Internet Access for Remote Users

In this section, you can explore the use case of secure Internet Access for remote users. Application-Level access Clientless access to specific corporate applications, such as web, SSH, RDP, tunnel, and database applications. for users is currently done with clientless Application Access - see Application-Level Access to Corporate Applications. Later this year, Harmony Connect will introduce client-based access to corporate applications for remote users.

Remote users can get secure Internet Access with installation of the Harmony Connect App, which is a lightweight application for Windows (the Mac application is coming soon). The Harmony Connect App routes all internet-facing traffic through a Check Point Cloud, where full network security is enforced. It saves resources, reduces footprint on the user machine and provides up-to-date network security, while it inspects all network protocols. Harmony Connect App is managed on the Check Point Infinity Portal.

Step 1 - Connect Users

There are two ways to connect your users:

• Adding Users Manually

• Identity Provider Settings of your organization and push the installation for seamless authentication. When your users sign in with the Identity Provider, you can install the App by means of the Corporate enforcement tools (Microsoft SCCM, InTune, Jamf Pro).

The application is installed silently, and the user's internet access is secured after the activation.

Step 2 - Define your Security Policy

• Define the Policy for your users

• Policy Revisions to the policy

Step 3 - Enable Full SSL Inspection

• SSL Inspection

What's Next?

1. Configure Harmony Connect Agent for your end users. For example, you can exclude your third-party VPN servers from inspection or you can manage security when the users are at the corporate office.

2. Observe the prevented attacks with the Cyber-Attack View.

3. Browse the Users and Devices to monitor connecting users and devices, as well as cloud An administrator approved Harmony Connect cloud location that processes the internet and corporate traffic. service locations allocated to the account.

4. See allowed and blocked services and websites on the Access Control Logs page.

5. To monitor specific cloud applications, see the SaaS Applications page.