• Home
  • BeyondTrust Endpoint Privilege Management vs. Check Point Harmony Endpoint

BeyondTrust Endpoint Privilege Management vs Check Point Harmony Endpoint comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Privileged Access Management (PAM)
March 2024
Executive Summary

We performed a comparison between BeyondTrust Endpoint Privilege Management and Check Point Harmony Endpoint based on real PeerSpot user reviews.

Find out what your peers are saying about CyberArk, Delinea, BeyondTrust and others in Privileged Access Management (PAM).
To learn more, read our detailed Privileged Access Management (PAM) Report (Updated: March 2024).
Download the complete report
768,857 professionals have used our research since 2012.
Featured Review
Anonymous User
Good user management and command control features
Everyone in the company uses BeyondTrust Endpoint Privilege Management—about 3000 to 4000 in South Africa and another 1000 in the UK.
Anonymous User
Excellent vulnerability scanning, rating, and remediation
As an IT infrastructure and security team we are now able to prioritize and target specific, higher-risk vulnerabilities, making our environment... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"What I liked about this solution is that it can also integrate for tracking malicious use or sending analytics to a host that can process them. I don't know if CyberArk, Centrify, or Thycotic can do that. The analytics was something the client really wanted, and they already had BeyondTrust. It is very scalable. The agent on the workstation is very thin, and the processing power required on a server is nothing out of the ordinary. It is also very stable and easy to deploy.""The privileged access management into sensitive systems is very valuable. That includes control from the endpoint all the way through to the managing of passwords and credentials that are used by the person to access the sensitive information. It's very useful, because nobody ever really maintains passwords for those endpoint systems. It's maintained in the Dropbox password file.""One of the valuable features is the absence of any local user in a unique system. All users are defined in the AD; communication is only between Unix and AD.""The asset discovery feature is the solution's most valuable aspect. It's very easy to pull assets into the database of the solution manager.""It scales easily and the product is stable.""The privileged access and the application control are helpful in making sure we have good, robust challenge responses. Blacklisting with trusted application protection is also beneficial for us.""I would say session management on the go is the most valuable feature. When the session is going on, you can stop the session without terminating it for justification. You can cancel it. The recording takes very little space. Those are some things which the customers are worried about when they talk about session recording.""The notable aspect is its ability to capture the application's behavior comprehensively and this thorough analysis is crucial for effective policy management."

More BeyondTrust Endpoint Privilege Management Pros →

"It has extended OS support to ensure your legacy endpoints also have zero-day protection.""We were under an attack in our environment, and the Check Point response was good because we didn't lose anything.""It has improved the detection of malware.""The most useful feature so far has been having a functioning and up-to-date anti-malware scanner.""It is very powerful tooling that can be tuned a lot.""Stability-wise, I rate the solution a ten out of ten.""The remote support is good.""It is a stable solution. My company has not received any complaints regarding the product's stability from our customers who use the solution."

More Check Point Harmony Endpoint Pros →

Cons
"How the accounts are presented in the solution's UI can be improved.""They need to come up with better integrative options which should be customer-centric.""What's bothering me, which is true of all of them, is that sometimes, the error codes that come up don't necessarily get reflected in the searches within their support sites or they're out of date. I would rather search by an error code than type in the text and search for it by text because the error code means that it is programmatic, and it is known. It might not be desired, but it at least is not unexpected. If you don't have an error code, you just get an anomalous error, and if it is lengthy, it can be difficult to search and find the specific instance you're looking for. This is something I would like all of them to improve. BeyondTrust, CyberArk, Centrify, and Thycotic could do some improvements in staying up to date and actually allowing you to search based on the product version. They are assuming that everybody is on their way to release. They put out a new release, but it is not reflected on the support site, which makes no sense to me, especially when they revamp all the error codes. They all have been guilty of this in some way.""The weaknesses are related to the effort required to migrate from existing technologies or having no Privilege Access Management (PAM) at all to adopting technologies like BeyondTrust. It involves changes in processes and can take a significant amount of time, typically six to twelve months.""Reports to the end user.""Its feature for establishing workflows needs improvement.""They are doing good for now, but they should start to consider tight integration with Mac solutions. There should be more integration with Mac. There should be Active Directory (AD) Bridging. Thycotic and Centrify have it currently because they merged and joined forces, and it was a feature available in Centrify. So, basically, they joined forces to create a kind of perfect product. If you have a hybrid or mixed environment with Windows and Mac, your Active Directory can only manage or enforce policies on Windows, but what about your Mac devices? How do you control them? So, AD Bridging will act as a bridge to bring all your Mac devices into your Active Directory. This way you have full control over your entire environment.""It only has limited support for Mac."

More BeyondTrust Endpoint Privilege Management Cons →

"Sometimes the portal loads slowly which should be improved.""Technical support needs to be improved, along with the response time.""An additional feature I would like to see involves the VPN.""They need to make the user interface on the server more intuitive and user-friendly.""They should provide bandwidth regulation, so we can monitor and regulate bandwidth.""We cannot integrate this product with other solutions, which is something that should be improved.""The solution needs better reports and centralized logs.""If the IT department is used to "cloning" endpoints (making images) you are going to have a hard time trying to install the product and you are going to end up reading a lot of Check Point documents."

More Check Point Harmony Endpoint Cons →

Pricing and Cost Advice
  • "I'm sure everyone should have the cluster environment, which means more expensive, anyway, cheaper than the other solutions."
  • "PowerBroker for a Mac client is three times the price of the Windows version."
  • "What BeyondTrust was providing was user-based licensing which was a great benefit from the client point of view. Recently, I don't know why, the licensing model has been changed, and that is the reason that they have lost a bit of their edge when it comes to the PAM, against our competition. The asset-based licensing, from the user's point of view, is not beneficial. The licensing should be based on the users. The greater the number of users, the greater will be the load and the greater the scalability problems. I presume that is why the licensing model has changed."
  • "This solution is expensive compared to its competitors."
  • "Price-wise, it is very competitive. In our area, government entities and banks don't go for the monthly payment. It is a headache even for us in terms of finance and procurement to go for monthly payments. Quarterly might be more logical and reasonable, but the minimum that we go for is one year, and sometimes, we even try to compile and give one offering for three years."
  • "Its pricing and licensing are okay. We were in the perpetual model when it was on-prem, and now, with the SaaS service, we have a subscription model. As a customer, I would always like to see a lower price, but it seems to be priced at the right model currently, and we are trying to get the maximum benefits out of it."
  • "The product’s licensing is different for Windows, Linux, and Mac. The tool’s licensing is yearly."
  • "It was very expensive."

    • More BeyondTrust Endpoint Privilege Management Pricing and Cost Advice →

  • "In addition to the standard licensing fees, there is a cost for support."
  • "We pay on an annual basis. There are no additional fees, they mostly tell us what we have to pay. We have budgeted for it."
  • "We pay roughly 80,000 Swedish krona per year. When it comes to the firewall, it's roughly 150,000 Swedish krona yearly. There's also maintenance, of course, which is roughly 10,000 krona per month."
  • "I bought them for 12 months and I genuinely cannot remember what I paid for them. I think it's about 100 pounds per user per year, so about 10 pounds a month per person."
  • "The licensing cost for Check Point is $3 USD or $4 USD per end-user."
  • "In terms of licensing, have a buffer zone around your projects in terms of the amount of endpoints that you want to have. You can always have more, but it is best to leave room for a little increase or growth."
  • "The solution is too pricey."
  • "One of the key factors that made us go with this solution was the pricing. On the licensing part, there was an initial complementary set of licenses offered in the initial onboarding package, either 15 or 20. Then, we had some complementary licenses in the initial purchase of the package. That was pretty useful."

    • More Check Point Harmony Endpoint Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Privileged Access Management (PAM) solutions are best for your needs.
    See Recommendations
    768,857 professionals have used our research since 2012.
    Questions from the Community
    Looking for recommendations and a pros/cons template for software to dete...
    Top Answer:This is an inside-out --- outside-in --- inside-in question, as an insider can be an outsider as well. There is no short answer other than a blend of a PAM tool with Behavioral Analytics and Endpoint… more »
    Read all 5 answers   →
    What do you like most about BeyondTrust Endpoint Privilege Management?
    Top Answer:The solution's least privilege enforcement has helped us ensure access is given to only the required people.
    Read all 20 answers   →
    What is your experience regarding pricing and costs for BeyondTrust Endpo...
    Top Answer:On a scale from one to ten, where one is cheap and ten is expensive, I rate the solution's pricing a seven out of ten.
    Read all 14 answers   →
    What do you like most about Check Point Harmony Endpoint?
    Top Answer:The remote support is good.
    Read all 59 answers   →
    What is your experience regarding pricing and costs for Check Point Harmo...
    Top Answer:The pricing is reasonable. It is very good for security. We are focused on security. If the security is strong, we do not mind the price. The customers blindly trust the product.
    Read all 46 answers   →
    What needs improvement with Check Point Harmony Endpoint?
    Top Answer:The heartbeat interval must be improved. Sometimes, when we change the policy in the console, it does not reflect in the endpoint. Sometimes, we find it difficult to change the policy. The tool lags… more »
    Read all 60 answers   →
    Ranking
    4th
    out of 48 in Privileged Access Management (PAM)
    Views
    4,264
    Comparisons
    1,858
    Reviews
    11
    Average Words per Review
    676
    Rating
    8.0
    8th
    out of 91 in Endpoint Protection Platform (EPP)
    Views
    12,940
    Comparisons
    7,660
    Reviews
    38
    Average Words per Review
    550
    Rating
    8.6
    Comparisons
    Also Known As
    BeyondTrust PowerBroker, BeyondTrust Endpoint Privilege Management for Windows, BeyondTrust Endpoint Privilege Management for Mac, BeyondTrust Endpoint Privilege Management for Linux, BeyondTrust Endpoint Privilege Management for Unix, Avecto Defendpoint
    Check Point Endpoint Security, Endpoint Security, Check Point SandBlast Agent
    Learn More
    BeyondTrust
    Check Point Software Technologies
    Overview

    BeyondTrust Endpoint Privilege Management enables organizations to mitigate attacks by removing excess privileges on Windows, Mac, Unix/Linux and networked devices. Remove excessive end user privileges and control applications on Windows, Mac, Unix, Linux, and networked devices without hindering end-user productivity.

    Key Solutions Include:

    -ENTERPRISE PASSWORD SECURITY

    Discover, manage and monitor all privileged accounts and SSH keys, secure privileged assets, and report on all privileged account activity in a single solution.

    -ENDPOINT LEAST PRIVILEGE

    Enforce least privilege across all Windows and Mac endpoints, gain visibility into target system vulnerabilities, and control access to privileged applications without disrupting user productivity or compromising security.

    -SERVER PRIVILEGE MANAGEMENT

    Gain control and visibility over Unix, Linux and Windows server user activity without sharing the root or administrator account.

    -A SINGLE PLATFORM FOR MANAGEMENT, POLICY, REPORTING AND THREAT ANALYTICS

    Utilize a single solution to manage PAM policies and deployment, understand vulnerability and threat analytics, and provide reporting to multiple stakeholders and complementary security systems.

    Learn more at https://www.beyondtrust.com/privilege-management

    Check Point Harmony Endpoint is a robust security solution that enables users to use a single piece of software to accomplish tasks that often require the use of multiple pieces of software. It prevents impending threats from doing harm while at the same time enabling users to identify and deal with any harm that results from breaches. 

    Check Point Harmony Endpoint provides users with an excellent total cost of ownership. It combines six security solutions into a single powerful solution. Instead of being unwieldy, it is, in fact, a highly flexible solution. Users can easily manage and deploy it on site in their offices or via the cloud according to their needs. It upgrades effortlessly without ever causing disruptions to the work users are doing. The end result is a high return on a user’s investment.

    Benefits of Check Point Harmony Endpoint

    Some of the benefits of using Check Point Harmony Endpoint include: 

    • The ability to completely protect endpoints from all manner of immediate digital threats. Check Point Harmony Endpoint stops both malware and phishing sites from harming your networks. All files you receive or download are either run through Check Point Harmony Endpoint’s Threat Emulation sandbox, which scans it for malware, or sterilized by a Threat Extraction process. These prevent malware from ever entering your system. It also prevents phishing sites from stealing credentials. The software scans the sites and, if they are found to be malicious, they are locked out of the system. All of this occurs in real time. 
    • The ability to quickly recover from any attack which manages to do damage to your system. Check Point Harmony Endpoint’s automation responds to a threat once it is detected. Any device that is infected is automatically quarantined from the rest of the network and disinfected. This prevents further infection and allows administrators to render the machine safe for use. It also automatically creates reports which break down the nature of the attack and all other relevant details. These reports give users the information that they need to conduct triage and repair the damage done by an attack.

    Check Point Harmony Endpoint offers users a piece of security software which is completely cutting-edge. It stands out among its competitors for a number of reasons. Two major ones are the raw power of the solution and the usefulness of Check Point Harmony Endpoint’s built-in automation. Check Point Harmony Endpoint has a high ceiling when it comes to dealing with threats. Users are given the ability to decide how aggressively they want to employ it, which creates a great deal of flexibility. Check Point Harmony Endpoint’s automation is constantly running in the background of the program. It creates reports that empower users to take appropriate steps to protect their systems.

    Reviews from Real Users

    Sumit B., a consultant at Cognizant, notes the usefulness of Check Point Harmony Endpoint’s built-in automation. He writes, “SandBlast Agent is always working in the background collecting sensitive data, forensics, and notifying users whenever there is a chance of a brute-force attack into our systems. Otherwise, it has been protecting our data at various geographies along with the endpoints that we set up on the cloud. They have been able to filter out or thwart any attacks from the very word, "Go," and make our work very safe and smooth.”

    A PeerSpot user who serves as a Network Technical Specialist at a manufacturing company adds that “It's pretty complete for preventing threats to endpoints. Its capabilities are great.”

    Sample Customers
    Aera Energy LLC, Care New England, James Madison University
    Boston Properties, Independence Care System, Melbourne Convention and Exhibition Centre (MCEC), Courtagen Life Sciences, Carmel Partners
    Top Industries
    REVIEWERS
    Construction Company14%
    Comms Service Provider14%
    Manufacturing Company14%
    Security Firm14%
    VISITORS READING REVIEWS
    Financial Services Firm14%
    Computer Software Company12%
    Manufacturing Company10%
    Government7%
    REVIEWERS
    Financial Services Firm18%
    Computer Software Company14%
    Healthcare Company9%
    Comms Service Provider9%
    VISITORS READING REVIEWS
    Computer Software Company15%
    Comms Service Provider11%
    Government7%
    Construction Company7%
    Company Size
    REVIEWERS
    Small Business43%
    Midsize Enterprise7%
    Large Enterprise50%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise13%
    Large Enterprise67%
    REVIEWERS
    Small Business45%
    Midsize Enterprise20%
    Large Enterprise35%
    VISITORS READING REVIEWS
    Small Business33%
    Midsize Enterprise21%
    Large Enterprise46%
    Buyer's Guide
    Privileged Access Management (PAM)
    March 2024
    Download Free Report
    Find out what your peers are saying about CyberArk, Delinea, BeyondTrust and others in Privileged Access Management (PAM). Updated: March 2024.
    DOWNLOAD NOW
    768,857 professionals have used our research since 2012.

    BeyondTrust Endpoint Privilege Management is ranked 4th in Privileged Access Management (PAM) with 27 reviews while Check Point Harmony Endpoint is ranked 8th in Endpoint Protection Platform (EPP) with 101 reviews. BeyondTrust Endpoint Privilege Management is rated 8.0, while Check Point Harmony Endpoint is rated 8.8. The top reviewer of BeyondTrust Endpoint Privilege Management writes "Admin rights can be granted and revoked within minutes and that is what everything comes down to, for us". On the other hand, the top reviewer of Check Point Harmony Endpoint writes "Excellent anti-ransomware protection, zero-day phishing protection, and web browsing filtering". BeyondTrust Endpoint Privilege Management is most compared with CyberArk Endpoint Privilege Manager, Cisco ISE (Identity Services Engine), CyberArk Privileged Access Manager, Delinea Secret Server and ARCON Privileged Access Management, whereas Check Point Harmony Endpoint is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Kaspersky Endpoint Security for Business, SentinelOne Singularity Complete and Cortex XDR by Palo Alto Networks.

    We monitor all Privileged Access Management (PAM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.