Introduction to Harmony Connect

Check Point Harmony Connect is a Secure Access Service Edge (SASE) solution that provides secure internet and corporate network access to remote and branch office users.

How It Works

Secure Internet Access and Corporate Access

Internet Access for Remote Users

Harmony Connect Internet Access is a cloudClosed An administrator approved Harmony Connect cloud location that processes the internet and corporate traffic.-based Secure Web Gateway that provides protection against phishing and malware attacks for a secure browsing experience to remote users through the Harmony Connect Agent for computers.


  • Real-time blocking of phishing sites.

Corporate (Network) Access for Remote Users

Harmony Connect Remote Access provides a client-based solution that delivers VPN-as-a-Service to provide secure corporate access to remote users.


  • Supports various applications and protocols.

  • Customizable Zero-Trust access policy for granular control.

  • Embedded cloud DLP for data protection.

  • Industry-leading IPS to protect your apps from the latest vulnerabilities, such as Log4J.

  • Supports device posture validation.

Branch Office Users

Harmony Connect Internet Access ensures secure connectivity for branch offices and retail locations through seamless integration with leading SD-WANClosed Software-Defined Wide Area Network - A virtual WAN architecture that allows enterprises to leverage any combination of transport services – including MPLS, LTE and broadband internet services – to securely connect users to applications. vendors for consistent network security.


  • Quick deployment for immediate protection.

  • Comprehensive secure web gateway features.

  • Seamless integration with leading SD-WAN vendors.

  • Consistent security enforcement across multiple sites.

  • Enhanced network performance for branch and retail locations.

Secure Application-Level Access

Harmony Connect Remote Access offers clientless remote access to internal corporate application (SSH, RDP, Web, Tunnel, and Database) residing in the data center, public or private clouds, and IaaS. This is ideal for BYOD and third-party users with no agent installation or management required.


  • Convenient clientless remote access.

  • Secure access to internal corporate applications.

  • User-friendly with intuitive resource access.

  • Simplified management with granular controls.

  • Support for BYOD and third-party users.

  • Cloud-native capabilities for DevOps teams.

Harmony Connect Solution Components



Harmony Connect Administrator Portal

Cloud-based web portal for administrators to:

  • Provision users, branch offices and data centers

  • Create policies for secure corporate network , SaaS applications and internet access

  • View logs

Harmony Connect Agent

It is a computer client that provides secure remote access to corporate network and internet.

It is supported on:

  • Windows 10 and higher

  • macOS

    • Mojave 10.14

    • Catalina 10.15

    • Big Sur 11

    • Monterey 12

    • Ventura 13

For more information on how to install and use the Harmony Connect Agent, see Harmony Connect Agent User Guide.

Harmony Connect User App Portal

A web portal that provides clientless access to corporate applications authorized by the administrator. For more information, see Harmony Connect Portal User Guide.

Harmony Connect cloud

A cloud-based engine that executes policies, and hosts Control Plane and Data Plane functions.

Control Plane is the geographical region (location) that hosts your Infinity Portal instance.

Data Plane is a contextual firewall for consistent authentication and authorization of user as well as to provide a unified monitoring and logging point.

  • Access Gateway for Web and SSH

  • Contextual firewall

  • Secure tunnel

  • Layer 7 visibility

It integrates with third-party Identity Providers to provide user authentication and authorization for Harmony Connect App or the User App Portal. It supports third-party Identity Providers, such as:

  • Microsoft AD FS

  • Microsoft Entra ID (formerly Azure AD)

  • OneLogin

  • Okta

  • Ping Identity

Harmony Connect Network ConnectorClosed It is a lightweight Docker container that provides a secure tunnel between your data center and the Harmony Connect cloud.

It is a lightweight DockerClosed Docker is a set of platform as a service products that use OS-level virtualization to deliver software in packages called containers. container that provides a secure tunnel between your data center and the Harmony Connect cloud.

Note - The connectorClosed It is a lightweight Docker container that provides a secure tunnel between your data center and the Harmony Connect cloud. installed for Network-Level Access and Application-Level Access is different. You cannot use the connector installed for Network-Level Access with Application-Level Access and vice-versa. However, you can run both connectors on the same host.