Introduction to Harmony Connect

Check Point Harmony Connect is a Secure Access Service Edge (SASE) solution that provides secure internet and corporate network access to remote and branch office users.

How It Works

Secure Internet Access and Corporate Access

Internet Access for Remote Users

Harmony Connect Internet Access is a cloud An administrator approved Harmony Connect cloud location that processes the internet and corporate traffic.-based Secure Web Gateway that provides protection against phishing and malware attacks for a secure browsing experience to remote users through the Harmony Connect Agent for computers.

Benefits

Real-time blocking of phishing sites.

Prevention of zero-day malware through advanced sandboxing.
Protection against vulnerabilities and browser exploits with cloud IPS Check Point Software Blade on a Security Gateway that inspects and analyzes packets and data for numerous types of risks (Intrusion Prevention System)..
Inspects all internet traffic across all ports and protocols, with granular access control to 10,000+ internet and SaaS applications.
Cloud-based Data Loss Prevention Check Point Software Blade on a Security Gateway that detects and prevents the unauthorized transmission of confidential information outside the organization. Acronym: DLP. (DLP) system.
Integration with ThreatCloud for enhanced threat intelligence.

Corporate (Network) Access for Remote Users

Harmony Connect Remote Access provides a client-based solution that delivers VPN-as-a-Service to provide secure corporate access to remote users.

Benefits

Supports various applications and protocols.
Customizable Zero-Trust access policy for granular control.
Embedded cloud DLP for data protection.
Industry-leading IPS to protect your apps from the latest vulnerabilities, such as Log4J.
Supports device posture validation.

Branch Office Users

Harmony Connect Internet Access ensures secure connectivity for branch offices and retail locations through seamless integration with leading SD-WAN Software-Defined Wide Area Network - A virtual WAN architecture that allows enterprises to leverage any combination of transport services – including MPLS, LTE and broadband internet services – to securely connect users to applications. vendors for consistent network security.

Benefits

Quick deployment for immediate protection.
Comprehensive secure web gateway features.
Seamless integration with leading SD-WAN vendors.
Consistent security enforcement across multiple sites.
Enhanced network performance for branch and retail locations.

Secure Application-Level Access

Harmony Connect Remote Access offers clientless remote access to internal corporate application (SSH, RDP, Web, Tunnel, and Database) residing in the data center, public or private clouds, and IaaS. This is ideal for BYOD and third-party users with no agent installation or management required.

Benefits

Convenient clientless remote access.
Secure access to internal corporate applications.
User-friendly with intuitive resource access.
Simplified management with granular controls.
Support for BYOD and third-party users.
Cloud-native capabilities for DevOps teams.

Harmony Connect Solution Components

Component

Description

Harmony Connect Administrator Portal

Cloud-based web portal for administrators to:

Provision users, branch offices and data centers
Create policies for secure corporate network , SaaS applications and internet access
View logs

Harmony Connect Agent

It is a computer client that provides secure remote access to corporate network and internet.

It is supported on:

Windows 10 and higher
macOS
- Mojave 10.14
- Catalina 10.15
- Big Sur 11
- Monterey 12
- Ventura 13

For more information on how to install and use the Harmony Connect Agent, see Harmony Connect Agent User Guide.

Harmony Connect User App Portal

A web portal that provides clientless access to corporate applications authorized by the administrator. For more information, see Harmony Connect Portal User Guide.

Harmony Connect cloud

A cloud-based engine that executes policies, and hosts Control Plane and Data Plane functions.

Control Plane is the geographical region (location) that hosts your Infinity Portal instance.

Data Plane is a contextual firewall for consistent authentication and authorization of user as well as to provide a unified monitoring and logging point.

Access Gateway for Web and SSH
Contextual firewall
Secure tunnel
Layer 7 visibility

It integrates with third-party Identity Providers to provide user authentication and authorization for Harmony Connect App or the User App Portal. It supports third-party Identity Providers, such as:

Microsoft AD FS
Microsoft Entra ID (formerly Azure AD)
OneLogin
Okta
Ping Identity

Harmony Connect Network Connector It is a lightweight Docker container that provides a secure tunnel between your data center and the Harmony Connect cloud.

It is a lightweight Docker

Docker is a set of platform as a service products that use OS-level virtualization to deliver software in packages called containers. container that provides a secure tunnel between your data center and the Harmony Connect cloud.

Note - The connector It is a lightweight Docker container that provides a secure tunnel between your data center and the Harmony Connect cloud. installed for Network-Level Access and Application-Level Access is different. You cannot use the connector installed for Network-Level Access with Application-Level Access and vice-versa. However, you can run both connectors on the same host.