Check Point Harmony SASE (formerly Perimeter 81) Reviews

It was installed on the machines of the organization due to the need to filter all the incoming and outgoing content and to protect the teams - mainly our units that use laptops and have to be constantly moving. 

In the last two years with the appearance of Covid-19, this solution gave us that protection outside the organization that had been neglected for strengthening internal security. 

Another great advantage is the possibility of being able to protect our mobile devices by integrating the solution into all mobile devices.

The solution has given us an additional layer of protection in our equipment and applications, mainly now that the equipment is portable and in many cases, we must connect to various public Wi-Fi networks.

Its Granular Access Control over and within each resource, based on dynamic and contextual evaluation of user attributes and device states is great. 

A broad set of rules can be applied across all users, servers, and enterprise data stores, including user commands and database queries - giving users well-managed access.

Review of exported and imported packages and protection and content filtering have been useful. 

Advanced behavior analysis and machine learning algorithms shut down malware before it does damage. 

The solution offers high catch rates and low false positives to ensure safety,
efficacy, and effective prevention.

The automated forensic data analysis delivers insights into threats. 

Complete attack containment and remediation can quickly restore any infected system. 

It blocks malware coming from web browsing or email attachments before it reaches the endpoints. 

It is important to locally validate the consumption exerted on the equipment. At times, when I lose connection, I feel that the equipment is slowing me down. They could improve this detail or indicate that the application, while it is being restored, can generate latency in the communication processes. That said, it is definitely a very good solution for the protection layer in teams inside and outside the organization. 

In mobile devices, there is also sometimes a bit of tear when it is via LTE, however, that must be due to connectivity.

I have been using the solution for two years and it really works.

It is very stable and normally any problems generated are from loss of internet.

Scaling is easy and fast, thanks to the fact that it is licensed.

We did not use a different solution previously.

It is a quick solution to install, however, its cost is really medium and not low.

We did not evaluate other options.

It is perfect for keeping all my devices protected.

We are a company of around 30-50 people who have been working from home since the pandemic began. Our environment is completely cloud-based and all our computers are managed by our organization. 

We needed a solution that would help us protect users and the information that is handled in our company. This solution had to comply with characteristics such as the protection of network connections, prevention of threats such as malware and phishing, data protection, and, above all, it had to be easy to implement and manage. This is why we implemented Check Point Harmony Connect.

Check Point Harmony Connect helped us create a more secure environment in our organization, since our users can be safer when browsing and not being attacked by malicious actors who try to affect them with phishing or malware. On the other hand, administrators have more visibility of the sites to which users navigate and be able to control them, they can also access audit reports that allow them to make better decisions on security rules that must be applied. The protection of data in our company is the most important.

The characteristics that I have liked the most are the ease of implementation and administration. It is a cloud-based service it can be configured easily and very quickly and the administration center is very friendly for administrator users who do not know or have used the product. 

In addition, it is a cloud-based service that helps prevent cyber attacks by ensuring internet access for our users who work remotely, facilitating access control. 

Another valuable feature is that company information is kept protected by internet access control, applications to be managed, and URL filtering protection.

Sometimes downloading PDF files can be slow. It may take a while to scan the downloaded files. On some computers, the Check Point Harmony Connect agent can be a bit heavy to run in terms of CPU and Memory resources. 

Transparency to end-users could be improved. 

More compatible applications can be included. 

The support provided could be improved for when problems arise that require support from the Check Point team. Check Point is an expensive product so support should be more adequate. 

Some EDR features may still be under development and may need more time to be ready for use on a larger scale.

I've used the solution for one year.

Stability is 90% good. File scanning and web console stability could be improved.

The scalability is good.

Support is good, however, in some cases, they could improve the response time.

Neutral

I have not used any other option before.

The initial configuration was very easy to perform; the installation on the endpoints was very simple for the users.

The initial setup was handled by an internal team with supervision or support from the provider.

There have been savings related to the number of hours of implementation and administration.

I recommend that you evaluate using Check Point Harmony Connect, since, although its price may be a little more expensive, it is a solution that adds advanced security to the organization.

I only evaluated Microsoft and evaluated if Fortinet had any product that met the requirements.

Our primary use case is as a Security Web Gateway for off-premises users. 

We use Check Point for application control, IPS, and web filter on-premises and wanted an in-kind solution for off-prem users. The primary requirement was for the Harmony policy to be able to be managed from the same SmartConsole instance as our on-premises gateways are managed. 

We wanted to be able to have one single policy, managed in one place, and for our users to have the same browsing experience whether off-prem or on-prem. It was also a primary requirement to be able to have the logs generated from Harmony merged into the same locations (SmartConsole and our SIEM) as our on-prem gateway logs go.

It has not improved our organization due to being unable to fully implement in the manner it was sold to us as being able to. 

After attempting to use the same policy for Harmony that we use for on-prem users (managed by on-prem smartConsole), and after much time going through Check Point account reps and support, we were informed it is not possible to manage Harmony Connect policy from SmartConsole if layers or source objects (such as AD users, machines) were used. 

We then were told by Check Point it would be possible to manage both policies from the same platform if we used the Management-as-a-Service Smart1Cloud smartconsole, but after further investigation, we were then later told by Check Point account executives and support that we are unable to manage Harmony policies from Smart1 Cloud, even though they are both housed in the Check Point Infinity Portal. 

It is also not even possible to send our Harmony Connect logs to the Smart1Cloud portal, again - even though they are both within the Infinity portal.

HTTPS decryption is a valuable service and not always found in cloud-based secure web gateways. With as much traffic being HTTPS as opposed to HTTP these days it is very important to be able to run that traffic through all the security modules such as IPS and Application Control. 

We also found the SAML integration to be useful. It is handy to be able to access the portal from anywhere in the world, though as mentioned above we are not fully implementing the product at this time due to other issues.

We want the overall ability to manage Harmony and on-prem policies from the same platform. Harmony lacks this ability when anything more than a vanilla access policy is used (we use layers and source user objects in our policy which make this impossible according to Check Point). 

Also, we need the ability to send/merge Harmony logs into the same SmartConsole as our on-prem Gateways send logs to. Have been told this is not possible by Check Point. It makes it really difficult when you have to use two different platforms/portals to see logs

I've used the solution for about six months.

I have not had any issues with stability, although we have not fully used the solution in the manner intended.

I have not had any issues with cloud-based resources, so I assume it would be easily scalable.

We have had many issues with customer support on this product. 

One example: I created a support ticket for a simple issue on the product not being able to be installed on our client machines. 

It took over a month to resolve with my team having to repeatedly follow up with support in order to get a result. My team eventually had to dig into the issue at a great depth ourselves and discovered the problem - it was that Check Point developers did not properly sign multiple scripts associated with installation, which would not allow it to install in our secure environment. 

My team had to unpack the installer and dig around to examine the files and find the mistake in signing. The issue was then finally solved by Check Point developers in Tel Aviv.

Negative

We previously used Check Point Cloud Capsule, which is a similar product. However, we were never happy with its performance and its Application Control objects were very out of date. Support was always hard to get on it from Check Point as well. It was also unable to be used alongside our VPN solution (Microsoft Always-On VPN).

The initial portal setup was straightforward in that the portal is automatically provisioned. 

Getting users integrated through SAML was not straightforward in that the instructions from Check Point on linking it with Azure AD were not accurate. The pre-built Enterprise Application object within Azure AD that is provided for Harmony did not work either. We had to adjust several of the settings to make it work (which were not covered by any support article).

We handled the implementation in-house.

We have seen a negative return on investment

Pricing and licensing seemed acceptable; we have no complaints there. 

We also evaluated solutions from Cisco and Palo Alto.

Users should just make sure the solution will actually do what is expected, regardless of what the company says it can do.

In order to connect to our applications like our own GitLab solution or our logs tracking system, we need to connect using the Perimeter 81 application. Before that, we needed to have installed the Amazon Workspaces solution and joined it to that one, so every developer or person who needed access to Gitlab. With Perimeter81, each user that needs Gitlab or logs access has a user created. 

The maintenance of this solution is easier and we also decrease the problems related to workspace scenarios

In the past, we needed to use Amazon workspaces in order to connect to the 'VPN', and, after that, we were able to have access to our private Gitlab solution and logs. 

This was a mess as each developer or person who needed access to Gitlab needed a Workspace created for that use - even if only you needed to access it just for one day and did not use it anymore. Even in these cases, we needed someone from the infrastructure team to create that particular workspace. With Perimeter 81, we only need to create a user and install the Perimeter81 application on the computer.

The solution provides us with:

- An easy way to configure and join the VPN with Perimeter 81. Previously, we were using Amazon workspaces and it took too much time in order to configure the workspace properly in order to just access our Gitlab repository or our logs for just one or two times of use.

- An easy way to find connection problems. You can easily contact Perimeter 81 or check https://status.perimeter81.com to see if some incidents are related to the issue that you have.

In order to have to bypass the login using the website, a good feature for Perimeter 81 to have is a login instance in the Perimeter 81 application. I'm using a Mac and we don't have that functionality. I'm using a Mac and we don't have that functionality. On the other hand, in order to connect with an application, we could have the opportunity to use a Google Chrome application/extension. That will make it easy to use and we can skip situations related to admin permissions in order to install the application on some laptops and computers. 

I've used the solution for six to seven months. 

We use Harmony SASE to manage remote users across multiple countries, including India, Poland, and the US. The customer required a setup to control access for different groups and users, protecting them from threats and securing their systems.

Harmony SASE helps us to manage compliance by regulating the amount of access to each department and user. We control the relevant apps and websites, which can be accessed from company-owned devices. Harmony SASE uses its own threat intelligence data from the cloud for threat prevention, and detect and manage threats with their own threat intelligence data and SASE firewall features.

The Point locations need to improve the latency and speed. 

I have been using Harmony SASE for six months.

I would rate the stability as a seven out of ten. 

Harmony SASE is a scalable solution and I would rate it an eight out of ten.

The support from Harmony SASE is really good.

Positive

I've worked with Fortinet. In comparison to Harmony SASE with Fortinet, Fortinet is easier to manage because all FortiGate devices use the same FortiOS, making management straightforward.

The installation and deployment of Harmony SASE are easy. It usually takes fifteen to twenty minutes to install and configure on a single device

For deployment and maintenance, a single engineer is sufficient for MDM solutions. However, in multiple tasks, two or more people are required to sort out the glitches in the solution.

The remote users, who have been using Harmony SASE has shown cost savings. With SASE, we don't have to manage VPNs, which leads to long-term cost benefits. We don't need dedicated leased lines or bandwidth in the office, making it a good approach.

There are no such AI features as of now on Harmony SASE. I would recommend it and would rate it eight out of ten.

My company integrates the solution into other companies where we are required to do a project for them per the requirements. I had the opportunity to suggest Check Point Harmony Connect two years ago at the Bank of Brazil.

The most valuable features of the solution vary and depend on what our company does. For example, I may work with a big water distribution project where everything revolves around IoT. In general, I can say that everything depends on the type of project where I need to be working as an architect.

In our organization, we use two managed SaaS products or technology at a time when everything appears to be moving to the cloud, and we still work with tools like Check Point Harmony Connect that require a license since the problem related to the product lies in the licensing part, the aforementioned details should be considered to improve the product.

The complex initial setup phase of the product is an area that can be improved.

I have experience with Check Point Harmony Connect.

It is a very stable solution.

It is a scalable solution since the SaaS licensing part of the solution is by the number of users and not by the number of assets or people or everything you need to manage it.

My company provides customer support. We have an operations center with all the tools to provide the necessary support to our clients. I remember that the technical team from Check Point was very supportive when I was working with the Bank of Brazil. I rate the technical support a nine out of ten.

Positive

The initial setup of Check Point Harmony Connect was very complex and complicated since our company had to integrate 17 different applications into one console.

I rate the overall product a nine out of ten.

We use the solution since it is required by our client in Singapore. They needed to use a VPN solution, like Perimeter 81, because they wanted to connect it from an overseas place where their workers travel.

The best feature of Perimeter 81 is that it provides a secure feature while connecting, such as the IPsec tunneling or Perimeter 81's connector called Wireguard Connector.

The solution's speed of upload and download is an area where it lacks. If Perimeter 81 enhances the speed of upload and download, then it could be an improvement.

I have been using Perimeter 81 with Azure Active Directory. I started using it when my company got our license from Perimeter 81 in December last year. So, have six months of experience with the solution. My company has a partnership with the solution.

In my company, along with my coworker, two engineers use the solution for testing.

I rate the support team a ten out of ten.

Positive

The setup is really easy. The setup is very user-friendly.

The solution is priced appropriately considering its uses. For an essential license, a user pays only 30 USD per month. For an enterprise version, the prices can be negotiated with the company.

We use Perimeter 81 integrated with Azure Active Directory single sign-on (SSO). Not only in Azure but also Okta, an identity provider, we can guarantee the convenience of login, and also, it secures the connection.

I rate the overall solution an eight and a half out of ten.

Check Point Harmony Connect is a modern security tool from the prestigious brand that helps us provide web filter or web gateway security to our employees, from the office or anywhere they can be covered with the security of this application.

It is a tool with great potential. It gave us access to security and user control to enhance productivity.

In the company, we are pleased with the functionalities and benefits provided by Check Point Harmony Connect. It is an excellent option and an excellent tool.

It helps us daily with access and restrictions due to business policies, generating access and restriction profiles, we have guaranteed greater productivity and better security for the institution's teams.

This has helped mitigate the latest attacks, malware, and even ransomware that are all too common these days.

Thanks to this tool, we managed to solve all these vulnerabilities quickly. It offers a clean implementation and a Check Point agent that does not cause any concern at the level of requirements on the server.

There are too many positive things that I could mention. Some of them are more impressive than others, however, the best include: 

• The ease of implementation. It offers easy steps for the implementation of security tools, all through a web portal (Infinity Portal from Check Point).
• It has comfortable licensing. It adapts per user and really for all the functionalities they are of great value. It is worth implementing and acquiring.
• The monitoring and granular policies are very helpful. We can generate site blocking policies and specific applications for some user profiles. Monitoring is incredible. It helps decision-making and security improvements in an easy and intuitive way.

Check Point Harmony Connect has basic improvement areas, such as the following:

• In order to be able to invite users, send the agent and implement it, the user input must be generated manually. It would be easier if we could add them automatically via automation.
• The guides for some capabilities are limited or do not represent the reality of the application. It is difficult to find 100% reliable documentation. It is not always possible to perform all the steps due to some problems. Some manuals are not so intuitive.

This is an excellent modern security application. From the web portal, it is easily accessible.

We've used it for more than a year and have been satisfied.

We have not previously used such a complete tool.

Finding a Check Point vendor or partner who can provide you with costs and advice on current tools is best.

We evaluated the requirements of the company. However, after seeing the different options we understood that Check Point is the best option on the market.

I really liked this application. I would recommend it without hesitation.