Managed Check Point Harmony
Managed Check Point Harmony delivers unified cybersecurity solutions. It protects endpoints, networks, and cloud environments with advanced threat prevention. Centralised management ensures visibility and control, seamlessly integrating with existing infrastructure, enhancing security posture and compliance. Ideal for businesses seeking comprehensive, cloud-managed cybersecurity solutions.
Features
- Anti-bot blocking contact with known Command & Control addresses
- Anti-malware - protecting against known threats
- Anti-phishing with zero-phishing blocks known phishing attacks and credentials reuse
- Application control - preventing inappropriate network access attempts
- Compliance for endpoints - denying resource access to non-compliant endpoints
- Forensics - providing detailed cyber kill-chain analysis
- Mobile app protection - behavioural analysis blocking malicious apps
- Safe browsing - blocking mobile browser access to malicious sites
- Threat emulation - for analysing email attachments
Benefits
- Protect against Ransomware
- Minimal management overhead
- Prevent malicious apps from executing on user mobiles
- Stop applications from obtaining unauthorised access
- Ensure endpoint compliance, denying access to non-compliant endpoints
- Enable user access only to allowed applications
- Prevent zombie devices from communicating with C&C devices
- Protect data at rest with encryption
- Leverage the world's largest cyber threat database
- Intercity is a Check Point Professional Partner providing in-depth experience
Pricing
£17.64 to £47.76 a device a year
- Education pricing available
- Free trial available
Service documents
Request an accessible format
Framework
G-Cloud 14
Service ID
2 5 7 3 1 6 3 5 9 0 4 3 9 7 4
Contact
Intercity Technology Limited
Elise Sheridon
Telephone: 0330 332 7933
Email: tenders@intercity.technology
Service scope
- Service constraints
- None
- System requirements
-
- Specific software licences for PCs/Macs
- Specific software licences for Android smartphones / iPhones
- Specific software licences for users
User support
- Email or online ticketing support
- Email or online ticketing
- Support response times
- End of next working day, where working days are defined by the service level (support days, support hours) selected.
- User can manage status and priority of support tickets
- No
- Phone support
- Yes
- Phone support availability
- 24 hours, 7 days a week
- Web chat support
- No
- Onsite support
- Yes, at extra cost
- Support levels
-
Support level depends on support hours required by the customer and the device dependency / service outage impact assigned by the customer to each device.
Support hours options:
- Mon-Fri 08:00-19:00
- Mon-Fri 19:00-08:00
- 7 days 08:00-19:00
- Fri-Mon 19:00-17:00
- 7 days, 24/7
Device dependency / Service outage impact (response, resolution time) options:
- Low P5 - Basic (next day, n/a)
- Low-Med P4 - Essential (4 hours, next working day)
- Med P3 - Standard (30 minutes, 24 hours)
- Med-High P2 - Enterprise (15 minutes, 8 hours)
- High P1 - Elite (6 minutes, 4 hours)
Cost depends on the options selected.
We provide a cloud engineer where required to resolve an incident. - Support available to third parties
- Yes
Onboarding and offboarding
- Getting started
- We deploy the service onto users' devices, mobiles, and browsers. As it uses single sign-on, typically with Azure AD, no training is required.
- Service documentation
- Yes
- Documentation formats
- End-of-contract data extraction
- Users can request an archive of data when they terminate their contact.
- End-of-contract process
-
* Check Point Harmony is a yearly Software as a Service application.
* The software is turned off and access prohibited.
* The customer's account is removed from Intercity's Infinity portal, and all customer data deleted.
* Customer users are responsible for uninstalling clients and agents from their devices and applications.
Using the service
- Web browser interface
- No
- API
- No
- Command line interface
- No
Scaling
- Scaling available
- No
- Independence of resources
- Check Point Hamony uses the Check Point Threat Emulation sandbox, ThreatCloud intelligence database and ThreatSpect botnet and outbreak database. These are managed by Check Point, delivered from public cloud, so Check Point is responsible for ensuring that users are not affected by other users' demand placed on these services.
- Usage notifications
- Yes
- Usage reporting
Analytics
- Infrastructure or application metrics
- Yes
- Metrics types
- Number of active instances
- Reporting types
-
- Regular reports
- Reports on request
Resellers
- Supplier type
- Reseller providing extra features and support
- Organisation whose services are being resold
- Check Point cloud services
Staff security
- Staff security clearance
- Other security clearance
- Government security clearance
- Up to Baseline Personnel Security Standard (BPSS)
Asset protection
- Knowledge of data storage and processing locations
- Yes
- Data storage and processing locations
- United Kingdom
- User control over data storage and processing locations
- No
- Datacentre security standards
- Supplier-defined controls
- Penetration testing frequency
- At least every 6 months
- Penetration testing approach
- Another external penetration testing organisation
- Protecting data at rest
- Encryption of all physical media
- Data sanitisation process
- Yes
- Data sanitisation type
- Deleted data can’t be directly accessed
- Equipment disposal approach
- A third-party destruction service
Backup and recovery
- Backup and recovery
- No
Data-in-transit protection
- Data protection between buyer and supplier networks
-
- Private network or public sector network
- TLS (version 1.2 or above)
- IPsec or TLS VPN gateway
- Data protection within supplier network
- TLS (version 1.2 or above)
Availability and resilience
- Guaranteed availability
-
Infinity (management portal) - 99.99%
ThreatCloud (threat intelligence database) - 99.99%
ThreatSpect (botnet and outbreak database) - 99.99% - Approach to resilience
- Available on request.
- Outage reporting
- Service management portal. We will alert users via email of any outages.
Identity and authentication
- User authentication
-
- 2-factor authentication
- Username or password
- Access restrictions in management interfaces and support channels
-
Harmony Connect integration:
* Best practice - integration with the customer's identity provider which implements SAML, including Microsoft Active Directory Federation Services and Azure AD
* Alternatively - email invitation to the user containing temporary password - Access restriction testing frequency
- At least every 6 months
- Management access authentication
-
- 2-factor authentication
- Username or password
- Devices users manage the service through
- Any device but through a bastion host (a bastion host is a server that provides access to a private network from an external network such as the internet)
Audit information for users
- Access to user activity audit information
- Users receive audit information on a regular basis
- How long user audit data is stored for
- User-defined
- Access to supplier activity audit information
- Users receive audit information on a regular basis
- How long supplier audit data is stored for
- User-defined
- How long system logs are stored for
- User-defined
Standards and certifications
- ISO/IEC 27001 certification
- Yes
- Who accredited the ISO/IEC 27001
- Alcumus
- ISO/IEC 27001 accreditation date
- 20/09/2010
- What the ISO/IEC 27001 doesn’t cover
-
Cloud services provided by Check Point:
* Harmony Connect cloud
* Threat Emulation (cloud-based sandbox)
* ThreatCloud (threat intelligence database)
* ThreatSpect (botnet and outbreak database) - ISO 28000:2007 certification
- No
- CSA STAR certification
- No
- PCI certification
- No
- Cyber essentials
- Yes
- Cyber essentials plus
- Yes
- Other security certifications
- No
Security governance
- Named board-level person responsible for service security
- Yes
- Security governance certified
- Yes
- Security governance standards
- ISO/IEC 27001
- Information security policies and processes
-
ISO 27001 and Cyber Essentials Plus
Within our Finance, Commercial and Quality shared services team, our Compliance Manager is head of the Quality function, reporting into our CFO. Within our Chief Operations Office, our Security, IT and Product Director reports into our Chief Operations Officer. Our CFO and COO report into our Group MD, who reports into our CEO.
Joiners are taken through an induction process, which includes introducing them to the infosec policies and processes relevant to their role.
Our Continuous Personal Development program applies to all staff, providing mandatory eLearning and trainer-led courses, including infosec.
We use a proactive anti-phishing application to monitor staff awareness of and adherence to a disciplined approach to email and browser usage.
Operational security
- Configuration and change management standard
- Supplier-defined controls
- Configuration and change management approach
- System log in the service management platform
- Vulnerability management type
- Undisclosed
- Vulnerability management approach
- Supplier defined process
- Protective monitoring type
- Supplier-defined controls
- Protective monitoring approach
- Supplier defined process
- Incident management type
- Undisclosed
- Incident management approach
- Users report incidents via email or phone. Intercity report faults via email
Secure development
- Approach to secure software development best practice
- Supplier-defined process
Separation between users
- Virtualisation technology used to keep applications and users sharing the same infrastructure apart
- No
Energy efficiency
- Energy-efficient datacentres
- No
Social Value
- Social Value
-
Social Value
Fighting climate changeFighting climate change
We are committed to reducing our environmental impact and continually improving our environmental performance as an integral and fundamental part of our business strategy and operating methods.
Our policy is to:
• Support and comply with or exceed the requirements of current environmental legislation and codes of practice.
• Minimise our waste and reuse or recycle as much of it as possible.
• Minimise energy and water usage in our buildings, vehicles, and processes to conserve supplies, and minimise our consumption of natural resources, especially where they are non-renewable.
• Apply the principles of continuous improvement in respect of air, water, noise, and light pollution from our premises and reduce any impacts from our operations on the environment and local community.
• As far as possible purchase products and services that do the least damage to the environment and encourage others to do the same.
• Assess the environmental impact of any new processes or products we intend to introduce in advance.
We’re certified to ISO140001:2015 and a member of two Corporate Social Responsibility (CSR) initiatives - Global Compact and Eco Vadis.
• The EcoVadis sustainability assessment methodology evaluates how well a company has integrated the principles of Sustainability/CSR into their business and management system.
• The methodology is built on international sustainability standards, including the Global Reporting Initiative, the United Nations Global Compact, and the ISO 26000, covering 200 spend categories and 160+ countries.
• The Sustainability Scorecard illustrates performance across 21 indicators in four themes: Environment, Labour and Human Rights, Ethics, and Sustainable Procurement.
• Intercity Technology’s current EcoVadis score for 2022 – 2023 is 81% (up from 68% in previous years).
• We have been awarded by EcoVadis a platinum medal in recognition of our sustainability achievement for our score which is in the top 1%.
Pricing
- Price
- £17.64 to £47.76 a device a year
- Discount for educational organisations
- Yes
- Free trial available
- Yes
- Description of free trial
-
* Proof of value
* Harmony Endpoint Advanced
* Up to 5 user devices
* 30 days