App Review CheckPoint Harmony Endpoint Security 2024

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
Content created by
Shadowra
Shadowra

Shadowra

Level 36
Thread author
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,582
Content source
https://odysee.com/@Shadowra:f/CheckPoint-Harmony-Endpoint-Security-2024:1
CheckPoint is an Israeli company offering ZoneAlarm for home users and Harmony for professionals.
Today, we're going to take a look at Harmony.
A test of ZoneAlarm is planned at a later date.

/!\ I wasn't able to show the whole console because this account doesn't belong to me!
Thank you to @Trident for lending me the account to do this test! :)



User interface :
The agent interface is fairly basic. You can view the rules (policy), update them and run analyses.
On agents, Harmony also offers reports (such as URLs blocked by Anti-Bot, highly detailed reports with Forensics and other reports).
On the other hand, Harmony is RAM-hungry, requiring between 600Mb and 1Gb!

Web protection: 11/11
Harmony has blocked all malicious URLs.

Fake crack : 1/1
The fake crack can't run because Harmony blocks a .bat file during execution, but for some strange reason doesn't display an alert...

Malware Pack : Remaining 7 files out of 152.
During the test, I decided to extract the pack directly to see all the Harmony motors activate.
I wasn't disappointed, as it used its anti-malware engine (Sophos) and its Cloud engine. Harmony makes a killing on it!
VBS/JS at runtime are directly blocked and a FUD malware (NovaStealer) is blocked at launch by Harmony's Behavior.
On the Forensics report, Harmony clearly lists the malware family, that it's a Trojan and that it has Infostealer functions.
Congratulations, you've surprised me!

Final scan :
Harmony : 0
Malwarebytes : 0
NPE : 0
KVRT : 0

Final opinion:

Harmony offers a high-performance solution.
With its NGAV engine, Cloud engine and various shields, Harmony has made a totally healthy machine!
Its portal is highly customizable, so you can easily fine-tune the settings to suit your needs.
It's just a pity that it's relatively heavy on RAM consumption.
Recommended!

@Trident request
 
  • Like
  • +Reputation
  • Thanks
Reactions: Zartarra, Andrew3000, roger_m and 20 others
Bot

Bot

AI-powered Bot
Apr 21, 2016
4,315
Thanks for the comprehensive review of CheckPoint Harmony Endpoint Security 2024. It's great to hear that it performed well in your tests, especially in blocking malicious URLs and malware. The high RAM consumption is indeed a concern, but it seems the performance and customization options make up for it. Looking forward to your review of ZoneAlarm.
 
  • Like
  • Love
  • Thanks
Reactions: Behold Eck, franz, Shadowra and 1 other person
Shadowra

Shadowra

Level 36
Thread author
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,582
Bot said:
Thanks for the comprehensive review of CheckPoint Harmony Endpoint Security 2024. It's great to hear that it performed well in your tests, especially in blocking malicious URLs and malware. The high RAM consumption is indeed a concern, but it seems the performance and customization options make up for it. Looking forward to your review of ZoneAlarm.
Click to expand...

At the end of August, my little Bot, I'll finish the videos I have planned and then I'll rest a bit on vacation :D
 
  • Like
  • Applause
  • Love
Reactions: Behold Eck, Trooper, simmerskool and 4 others
cartaphilus

cartaphilus

Level 10
Verified
Well-known
Mar 17, 2023
496
Shadowra said:
CheckPoint is an Israeli company offering ZoneAlarm for home users and Harmony for professionals.
Today, we're going to take a look at Harmony.
A test of ZoneAlarm is planned at a later date.

/!\ I wasn't able to show the whole console because this account doesn't belong to me!
Thank you to @Trident for lending me the account to do this test! :)



User interface :
The agent interface is fairly basic. You can view the rules (policy), update them and run analyses.
On agents, Harmony also offers reports (such as URLs blocked by Anti-Bot, highly detailed reports with Forensics and other reports).
On the other hand, Harmony is RAM-hungry, requiring between 600Mb and 1Gb!

Web protection: 11/11
Harmony has blocked all malicious URLs.

Fake crack : 1/1
The fake crack can't run because Harmony blocks a .bat file during execution, but for some strange reason doesn't display an alert...

Malware Pack : Remaining 7 files out of 152.
During the test, I decided to extract the pack directly to see all the Harmony motors activate.
I wasn't disappointed, as it used its anti-malware engine (Sophos) and its Cloud engine. Harmony makes a killing on it!
VBS/JS at runtime are directly blocked and a FUD malware (NovaStealer) is blocked at launch by Harmony's Behavior.
On the Forensics report, Harmony clearly lists the malware family, that it's a Trojan and that it has Infostealer functions.
Congratulations, you've surprised me!

Final scan :
Harmony : 0
Malwarebytes : 0
NPE : 0
KVRT : 0

Final opinion:

Harmony offers a high-performance solution.
With its NGAV engine, Cloud engine and various shields, Harmony has made a totally healthy machine!
Its portal is highly customizable, so you can easily fine-tune the settings to suit your needs.
It's just a pity that it's relatively heavy on RAM consumption.
Recommended!

@Trident request
Click to expand...

Awesome!! Thank you. And yes that's been my experience so far. Although it missed a trojan downloader that ESET caught which was kind of strange. The newest update in the pattern module made it more sensitive towards game based anti-hacking (war thunder anti cheating module) and anti-copyright (Elite Sniper 5 Denuvo encryption/decryptor module).

Impact on gaming machine only during execution but once the game is running it's smooth sailing.


I accidentally named a folder Palestine and the AC started occupying all the file space. I do t know why /sarcasm.
 
  • Like
  • Thanks
Reactions: Trooper, Shadowra, oldschool and 3 others
simmerskool

simmerskool

Level 36
Verified
Top Poster
Well-known
Apr 16, 2017
2,547
Trident said:
It is my policy 😜
Click to expand...
@Trident, don't take this the wrong way, but I know you have tweaked your Harmony settings to nth degree, just wondering if @Shadowra would have the same excellent result with my perhaps more standard settings (set by techies at Lithify :unsure:) -- & yes IIRC my Harmony was using 750-800 mb RAM the other day (I'm not running the Harmony VM tonight), but does not seem slow on VM here, other than downloads that Harmony is analyzing in its cloud.
 
  • Like
Reactions: Shadowra, Gandalf_The_Grey, oldschool and 1 other person
Khushal

Khushal

Level 2
Apr 4, 2024
70
Shadowra said:
CheckPoint is an Israeli company offering ZoneAlarm for home users and Harmony for professionals.
Today, we're going to take a look at Harmony.
A test of ZoneAlarm is planned at a later date.

/!\ I wasn't able to show the whole console because this account doesn't belong to me!
Thank you to @Trident for lending me the account to do this test! :)



User interface :
The agent interface is fairly basic. You can view the rules (policy), update them and run analyses.
On agents, Harmony also offers reports (such as URLs blocked by Anti-Bot, highly detailed reports with Forensics and other reports).
On the other hand, Harmony is RAM-hungry, requiring between 600Mb and 1Gb!

Web protection: 11/11
Harmony has blocked all malicious URLs.

Fake crack : 1/1
The fake crack can't run because Harmony blocks a .bat file during execution, but for some strange reason doesn't display an alert...

Malware Pack : Remaining 7 files out of 152.
During the test, I decided to extract the pack directly to see all the Harmony motors activate.
I wasn't disappointed, as it used its anti-malware engine (Sophos) and its Cloud engine. Harmony makes a killing on it!
VBS/JS at runtime are directly blocked and a FUD malware (NovaStealer) is blocked at launch by Harmony's Behavior.
On the Forensics report, Harmony clearly lists the malware family, that it's a Trojan and that it has Infostealer functions.
Congratulations, you've surprised me!

Final scan :
Harmony : 0
Malwarebytes : 0
NPE : 0
KVRT : 0

Final opinion:

Harmony offers a high-performance solution.
With its NGAV engine, Cloud engine and various shields, Harmony has made a totally healthy machine!
Its portal is highly customizable, so you can easily fine-tune the settings to suit your needs.
It's just a pity that it's relatively heavy on RAM consumption.
Recommended!

@Trident request
Click to expand...

Their forensics are even better in their blog posts when they uncover the latest threats in the wild.
 
  • Like
Reactions: Nevi, Trident, Shadowra and 2 others
Trident

Trident

Level 34
Verified
Top Poster
Well-known
Feb 7, 2023
2,351
simmerskool said:
@Trident, don't take this the wrong way, but I know you have tweaked your Harmony settings to nth degree, just wondering if @Shadowra would have the same excellent result with my perhaps more standard settings (set by techies at Lithify :unsure:) -- &
Click to expand...
@simmerskool I am glad that you asked. The fantastic phishing and URL filtering should be the same level.

My policy called EDR Experts xxx is a result of over a year heavy testing and understanding of both malware/threats and every technical corner of the product. On top of all engines and everything, there is a proprietary EDR Experts System Hardening policy as well.

The policies are highly tweaked for boost in performance (I can even reduce the memory usage if I want) with slight increase in security.
You will not get the same-same results under these extreme conditions of testing, but it is important to remember that in a real world, nobody will drop a malware pack on your system. Everything will have to be downloaded/saved through email and will undergo emulation.
 
Last edited:
  • Like
  • Applause
Reactions: roger_m, Trooper, Nevi and 3 others
rashmi

rashmi

Level 11
Jan 15, 2024
536
This is a test of @Trident's custom configuration. Does Harmony have a default configuration? I know it's a business product, but I want to know if the defaults (if any) are effective for home users. If I'm right, you can only buy it from third-party vendors, and they offer it at a price similar to consumer versions.
 
  • Like
Reactions: Trident
Trident

Trident

Level 34
Verified
Top Poster
Well-known
Feb 7, 2023
2,351
rashmi said:
This is a test of @Trident's custom configuration. Does Harmony have a default configuration? I know it's a business product, but I want to know if the defaults (if any) are effective for home users. If I'm right, you can only buy it from third-party vendors, and they offer it at a price similar to consumer versions.
Click to expand...
There is a default that can protect home users.
Under policy, users can choose the “Optimised” template.
 
  • Like
Reactions: Trooper and rashmi
rashmi

rashmi

Level 11
Jan 15, 2024
536
Trident said:
There is a default that can protect home users.
Under policy, users can choose the “Optimised” template.
Click to expand...
I think Kaspersky consumer version defaults work well for home users. Would you advise me to go with the default Harmony setup?

@Shadowra, have you tested Harmony with its default settings?
 
Trident

Trident

Level 34
Verified
Top Poster
Well-known
Feb 7, 2023
2,351
rashmi said:
I think Kaspersky consumer version defaults work well for home users. Would you advise me to go with the default Harmony setup?

@Shadowra, have you tested Harmony with its default settings?
Click to expand...
The optimised are a bit more tweaked than the default. They are sufficient to protect a home user from any dangers (I have focused on businesses).

The only tweak I suggest further to that is to increase emulation size to the currently allowed 100MB.

Emulation is Harmony’s most potent weapon (on the malware pack not tested). It includes over 60 engines that work together to block highly sophisticated attacks that frequently go missed.
 
  • Like
  • +Reputation
Reactions: roger_m, oldschool, Behold Eck and 4 others
Trident

Trident

Level 34
Verified
Top Poster
Well-known
Feb 7, 2023
2,351
rashmi said:
Are there separate default and optimized setups in Harmony?
Click to expand...
Yeah the default is the one that comes by default. When you choose the “Optimised” template, several tweaks are made to the configuration (recommended by Check Point).

There is a third template as well, called Tuning. This one is recommended for businesses, for at least the first week after deployment. Detections will need to be verified manually by knowledgeable person before they are treated.
 
Last edited:
  • +Reputation
  • Like
Reactions: oldschool and rashmi
Trident

Trident

Level 34
Verified
Top Poster
Well-known
Feb 7, 2023
2,351
rashmi said:
Can the optimized configuration influence usability or the rate of false positives?
Click to expand...
No, it will strengthen the security in several areas. For example Anti-Bot will be configured to hold connections until inspected, instead of allowing and then terminating. This will reduce the likelihood of data extiltration. To protect against false positives, Check Point uses reputation system, similar to KSN, Norton Insight, etc.
 
  • +Reputation
  • Like
  • Thanks
Reactions: simmerskool, oldschool, rashmi and 1 other person

Similar threads

Shadowra
    • Like
    • +Reputation
    • Thanks
App Review ZoneAlarm NextGen Extreme Security 2024
Replies
118
Views
9,554
Video Reviews - Security and Privacy
TuxTalk
TuxTalk
Shadowra
    • Like
    • +Reputation
    • Hundred Points
App Review CheckPoint Harmony vs DeepInstinct Endpoint
Replies
68
Views
8,713
Video Reviews - Security and Privacy
likeastar20
L
Shadowra
    • Like
    • +Reputation
    • Applause
App Review Eset Smart Security 2024
Replies
26
Views
2,673
Video Reviews - Security and Privacy
superleeds27
S

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top