Check Point Harmony Connect SASE just got Sassier

Kicking off 2022 with new features, Check Point Harmony Connect SASE is enhancing its offering with VPN-as-a-service, new global PoPs and device posture validation for remote access.

As announced at CPX 360 Americas, we are enhancing our Secure Access Service Edge (SASE) solution with exciting new features that make it simpler than ever to securely connect your remote and hybrid workforce. These include:

  •  New VPN-as-a-service –Client-based network-level access VPN-as-a-service delivering layer-3 network connectivity, secured by Zero-Trust access policy. The service will include embedded cloud DLP and industry-leading cloud IPS to protect apps from the latest vulnerabilities (such as Log4J).
  • Cloud points of presence (PoPs) in new regions – With multiple availability zones (PoPs) for each region, we are extending Harmony Connect’s global cloud services by adding new PoPs to its network, with new locations in Switzerland, Norway, Netherlands, Central US, South US, UAE and China.
  • New device posture validation for managed devices – Improving security hygiene for employee devices connecting remotely.
  • Enhanced remote access user experience – New option to connect to remote desktops and servers, with no VPN client required, via system’s native RDP software (clientless layer 7 access).
  • Visibility and control of service health –Harmony Connect’s new operational status dashboard will show the connectivity and health status for each of the organization’s connectors.

How do these features fit into our current arsenal of SASE capabilities? Here’s a breakdown:

Zero Trust Network Access – Your Way

IT and security teams can now mix and match between two different deployment options to apply zero trust access policies within minutes. Both deployment options can be managed side-by-side from the same console to accommodate different use cases and personas:

  •  Clientless Application-Level Access – This deployment offers intuitive Zero Trust Network Access (ZTNA) to web applications, databases, remote desktops and SSH servers, with no agent required.  Granular in-app controls are delivered using application-level (layer 7) reverse proxies in the cloud. Clientless remote access is ideal for supporting BYOD and third party access by partners and contractors as no agent is required, as well as DevOps who need rich cloud-native automation capabilities
  • Client-based Network-level Access – VPN-as-a-service providing layer-3 network connectivity, secured by your Zero-Trust access policy. This option is best suited for employees with managed devices, and offers more flexibility in supporting applications and protocols, with embedded cloud DLP and industry-leading IPS to protect your apps from the latest vulnerabilities.

Fast Secure Connections – Anywhere

To improve connectivity speed worldwide, we’re rolling out new global points-of-presence that will deliver security at even greater speed and performance, thanks to local connections in nine new regions, while maintaining a 99.999% uptime SLA. Harmony Connect’s global PoPs are already spread around the globe, including Europe, North America, Latin America, the Middle East, Africa and Asia Pacific.

Reduced Risk to Your Enterprise Environment

Thanks to new device posture validation, organizations can reduce the risk posed by remote user devices as they access sensitive environments, including applications, networks and systems. The new feature is supported by the Harmony Connect Client installed on employee devices, which doubles as a client for secure internet access and (optionally, also for) secure remote access.

Enhanced remote access user experience

On the user experience front, users connecting to remote desktops and servers with application-level access now have two different options for clientless RDP access.  With the first option, users can access their RDP consoles using only a browser, while a reverse proxy delivers an in-browser webified RDP experience.

With the new second option, users can now also connect using their system’s native RDP software—without requiring a VPN client. This option offers a better user experience than the webified version.

Visibility and control of service health

On the day-to-day administration front, Harmony Connect’s new operational status dashboard will show the connectivity and health status for each of the organization’s connectors to enhance customers’ visibility at every moment and provide more granular control over operations, including connector connectivity status, throughput and CPU load per service component.

Explore SASE for Remote and Hybrid Work Security

As your organization shifts to a remote and hybrid work model, Harmony Connect SASE is here to ease the transition.

Built to stop the most advanced cyber attacks, Harmony Connect delivers core network security services, such as Secure Web Gateway (SWG), Zero Trust Network Access (ZTNA), branch Firewall-as-a-service (FWaaS), Intrusion Prevention (IPS) and Data Loss Prevention (DLP), and is deployed within minutes to apply Zero Trust policies with a seamless user experience.

Here are a few resources to help you get started: