Check Point Harmony Endpoint Reviews

Since we are resellers of checkpoint products, We deployed  checkpoint antivirus blade to our customers as a gatewaye-level malware prevention that will stop threats before they reach users by scanning files at the network level, and also most of our customers are on the banking industry. so these financial institutions need to block malware that could compromise transactions and customer information, thanks to checkpoint antivirus blade that is incorporated in checkpoint firewall blades, we just made it possible to our customers.

Checkpoint antivirus blade has improved our customers security postures by enhancing theirr malware detection, reduced risk of cyber attacks and also by stoping threats before they reach users by scanning files at the network gateway. Additionally checkpoint antivirus blade is keeping our customers from different known and unknown threats by its real-time security intelligence from checkpoint theartcloud.

it's gateway-level malware prevention. This feature is valuable for our customer because it stops threats before they reach users by scanning incoming files at the network gateway. And also it can work with alongside with Check Point Anti-Bot Software Blade for comprehensive security. Above aove all and the intersting one is like it can be manged centrally from single, user-friendly console. Addisionally it has low false positive rate, and effective threat mitigation. As a whole our customers are happy about this solution with these mention features.

By default the antivirus blade monitors SMTP and HTTP traffic, but inspecting HTTPS traffic requires enabling HTTPS inspection and threat emulation, which can be resource intensive. Because decrpting traffics can be resouce intensive, which results performance impact on legitmate traffics also. And also our customers have a some complain about it pricing because compared to other vendors antivirus solutions checkpoint is considered costly. Other than these the solution is a must to have in your envirinemnt.

For almost more than 2 years, I worked on checkpoint products that resell and implement chech

no 

we deployed it by our in-house team

Yes Fortinet, Paloalto and other vendors

Our main use case for Check Point Harmony Endpoint is for posture for the user endpoints. When I say posture for user endpoints, it includes both compliance and threat detection. Compliance ensures that before users connect to network resources, whether within the organization on the switches or outside via VPN, the endpoint client must verify whether the posture is acceptable, ensuring that antivirus is running in the background without threats, and making sure that the device is secure.

Check Point Harmony Endpoint has positively impacted my organization primarily in the protection context.

It has helped significantly on the protection side, considering that we no longer face issues where data is lost because someone put it on a USB drive, whether they took the device home or elsewhere. We no longer encounter situations where information leaks from users inside, effectively closing off one of the threat edges.

The best features that Check Point Harmony Endpoint offers, unlike traditional endpoint solutions, focus specifically on detection and remediation even before the device has to go to the firewall. We manage it through the Infinity Portal, which helps us with the fatigue of logging into different windows.

The automated detection, which is EDR, detects any threats potentially moving from the user endpoint onto the network and possibly to the data center. Another critical feature is data protection to prevent someone from easily extracting information from the user laptop by plugging in a stray hard drive or USB.

The automated detection and EDR in Check Point Harmony Endpoint reduce administrative overhead. The agent comes with pre-installed settings to detect different threats on the endpoint. In most other solutions, you must start from scratch, which takes considerable time and troubleshooting. With Check Point Harmony Endpoint, you're basically fine-tuning because the templates are already running, and you just adjust them to fit your organizational preferences.

There are some pain points with automated rules in Check Point Harmony Endpoint. In the initial stages, you sometimes have to do fine-tuning because you get false positives, resulting in users being unable to connect. However, those issues are eventually fixed.

The pricing is a bit expensive, making it harder to maintain the licenses, and the initial setup takes a learning curve since it needs to fit into the Check Point environment and integrate with other systems.

I have been using Check Point Harmony Endpoint for three years.

Check Point Harmony Endpoint is stable.

The scalability of Check Point Harmony Endpoint is satisfactory.

I have interacted with Check Point Harmony Endpoint's customer support, and my experience was good.

The customer support for Check Point Harmony Endpoint deserves a rating of 10.

Positive

My experience with pricing, setup cost, and licensing was good, primarily because of the support provided.

I have seen a return on investment from using Check Point Harmony Endpoint in terms of fewer security incidents, and the previous issue of data leaking from user devices has completely disappeared.

I did not evaluate other options before choosing Check Point Harmony Endpoint.

I would encourage others looking into using Check Point Harmony Endpoint to invest in it. Protecting an organization solely with a firewall is challenging, especially in a hybrid work environment where working via VPN has become common. Therefore, investing in Check Point Harmony Endpoint ensures that the threat landscape on the user side is fully covered and protected. On a scale of 1-10, I rate Check Point Harmony Endpoint a 10.

We declare this endpoint security in their device so that all the components should meet the end user device and we can protect our different vessel from the threats and control the user access.

What stands out to me most about the best features Check Point Harmony Endpoint offers are the data cost management features and strong policy that empowers user devices with central management and visibility.

The data processing features of Check Point Harmony Endpoint are more detailed in independent user devices, and it controls sensitive data transfer whether it is transferring data from the USB or whether an image is uploaded to the Internet. In that we get the infeasibility and the control.

Check Point Harmony Endpoint has positively impacted my organization, and after deployment resolution, we are compared to some of the cybersecurity guidelines and it has improved our work on security for the devices.

As of now, I do not see any challenge with the problem regarding how Check Point Harmony Endpoint can be improved.

I would say that the course is something that can be reduced compared to other options to make my experience with Check Point Harmony Endpoint even better.

I have been using Check Point Harmony Endpoint for more than three years.

I rate Check Point Harmony Endpoint a nine out of ten. I choose nine out of ten because apart from the licensing cost, everything is great. My overall review rating for Check Point Harmony Endpoint is nine.

This solution can provide you with robust endpoint security and has the ability to give deep-level forensics because of EDR capability. 

The solution can offer you value-added features with the EPP-EDR platform to ensure complaint and posture management, category-based web access, disk encryption, password protection, and DLP over endpoint channels.

The primary key use cases for Check Point are:

1. Single console across multiple Check Point solutions using the Infinity Portal

2. Flexible deployment architecture

3. OS support

4. Rich threat intel to mitigate known/unknown attacks

5. Flexibility to bundle multiple value-added additional modules/features with the EPP platform

By using Harmony, you can provide 100 % security to the endpoints along with compliance and management features. This has a flexible deployment method. 

It has extended OS support to ensure your legacy endpoints also have zero-day protection. 

Using add-ons such as posture management, organizations can manage OS-level vulnerability and get rid of unwanted beaches. 

Check Point Harmony also protects you from web-based attacks along with category-based restrictions to ensure the end user gets the required access. 

Integration of the Check Point Threat intel cloud with the EPP-EDR platform, which is enhancing and providing efficient DB for threat hunting and preventing zero-day using an anti-exploit platform. 

Apart from the EPP and EDR capability, Check Point Harmony can integrate using API with 3rd party vendors; Azure AD integration makes the whole deployment and management easy for the administrator.

Multiple endpoint protection packages are available for organizations. Also, it is an MSSP-compatible platform.

With Check Point, you will get your all required value-added features as per your requirements. That said, they need to focus on more scalability (as much as possible) so that the solution can run across all supported OS. 

There are legacy OS concerns. It would be really helpful for them if legacy OS support could be extended up to Windows XP. 

Aside from that, Check Point Harmony will be a suitable option for any type of organization.

I have been closely working on this solution in my organization over the last year. 

Using rich threat intel and robust endpoint security, the solution ensures protection against known and unknown attacks.

The solution offers a flexible deployment and easy management through a consolidated console. 

Support is good.

Positive

Previously I worked with Cylance AV. Considering all value-added features along with the robust endpoint solution and threat intel, Check Point Harmony is the better choice. 

The initial setup is very simple.

We handled the implementation in-house.

The pricing is really competitive when you consider other known vendors in the market.

We explored some traditional solutions as well.

Check Point Harmony is feature-rich and robust, with great endpoint detection and response capabilities to ensure deep forensic understanding across incidents. 

The main use of this product is endpoint security, it is very useful when you are trying to centralize endpoint security management and you want an easy and fast setup, I have used this product in POCs and different size deployments with different kinds of clients. Harmony offers several layers of protection and it fits well with all the Check Point "ecosystem", (It is especially useful when you are correlating security data because it can "talk" with Check Point's XDR Solution in order to get more insights).

There are several benefits that you can get with this solution:

1) You get centralized management of endpoints in your organization and you can be very granular in order to create endpoint security policies for different user groups. This improves overall security and visibility for IT departments.

2) Visibility also offers improvement with purchases and making decisions.

3) Information is easily managed and protected (which is particularly useful in lost or stolen endpoints).

4) It can be used with an XDR system (which is very useful with SOCs).

The most valuable aspects include:

1) Cloud Centralized management. This is particularly useful since you don't have to use any on-premise server, the cloud dashboard is activated without a minimum license number.

2) Several layers of security. It is well aligned with actual threats like ransomware and zero-day attacks and offers traditional layers of security.

3) Visibility. You have a single dashboard for all endpoint information that you need from an IT administrative perspective and in a threat incident you are properly advised.

There are some "weak points" that have to be mentioned, including:

1) If the IT department is used to "cloning" endpoints (making images) you are going to have a hard time trying to install the product and you are going to end up reading a lot of Check Point documents.

2) If you are used to the granularity of roles features in Check Point Quantums products you are going to be a little bit disappointed. You can't set customized roles with customized read/write permissions.

3) You need a mature security team to manage this solution in order to get the most value from it.

I've used this product since its release.

The solution is very stable in the correct context; with its cloud nature, it is unlikely to have any downtime.

The solution is very scalable since the console is a cloud; you only have to buy more licenses in order to grow.

TAC is very useful and its dashboard is very intuitive. You can get web, mail, and telephone support.

Positive

We used several solutions, such as Symantec, ESET, and Kaspersky.

The initial setup is straightforward. It is very fast due to its cloud nature.

We implemented the solution with the help of a vendor team; they have good documentation and are experts.

The ROI is very hard to measure. It is best to take a proactive posture of protecting your assets. 

It is a very good security product yet it is not the cheapest one. Licensing is very easy to understand and it includes Check Point TAC support.

We evaluated various solutions, including Symantec, ESET, Trellix, and Kaspersky.

It is a very mature solution and one of the most secure that exists in the security market share.

We use Check Point to manage email security in our O365 environment.  Our previous solution was unable to remove all of the email spam we had. Check Point integrates with Office 365 to provide advanced threat protection for email. It uses techniques like anti-virus, URL filtering, and threat emulation to stop known and unknown threats. It also offers goes beyond email security. It protects all aspects of Office 365 collaboration tools like SharePoint, OneDrive, and Teams. It can prevent data loss, enforce policy compliance, and block phishing attacks.

It manages to capture more spam with a smaller footprint. It has a single agent and management console to streamline security administration. This can save IT staff time and resources compared to managing multiple security products. The endpoint combines Endpoint Protection Platform (EPP), Endpoint Detection and Response (EDR), and Extended Detection and Response (XDR) capabilities. 

This comprehensive approach can safeguard your organization from a wider range of threats, including ransomware, malware, phishing attacks, and zero-day exploits.

Ease of setup and ability to hook into O365 directly without MX record changes. Check Point offers advanced threat prevention capabilities, including SandBlast Network Threat Emulation and Threat Extraction. These features can identify and stop even unknown threats by simulating real-world attacks in a safe environment. Check Point solutions are designed to scale to meet the needs of large organizations. They can handle high volumes of traffic without compromising performance. Check Point integrates with a wide range of third-party security solutions. This allows you to create a comprehensive security ecosystem that meets your specific needs.

I would like to see a better UI for admin functions. While CheckPoint offers threat prevention through SandBlast, some users feel even deeper integration of Machine Learning (ML) could enhance threat detection and improve automation. This could involve automating security responses and offering threat prediction capabilities. As organizations increasingly move to the cloud, Check Point could further strengthen its cloud-native security offerings. This might involve expanding support for various cloud platforms and offering more granular security controls within those environments.

I have used Check Point Harmony Endpoint for six months.

We haven't had issues or outages so far. 

It seems to be able to scale to any size company. 

Their support has been very positive. It's easy to use. 

Positive

Sophos was our previous vendor, we found their coverage lacking.

The setup was straightforward, it's hands-on config. 

CDW was our MSP. 

We expect to see ROI in 12-16 months. 

My advice would be to state terms upfront and always ask to haggle down.

We looked at Fortinet, Palo Alto, Crowdstrike, etc. 

Make sure to review your solutions every couple years as technology changes. 

In the intricate web of digital landscapes, my primary use of Check Point Endpoint Security is a guardian for my organization's digital footprint. This robust solution stands as a vigilant sentinel, meticulously securing each endpoint against the relentless tide of cyber threats. 

Its dynamic threat prevention capabilities, seamlessly integrated into our environment, create an impervious shield against malware, ransomware, and other malicious actors. 

With an intuitive interface and real-time monitoring, it not only defends but also empowers, allowing me to traverse the digital domain with confidence. 

In this narrative of cyber resilience, Check Point Endpoint Security is not just a tool; it ensures that every endpoint under its watch remains secure in our interconnected digital ecosystem.

The integration of Check Point Endpoint Security has been a transformative force within my organization. 

As we embraced this robust solution, a paradigm shift occurred – a palpable enhancement in our digital resilience. The advanced threat prevention mechanisms woven into the fabric of Check Point have acted as an impenetrable shield, thwarting malicious intruders and fortifying the security posture of every endpoint. 

This newfound defense has not only safeguarded our sensitive data but has also instilled a sense of confidence among our team members, enabling them to navigate the digital realm without fear.

Check Point Endpoint Security has proven to be a beacon of resilience, with its multifaceted features illuminating our defense strategy. The real-time threat prevention capabilities stand out as a fortress against malware, ransomware, and evolving cyber threats, offering a proactive defense that safeguards our organization's critical assets. 

The granular control over endpoint activities empowers us to tailor security policies, ensuring a bespoke approach that aligns with our unique operational needs. The intuitive dashboard and centralized management streamline our security operations, enhancing efficiency and providing a comprehensive overview of our digital landscape. 

Notably, the seamless integration with other security components orchestrates a harmonious defense orchestra, fostering collaboration and maximizing the synergy of our security infrastructure. 

In this narrative of fortified cybersecurity, it's the amalgamation of these features that makes Check Point Endpoint Security an invaluable guardian, fortifying our digital realm against the relentless march of cyber threats.

A robust threat intelligence integration could elevate proactive defense, offering real-time insights to anticipate and thwart emerging threats more effectively. 

Enhanced behavioral analytics would provide a deeper understanding of endpoint activities, fortifying our defenses against sophisticated cyber adversaries. 

Streamlined incident response tools within the platform would empower security teams to react swiftly and decisively in the face of potential breaches. Integration with emerging technologies, such as artificial intelligence and machine learning, could usher in a new era of adaptive and self-learning security protocols. 

Furthermore, a user-friendly interface for custom reporting and analytics would empower organizations to derive actionable insights from security data. In this ongoing narrative of cybersecurity evolution, the inclusion of these features in the next release would undoubtedly fortify Check Point Endpoint Security as an even more comprehensive and dynamic guardian in the ever-expanding digital frontier.

I've used the solution for more than three years.

The solution is very stable.

The scalability is very good.

The technical support is excellent.

Positive

We used to use Kaspersky, and we switched for security reasons.

The initial setup was straightforward; it was easy.

We handled the setup in-house.

Its price is competitive.

We also evaluated Trend Micro.

I use it for end point protection, and I am also using full disk encryption Harmony both solutions are adopted. 

One of the advantages is the reporting functionality. For example, if some critical data is available on a laptop and the laptop gets stolen - I can remotely wipe it immediately. Because, at the end of the day, apart from the device, the data is important.

So, the zero-phishing feature of Harmony Endpoint, the one I have used, was very good.

Those features are very good. Then, zero-day protection is also very important to us.

We can map the MITRE attack framework along with the Cyber Kill Chain completely.

Sandboxing is a great functionality.

The only drawback is the integration process. For example, I want to integrate with my source platform. It took some time. That's the only concern regarding the integrations.

Check Point Harmony Endpoint doesn't have any XDR kind of solution. DLP functionality and all are not yet there.

And then, the performance also sometimes gets deep. CPU utilization could be further optimized. 

I have been using it for one year. 

I faced some issues with stability. Stability was good compared to other endpoint protection. The only thing is that in the Zero Phishing future, which I like a lot, we can see when people are entering password content and other things. Phishing is important.

Since it's a SaaS platform, we can upgrade only a license. We can get it.

I have experience with SentinelOne. SentinelOne has a feature; for example, if a ransomware attack happened and a particular file was affected, we can retrieve it. If some known files got corrupted, we can roll back the file to the last known good configuration. We can do that. 

But this particular feature is not there in Check Point Endpoint. And then, importantly, USB blocking on Linux machines is not currently available in Check Point Endpoint. It supports only the scanning part, but I don't think it is supporting USB blocking and device blocking.

DLP functionality and all, they are not yet there.

The installation is very easy. It takes around 20 minutes only. 

It requires maintenance. There are a couple of people who handle more than 4,000 endpoints. So if there are more, then I can publish them. That is a one-time activity. After that, only one person can monitor. The SOC analyst is only one guy. The person who manages the endpoint completely, email as well as the endpoint, both.

We have seen ROI. Time was saved. Since it's manual, we need to pay a lot to our team. The time-saving was very good. We can establish connectivity on each agent within 20 minutes.

The pricing is okay. It is in the enterprise range. It is not middle range. It is not so costly, but it is an enterprise.

Overall, I would rate it a nine out of ten.