We use URL filtering, antivirus and threat prevention, as well as detect and monitoring of all the outside traffic that enters the organization. 

It downloads the latest signature from the Check Point database for anti-malware and it keeps my laptop clear from malware files and attacks. 

We are now able to regularly scan after implementing this product and now we feel happy. In many ways, it made us feel safe. 

We have installed this tool for every user.

How has it helped my organization?

The Harmony vendor is excellent at providing various features and updates regularly. 

The main advantage of the solution is the ability to implement complete security policies for the terminals in order to address how apps are installed on corporate devices. 

It secures our organization from attacks from ransomware, malware, et cetera. 

The most important feature is the file scan capability. It saves us from attacks by modified files. In this way, we secure our internal traffic from outside attackers.

What is most valuable?

The below features are most valuable:

1) Anti-malware

2) Threat protection with signature

3) Anti-ransomware

4) Anti-phishing (support for all leading browsers)

1) Anti-malware (to detect and prevent malicious activity)

2)  Threat protection with signatures to prevent the threat on the basis of a signature. Signatures are stored in the database. 

What needs improvement?

I would suggest that the Check Point team always allocates an SME to all the vendors before implementation. This will help when the endpoint agent cannot integrate with another product or third party. It could expand the functionalities too. In addition to security functionality, they could incorporate Mobile Device Management (MDM) functionalities such as remote device management, administration of installed applications, et cetera. 

The solution needs more alerts to warn of attacks. 

For how long have I used the solution?

I have used this product for the last two years.

Which solution did I use previously and why did I switch?

We did not use a different solution previously.

How was the initial setup?

The setup is somewhat complex the first time, however, it is not too complicated or difficult.

What about the implementation team?

We implemented this product as per the organization's requirements. We did it ourselves.

What was our ROI?

Our ROI has definitely improved after installing this product.

What's my experience with pricing, setup cost, and licensing?

It is a fair price and according to the quality of the product offered.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Manager, IT Infrastructure and Security at Control Southern Inc.
User
Great anti-ransomware blade, provides HTML reports, and protects endpoints well
Pros and Cons
  • "One of the coolest features is that it provides an HTML report on the laptop and the endpoint console for the administrator."
  • "The product updates are a manual process for my administrator and can take several hours out of his day."

What is our primary use case?

This solution handles AV, malware, VPN, ransomware and so much more. It's a solution for all of our endpoints. We have 250 users spread out over the southeast US and they all connect back to corporate for onsite ERP

Most of our workforce is remote in offices or homes in Georgia, Alabama, Florida, and Tennessee. We also have technicians that work in plants with limited or no internet connectivity so when they get to a hotel or other public internet hotspots. The auto-connect to VPN is critical to them having a secure connection to our corporate network.

How has it helped my organization?

The solution has provided enhanced security on all endpoints for URL filtering, VPN, media encryption, and scanning. One of the most common responses from our clients is that they love the auto-connect of the VPN, yet hate that we scan all USB devices they plugin. 

When our technicians are working at a plant with no internet and they go to a public hot spot, the VPN auto-connecting to corporate secures their data back to corporate without them having to do anything. 

The scanning of ransomware has stopped dozens of attempts from malicious websites.

What is most valuable?

The anti-ransomware blade is great. It stops device encryption automatically and has caught hundreds of cases on client laptops. 

One of the coolest features is that it provides an HTML report on the laptop and the endpoint console for the administrator. It will show you the forensic report of where it came from and if it spread to other systems that have the endpoint client installed. 

The best thing is it never gets past the first client as it looks for bad behavior. If needed, you can open the console and allow it.

What needs improvement?

The product updates are a manual process for my administrator and can take several hours out of his day. I understand this is partially due to the Windows version limitations. When you do need to update the client version it is pretty easy. Usually, it's a case of the end-user not being online to accept the push of the software. That is where it can take up a few hours of my administrator's time. The administrator has to wait and email for our technicians to go to an internet available area. It is usually not a big deal, however, it can take time.

For how long have I used the solution?

I've been using the solution for five years.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Kirtikumar Patel
Network Engineer at LTTS
Real User
Top 5Leaderboard
Impressive zero-day protection and well-suited for a complex environment
Pros and Cons
  • "The most valuable feature is the Zero-day protection, which covers our on-premises users, and well as those users who are outside of our network."
  • "As of now, product-wise, we haven't found any major concern that needs to improve, although it does not support full MDM and this is something that should be there."

What is our primary use case?

We are using Check Point Endpoint security to protect our remote users, as well as our roaming users that are accessing our on-premises resources externally.

We have come to know that our remote and roaming users are completely secure with Check Point Endpoint Security. With this confidence, we are now planning to roll out this solution for our on-premises resources, including machines and devices, as well. This will give us complete endpoint security.

How has it helped my organization?

Check Point Endpoint Security has improved our organization with features that include Security, Management, and Reporting. We have not yet rolled it out for all users, but that is our intention.

With this product, the data accessible by our endpoints is secure.

We have zero-day protection, which is not available with our other endpoint protection solution. That is the reason we preferred to implement Check Point Endpoint Security.

Finally, from a management perspective, the single point of control makes it more manageable.

What is most valuable?

The most valuable feature is the Zero-day protection, which covers our on-premises users, and well as those users who are outside of our network. 

With Zero-day protection, we have complied with our customer-specific policies as well.

Most of our users are working on customer-related projects and today, everybody is looking to have zero-day protection at the endpoint level, as well as to protect against unknown threats or viruses.

What needs improvement?

As of now, product-wise, we haven't found any major concern that needs to improve, although it does not support full MDM and this is something that should be there.

For how long have I used the solution?

We have been using Check Point Endpoint Security for the last six months.

What do I think about the scalability of the solution?

Scalability is very good and there is no such concern for this solution.

What's my experience with pricing, setup cost, and licensing?

The cost is huge compared to other products that are available on market.

Which other solutions did I evaluate?

We haven't evaluated other products but we know there are many that are cheaper than Check Point.

What other advice do I have?

In my opinion, it is a very good solution for organizations with a complex environment. We can secure it. From a security perspective, we trust only Check Point endpoint security. This product is a market leader.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Check Point Harmony Endpoint Report and get advice and tips from experienced pros sharing their opinions.