App Review CheckPoint Harmony Endpoint Security 2024

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
Content created by
Shadowra

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,779
Yeah the default is the one that comes by default. When you choose the “Optimised” template, several tweaks are made to the configuration (recommended by Check Point).

There is a third template as well, called Tuning. This one is recommended for businesses, for at least the first week after deployment. Detections will need to be verified manually by knowledgeable person before they are treated.
I haven't talked with Lithify (or whatever their new name) in awhile. I was out of pocket. I need to visit with them again and/or dig into the console...
 
  • Like
Reactions: Trident

Trident

Level 34
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
Is it possible to have these policies? Can they be imported?
Yes, I’ve taken the decision to offer the policies to long-term MalwareTips users. DM me and you will receive them in a json format. They can then be imported on the portal. I still recommend that you read the full admin guide and understand the product in depth, if you have decided to settle with it.

For more deep technical questions, you can contact me.
 

Andrew3000

Level 11
Verified
Top Poster
Malware Hunter
Well-known
Feb 8, 2016
537
Before requesting policies, let me know whether you need very lightweight and effective protection or best protection available, regardless of resource usage.
Thank you very much, yes, it is fine, the best protection possible.
Yes, I am reading the Check Point documentation. They explain everything well in detail :)
 

likeastar20

Level 9
Verified
Mar 24, 2016
423
Yes, I’ve taken the decision to offer the policies to long-term MalwareTips users. DM me and you will receive them in a json format. They can then be imported on the portal. I still recommend that you read the full admin guide and understand the product in depth, if you have decided to settle with it.

For more deep technical questions, you can contact me.
Can we buy Harmony from you?
 

Trident

Level 34
Verified
Top Poster
Well-known
Feb 7, 2023
2,349
Can we buy Harmony from you?
Short answer: not as of yet.

Long answer:
I am working with lawyers to establish the legal terms and conditions at the moment, as well as I have submitted the product with my policy to private, third-party assessment. I got no final date when my MSP business will go live, I will first execute everything properly and then jump into it.

I’ve spent a lot of time on quality and stress testing the product so far and I am working on proprietary add-ons such as ScamAssassin. A lot of architectural changes have been made after my tests. I’ve almost finished my website. I’ve done all trainings needed now. That’s what I’ve completed so far.
 
Last edited:

cartaphilus

Level 11
Verified
Top Poster
Well-known
Mar 17, 2023
536
Short answer: not as of yet.

Long answer:
I am working with lawyers to establish the legal terms and conditions at the moment, as well as I have submitted the product with my policy to private, third-party assessment. I got no final date when my MSP business will go live, I will first execute everything properly and then jump into it.

I’ve spent a lot of time on quality and stress testing the product so far and I am working on proprietary add-ons such as ScamAssassin. A lot of architectural changes have been made after my tests. I’ve almost finished my website. I’ve done all trainings needed now. That’s what I’ve completed so far.
Nice.

I wondered how much it costs to host a blade and what's the horsepower requirement. Would two raspberry pi nanos do?
 

borkduck

Level 1
Oct 16, 2024
10
Troglodyte and IT imbecile (Win7/KIS for the last decade) forced into the 20th century and now looking for replacement AV for new Win11 system. Currently using AVG (free) but want more complete protection and FASTER SCAN TIMES! Last deepscan I did w/AVG took 9(!) hours on 1.5Tb scan that KIS routinely did in 1-1.5 hours. Am currently considering ESET and Checkpoint, but would like any info on scan times anyone can provide.

Any advice/guidance gratefully accepted as well! No fun being a decade behind the learning curve...

bd
 
  • Like
Reactions: Jonny Quest

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,779
Troglodyte and IT imbecile (Win7/KIS for the last decade) forced into the 20th century and now looking for replacement AV for new Win11 system. Currently using AVG (free) but want more complete protection and FASTER SCAN TIMES! Last deepscan I did w/AVG took 9(!) hours on 1.5Tb scan that KIS routinely did in 1-1.5 hours. Am currently considering ESET and Checkpoint, but would like any info on scan times anyone can provide.

Any advice/guidance gratefully accepted as well! No fun being a decade behind the learning curve...

bd
how often do you do deep scans of full system?
 
  • Like
Reactions: Jonny Quest

Jonny Quest

Level 22
Verified
Top Poster
Well-known
Mar 2, 2023
1,153
Troglodyte and IT imbecile (Win7/KIS for the last decade) forced into the 20th century and now looking for replacement AV for new Win11 system. Currently using AVG (free) but want more complete protection and FASTER SCAN TIMES! Last deepscan I did w/AVG took 9(!) hours on 1.5Tb scan that KIS routinely did in 1-1.5 hours. Am currently considering ESET and Checkpoint, but would like any info on scan times anyone can provide.

Any advice/guidance gratefully accepted as well! No fun being a decade behind the learning curve...

bd
I think I know where @simmerskool is coming from, in that how may full scans would you be doing, and is that really needed? On a new AV install I will do a system/full scan, then after that I may not even do one for months. I let the background scan do it's job, (in my case DeepGuard), as well as on-access scanning and will run the occasional weekly Quick Scan.

My other thought about doing weekly or even monthly full scans (not saying that's what you're doing) is what impact is it having on your CPU, and are you going to shorten its life span more quiclkly? Run a full scan and have Task Manager open during the scan and you'll get an idea of the impact it has, and how often you may possibly want to be bringing it to its knees over how long of a period of scan time. Some AV's full scans are more forgiving than others, but again, how often will you be running those?

As an example, here is my SSD drive and the amount of files on it:
ssd size.jpg

I just did a F-Secure Full scan that took a little over 23 minutes. It has probably been a month since the last one, and I'm sure plenty of unchanged, unmodified files were cached and not rescanned.
F Secure Full System Scan.jpg
I then ran a Quick scan, that only took about 15 seconds, again because of the previous Full scan. On average, F-Secure's Quick scans take 30 to 70 seconds depending on the PC and the number of files to be scanned.
F secure Quick Scan.jpg
Granted, F-Secure doesn't include a Firewall, but uses Windows Firewall. You could use Windows Firewall Control (WFC) or the free version of Glasswire for information's sake and to monitor any apps 1st outbound connection. Run a Trial a version of whatever AV you may be interested in, just to be sure.
 
Last edited:

simmerskool

Level 38
Verified
Top Poster
Well-known
Apr 16, 2017
2,779
I think I know where @simmerskool is coming from,
@Jonny Quest you are correct! Also I see there are several posts about harmony -- have not re-read them all. @borkduck should know that harmony offers great protection, it is my primary av on win10_vm, but today I'm running linux. IIRC a full scan with harmony is relatively fast at least after its installation scan. But know that it does / can scan downloading files in its cloud and does threat emulation and that can take a minute or two.
 

borkduck

Level 1
Oct 16, 2024
10
how often do you do deep scans of full system?

Simmerskool:



I've run quite a few scans since setting up the new system; like to get the lay of the land after having been out of the loop for over a decade (15+years Win7, nearly the same for Kaspersky): My how things have changed!



AVG deepscans on new box/Win11 Pro:

  • 1st: 1.8Tb, 545,581 files, 17min(!)
  • 2nd: 827.7Gb, 3,849,271 files, 3hrs
  • 3rd: 1.5Tb, 7,145,629 files, 9hrs


Only thing added between 2nd/3rd scans was Acronis True Image backup utility for a 5Tb WD external HD (10.9KB, 6files). Nothing was added/removed from system/drives between 1st and 3rd scans other than that; how then to account for the 54% difference in Gbs and the 6hr time difference between those? All scans were performed on the same 2 drives: 1Tb SSD C: drive (100Gb used) and internal HD D: (1.14Gb of 2GB used).



It's the radical variations in both time and reported size of totals in Gb and number of files scanned that caught my eye; literally no changes in either since the 1st scan, so what accounts for those variations? And I'm getting the same sort of variances when I run separate file/folder scans on each drive. Go figure.



Also ran a WinSecurity full scan, which checked in at 9+ hours as well. Will run another one of those someday, if I live long enough. Right now my main concern is replacing AVG (and the late, much- lamented KIS). Life was so simple (and secure!) with Win7 and KIS. But MS needs $$$, so...if it ain't broke break (and sell?) it!



Here's the new box config:

Intel Core i7-12600KF

MSI Z790-P Pro WiFi DDR4

16GB DDR4-3200 Kit

1TB ssd samsung

2TB hard drive



Thanks for the response. Have to go pursue my white whale some more,



bd
 
  • Like
Reactions: Jonny Quest

borkduck

Level 1
Oct 16, 2024
10
I think I know where @simmerskool is coming from, in that how may full scans would you be doing, and is that really needed? On a new AV install I will do a system/full scan, then after that I may not even do one for months. I let the background scan do it's job, (in my case DeepGuard), as well as on-access scanning and will run the occasional weekly Quick Scan.

My other thought about doing weekly or even monthly full scans (not saying that's what you're doing) is what impact is it having on your CPU, and are you going to shorten its life span more quiclkly? Run a full scan and have Task Manager open during the scan and you'll get an idea of the impact it has, and how often you may possibly want to be bringing it to its knees over how long of a period of scan time. Some AV's full scans are more forgiving than others, but again, how often will you be running those?

As an example, here is my SSD drive and the amount of files on it:
View attachment 285817
I just did a F-Secure Full scan that took a little over 23 minutes. It has probably been a month since the last one, and I'm sure plenty of unchanged, unmodified files were cached and not rescanned.
View attachment 285818
I then ran a Quick scan, that only took about 15 seconds, again because of the previous Full scan. On average, F-Secure's Quick scans take 30 to 70 seconds depending on the PC and the number of files to be scanned.
View attachment 285819
Granted, F-Secure doesn't include a Firewall, but uses Windows Firewall. You could use Windows Firewall Control (WFC) or the free version of Glasswire for information's sake and to monitor any apps 1st outbound connection. Run a Trial a version of whatever AV you may be interested in, just to be sure.

Jonny Quest:





The CPU clocks a pretty steady 2% (1%-9% range) while scan is running, so I'm not overly concerned about my processor being too delicate to survive these scans.


But the part about unchanged files being cached and therefore not re-scanned caught my eye (did I mention I'm an IT imbecile?). If that's true of AVG Deepscans that may go a ways toward explaining the fluctuations in scan times/sizes. But I just assumed that an AVG Deepscan--which includes all system files as well as data files/folders--would be just that: scanning everything.





Thanks for the response, and the tip:





bd
 

Jonny Quest

Level 22
Verified
Top Poster
Well-known
Mar 2, 2023
1,153
Jonny Quest:





The CPU clocks a pretty steady 2% (1%-9% range) while scan is running, so I'm not overly concerned about my processor being too delicate to survive these scans.


But the part about unchanged files being cached and therefore not re-scanned caught my eye (did I mention I'm an IT imbecile?). If that's true of AVG Deepscans that may go a ways toward explaining the fluctuations in scan times/sizes. But I just assumed that an AVG Deepscan--which includes all system files as well as data files/folders--would be just that: scanning everything.





Thanks for the response, and the tip:





bd
Good for you in checking the CPU during a full scan. I used an AV in the past that when it got to a HP backup driver folder I had created, it would max out at 100% for about 1-2 minutes before I caught it and added it into Exclusions.

edit: now back to the original thread topic, and if you have any other questions, @borkduck be sure to do a forum search, or start a new thread, as we're all willing to help as much as we can :)
 
Last edited:

Vitali Ortzi

Level 26
Verified
Top Poster
Well-known
Dec 12, 2016
1,580
Jonny Quest:





The CPU clocks a pretty steady 2% (1%-9% range) while scan is running, so I'm not overly concerned about my processor being too delicate to survive these scans.


But the part about unchanged files being cached and therefore not re-scanned caught my eye (did I mention I'm an IT imbecile?). If that's true of AVG Deepscans that may go a ways toward explaining the fluctuations in scan times/sizes. But I just assumed that an AVG Deepscan--which includes all system files as well as data files/folders--would be just that: scanning everything.





Thanks for the response, and the tip:





bd
if a file has the same exact hash it's the same file so by saving trusted hashes it can skip on files it doesn't need to scan
 

Vitali Ortzi

Level 26
Verified
Top Poster
Well-known
Dec 12, 2016
1,580
Troglodyte and IT imbecile (Win7/KIS for the last decade) forced into the 20th century and now looking for replacement AV for new Win11 system. Currently using AVG (free) but want more complete protection and FASTER SCAN TIMES! Last deepscan I did w/AVG took 9(!) hours on 1.5Tb scan that KIS routinely did in 1-1.5 hours. Am currently considering ESET and Checkpoint, but would like any info on scan times anyone can provide.

Any advice/guidance gratefully accepted as well! No fun being a decade behind the learning curve...

bd
ESET has better performance and checkpoint has better security and if you use ESET you could just install checkpoint extension (I can send an API key if you need threat emulation, extraction)
Personally I'm using eset and just upload stuff to threat emulation that look suspicious using the extension and to get a decent firewall I have installed Symantec endpoint protection with only the firewall module
 
  • Like
Reactions: roger_m

cartaphilus

Level 11
Verified
Top Poster
Well-known
Mar 17, 2023
536
ESET has better performance and checkpoint has better security and if you use ESET you could just install checkpoint extension (I can send an API key if you need threat emulation, extraction)
Personally I'm using eset and just upload stuff to threat emulation that look suspicious using the extension and to get a decent firewall I have installed Symantec endpoint protection with only the firewall module
wait how do you run threat emulation by itself via API key and ESET? I have a check point lic but your solution sounds like the best of both worlds for those who hold both liceneses.
 
  • Like
Reactions: simmerskool

Vitali Ortzi

Level 26
Verified
Top Poster
Well-known
Dec 12, 2016
1,580
Last edited:
  • Like
Reactions: simmerskool

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top