Serious Discussion Harmony Endpoint by Check Point

[Cosmic1764]

Then yes I would definitely use harmony

(My pc has eset because it has meh specs but if I ever upgrade then it will probably be zonealarm , harmony)

if I can get too it, I'd like to use harmony most likely.
Shouldnt be a issue with specs, and having a good antivirus, is probably nice. If anything, I can use the free trial and see how I like it.

 

[Vitali Ortzi]

if I can get too it, I'd like to use harmony most likely.
Shouldnt be a issue with specs, and having a good antivirus, is probably nice. If anything, I can use the free trial and see how I like it.

You can try the zonealarm beta as well after the trial as the beta program is free to use

Download ZoneAlarm Software

The ultimate PC security software, combining a firewall, anti-virus, privacy protection, and more!

www.zonealarm.com

 

[Cosmic1764]

@Trident
Harmony’s BB seems to be effective, but does it actually consistently prevent malware from damaging or exfiltrating data? Some of the reports I’ve seen consist of possible damage done - woukd other security solutions have the same issue?

 

[Nikos751]

88.70 was just released, and it has significant performance improvements. The recommended endpoint version though, is 88.62 (just changed from 88.320. For any of the late versions, a configuration setting in Policy Capabilities, is the Low Memory Mode in Behavioral Protection which reduces ram usage with little compromise to security.

Low Memory Mode for Behavioral Guard significantly reduces memory utilization by retaining only the most recently matched signatures. There is some reduction in the detection rate but this still remains high. This mode should primarily be considered for utilization in low memory environments. Available from Endpoint Client version E87.30

 

[Trident]

@Trident
Harmony’s BB seems to be effective, but does it actually consistently prevent malware from damaging or exfiltrating data? Some of the reports I’ve seen consist of possible damage done - woukd other security solutions have the same issue?

Hi @Cosmic1764,

The Harmony Endpoint Behavioural Guard like many other behavioural-based analysis systems, applies virtualisation around the full process chain, as soon as the “dodgy behaviour” has been spotted. This doesn’t happen with all signatures, it happens with some signatures and profiles that are marked as “Audit”.

Behavioural Guard has several other types of signatures and profiles, both local and offline. Some of them simply terminate the process as soon as possible, others terminate and clean.

Having damage done by actively running malware though is nothing new and to be edpected! Not only with HEP, but with any other security software.

For this reason, other components, like the emulation, should be configured to run properly.