We performed a comparison between Check Point Harmony Endpoint and Cortex XDR by Palo Alto Networks based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Because Check Point Harmony can require more resources to run, making Cortex XDR the ultimate winner in this comparison.
"The most valuable feature is its threat protection and data privacy, including its cyber attack and data protection, as we need to cover and protect data on user devices."
"The biggest lesson that I have learned from using this product is that there is a lot more malware slipping through my email filters than I expected."
"Another of my favorite features is called the Device Trajectory, where it shows everything that's going on, on a computer. It shows the point in time when a virus is downloaded, so you can see if the user was surfing the internet or had a program open. It shows every running process and file access on the computer and saves it like a snapshot when it detects something malicious. It also has a File Trajectory, so you can even see if that file has been found on any of your other computers that have AMP."
"It's quite simple, and the advantage I see is that I get the trajectory of what happened inside the network, how a file has been transmitted to the workstation, and which files have got corrupted."
"The threat Grid with the ability to observe the sandboxing, analyze, and perform investigations of different malicious files has been great."
"Cisco has definitely improved our organization a lot. In terms of business, our company feels safer. We actually switched from legacy signature-based solutions to threat intelligence-based and machine learning-based solutions, which is Cisco Secure. This has improved our security significantly, from 10% of signature-based technology security to 99.9% of the current one which we are running. We were happy."
"It is extensive in terms of providing visibility and insights into threats. It allows for research into a threat, and you can chart your progress on how you're resolving it."
"I'm only using the AMP (advanced malware protection) which is protecting my file system from all the malicious things that might happen. It should protect all kinds of things that might happen on the servers, things that I cannot see."
"It is very powerful tooling that can be tuned a lot."
"The most valuable feature of Check Point Harmony Endpoint is centralized management."
"It's a scalable product as it is a cloud offering."
"The zero-day threat prevention is excellent."
"We love that we don't have to upgrade it anymore. They take care of that."
"When sending emails to my colleagues, it detects any virus and blocks any spam that may be shared."
"Its most valuable feature is being able to integrate cloud services and centralize the protection policy from a single administration dashboard."
"They have a great knowledge base that you can leverage as a user."
"The solution's most valuable feature is its ability to rapidly detect certain hardware files."
"Their XDR agent and their behavioral indicators of compromise (BIOC) are pretty nice. Their managed threat hunting is also pretty nice. They also have WildFire, which is a service for actively looking for malware. It's quite useful."
"The most valuable for us is the correlation feature."
"The most valuable feature of Cortex XDR by Palo Alto Networks is the low consumption of system resources. The solution uses a lot of AI and machine learning."
"Cortex XDR lets us manage several clients from the same console, and its endpoint defense is more advanced than traditional antivirus."
"I like the centralized console and the predictive analysis it does of malware. It is very stable and also scalable."
"Its interface and pricing are most valuable. It is better than other vendors in terms of security."
"Best solution for avoiding security breaches, malware attacks, and other kinds of security issues."
"It could be improved in connection with artificial intelligence and IoT."
"They could improve the main dashboard to more clearly show me the things that I want to see. When I open the dashboard right now, I see a million things and they are not always the things that I need."
"Its price is okay for us, but it can always be better. There's always room for improvement when it comes to pricing."
"Logging could be better in terms of sending more logs to Cisco Firepower or Cisco ASA. That's an area where it could be made better."
"The Linux agent is a simple offline classic agent, and it doesn't support Secure Boot, which is important to have on a Linux machine. The Linux agent has conflicts with other solutions, including the Exploit Prevention system found in Windows servers. We didn't find a fix during troubleshooting, and Cisco couldn't offer one either. Eventually, we had to shut down the Exploit Prevention system. We didn't like that as we always want a solution that can fit smoothly into the setup without causing problems, especially where security is concerned. The tool also caused CPU spikes on our production machine, and we were seriously considering moving to another product."
"The thing I hate the most, which they have not fixed, is when it creates duplicate entries within a console. If you have a computer and you upgrade from Windows 7 to Windows 10, or you upgrade your agent from version 6 to 7, it creates a new instance in there instead of updating the information. Instead of paying a license for one computer, I have to license two computers until I manually go in, search for all the duplicate entries, and clean them out myself."
"In Orbital, there are tons of prebuilt queries, but there is not a lot of information in lay terms. There isn't enough information to help us with what we're looking for and why we are looking for it with this query. There are probably a dozen queries in there that really focus on what I need to focus on, but they are not always easy to find the first time through."
"On the firewall level, they were lagging a little bit behind, but they are running up again. I have full trust in the new 3000 series of firewalls where we would also be able to look more into the traffic that we're monitoring and get more security layers in our services. That would definitely be a big step."
"Check Point Harmony Endpoint could improve mobile device management (MDM)."
"It would also be great to include DLP capabilities for the endpoint so that we do not have to deploy additional agents on servers or PCs or use additional products."
"Configuration with some applications did not take place effectively due to setup complications."
"Customization of UI should be a little better in terms of application UI and messages that are displayed when something is blocked or non-compliant."
"We need a higher maximum file size in the sandboxing feature."
"Check Point users a pattern-based security module, which is something that can be improved."
"An additional feature I would like to see involves the VPN."
"I still don't have a clear opinion of the possible improvements that the tool may need. There are still functionalities that I have not been able to try completely and I would like to spend more time using the tool before offering an opinion to the IT Central community on this point."
"There are some third-party solutions that are difficult to integrate with, which is something that can be improved."
"The solution should force customers to integrate with network traffic to see the full benefits of XDR."
"It's very time-consuming to log support issues and the people that answer the tickets aren't very knowledgeable."
"In general, the price could be more competitive."
"The solution could improve by providing better integration with their own products and others."
"Dashboards do not allow everyone to see what's happening."
"If they had pulse rate detection, it would be better."
"It tends to do 99.9% of things. The only thing I'd like is single sign-on authentication into their cloud platform so that my users can be properly authenticated against it."
More Cortex XDR by Palo Alto Networks Pricing and Cost Advice →
Cisco Secure Endpoint is a comprehensive endpoint security solution that natively includes open and extensible extended detection and response (XDR) and advanced endpoint detection and response (EDR) capabilities.
Secure Endpoint offers relentless breach protection that enables you to be confident, be bold, and be fearless with one of the industry’s most trusted endpoint security solutions. It protects your hybrid workforce, helps you stay resilient, and secures what’s next with simple, comprehensive endpoint security powered by unique insights from 300,000 security customers and deep visibility from the networking leader.
Learn more about Secure Endpoint: www.cisco.com/go/endpoint
Cisco Secure Endpoint was formerly known as Cisco AMP for Endpoints.
Reviews from Real Users
Cisco Secure Endpoint stands out among its competitors for a number of reasons. Two major ones are its ability to enable developers to easily secure their endpoints with one single operation using its management console and its advanced alerting techniques.
Tim C., an IT manager at Van Der Meer Consulting, writes, "The solution makes it possible to see a threat once and block it everywhere across all endpoints and the entire security platform. It has the ability to block right down to the file and application level across all devices based on policies, such as, blacklisting and whitelisting of software and applications. This is good. Its strength is the ability to identify threats very quickly, then lock them and the network down and block the threats across the organization and all devices, which is what you want. You don't want to be spending time working out how to block something. You want to block something very quickly, letting that flow through to all the devices and avoiding the same scenario on different operating systems."
Wouter H., a technical team lead network & security at Missing Piece BV, notes, "Any alert that we get is an actionable alert. Immediately, there is information that we can just click through, see the point in time, what happened, what caused it, and what automatic actions were taken. We can then choose to take any manual actions, if we want, or start our investigation. We're no longer looking at digging into information or wading through hundreds of incidents. There's a list which says where the status is assigned, e.g., under investigation or investigation finished. That is all in the console. It has taken away a lot of the administration, which we would normally be doing, and integrated it into the console for us."
Check Point Harmony Endpoint is a robust security solution that enables users to use a single piece of software to accomplish tasks that often require the use of multiple pieces of software. It prevents impending threats from doing harm while at the same time enabling users to identify and deal with any harm that results from breaches.
Check Point Harmony Endpoint provides users with an excellent total cost of ownership. It combines six security solutions into a single powerful solution. Instead of being unwieldy, it is, in fact, a highly flexible solution. Users can easily manage and deploy it on site in their offices or via the cloud according to their needs. It upgrades effortlessly without ever causing disruptions to the work users are doing. The end result is a high return on a user’s investment.
Benefits of Check Point Harmony Endpoint
Some of the benefits of using Check Point Harmony Endpoint include:
Check Point Harmony Endpoint offers users a piece of security software which is completely cutting-edge. It stands out among its competitors for a number of reasons. Two major ones are the raw power of the solution and the usefulness of Check Point Harmony Endpoint’s built-in automation. Check Point Harmony Endpoint has a high ceiling when it comes to dealing with threats. Users are given the ability to decide how aggressively they want to employ it, which creates a great deal of flexibility. Check Point Harmony Endpoint’s automation is constantly running in the background of the program. It creates reports that empower users to take appropriate steps to protect their systems.
Reviews from Real Users
Sumit B., a consultant at Cognizant, notes the usefulness of Check Point Harmony Endpoint’s built-in automation. He writes, “SandBlast Agent is always working in the background collecting sensitive data, forensics, and notifying users whenever there is a chance of a brute-force attack into our systems. Otherwise, it has been protecting our data at various geographies along with the endpoints that we set up on the cloud. They have been able to filter out or thwart any attacks from the very word, "Go," and make our work very safe and smooth.”
A PeerSpot user who serves as a Network Technical Specialist at a manufacturing company adds that “It's pretty complete for preventing threats to endpoints. Its capabilities are great.”
Cortex XDR by Palo Alto Networks is the first threat detection and response software to combine both visibility across all types of data as well as autonomous machine learning analytics. Threat detection very often requires analysts to divide their attention among many different data streams. This platform unifies a vast variety of data flows, which allows analysts to assess threats from a single location. Users can now maintain a level of visibility that other threat detection programs simply cannot offer. This level of transparency lends itself to both quick identification of problems that arise and the equally quick development of a potential solution.
Cortex XDR’s machine learning works on many different levels to detect and prevent threats. It is constantly scanning for threats and vulnerabilities. The solution can scan up to 5.4 billion IP addresses in three-quarters of an hour. This allows it to spot weak points in the system and notify administrators long before hackers can take advantage of vulnerabilities. Once the Artificial Intelligence (AI) discovers an issue or an area where an issue could potentially take place the system creates a log of the information and subsequently sends an alert to system administrators. The AI takes the information that it has gathered and uses it to assign threat levels to the issues that it detects. Following this, a human analyst will be assigned to manually assess the issue and deal with it accordingly. You can set it to automatically respond to the threat by isolating the issue while analysts investigate it.
Benefits of Cortex XDR
Some of Cortex XDR’s benefits include:
Reviews from Real Users
Cortex XDR by Palo Alto Networks software stands out among its competitors for a number of reasons. Two major ones are its ability to isolate threats while enabling them to be studied and the way that the software combines all of the data that it gathers into a single, more complete picture than other solutions offer.
PeerSpot users note the effectiveness of these features. A network designer at a computer software company wrote, “The solution has a very helpful isolation feature. If any system gets compromised, with one click I can access the system and isolate it from other networks, and then go into further forensic investigation of the current threat without compromising anything else.”
Jeff W., Vice President/CTO at Sinnott Wolach Technology Group, noted, “The ability to kind of stitch everything together and see the actual complete picture is very useful. I guess you'd call it a playbook. Some people call it the forensics analysis of what was happening on particular endpoints when they detected some malicious behavior, and what transpired before that to cause that. It is also very user friendly.”
Check Point Harmony Endpoint is ranked 7th in EPP (Endpoint Protection for Business) with 51 reviews while Cortex XDR by Palo Alto Networks is ranked 4th in EPP (Endpoint Protection for Business) with 46 reviews. Check Point Harmony Endpoint is rated 8.8, while Cortex XDR by Palo Alto Networks is rated 8.4. The top reviewer of Check Point Harmony Endpoint writes "Resilient by design, provides redundancy, and offers ongoing constant improvements". On the other hand, the top reviewer of Cortex XDR by Palo Alto Networks writes "Easy to set up, reliable, and always scanning". Check Point Harmony Endpoint is most compared with Microsoft Defender for Endpoint, SentinelOne Singularity Complete, CrowdStrike Falcon, Kaspersky Endpoint Security for Business and Trellix Endpoint Security, whereas Cortex XDR by Palo Alto Networks is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, Darktrace, SentinelOne Singularity Complete and Kaspersky Endpoint Security for Business. See our Check Point Harmony Endpoint vs. Cortex XDR by Palo Alto Networks report.
See our list of best EPP (Endpoint Protection for Business) vendors.
We monitor all EPP (Endpoint Protection for Business) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.