2025

Early availability programs for upcoming Harmony SASE enhancements:

1. Agent 11.5 – Enhanced Security, Control, and Usability

   The latest Agent 11.5 update introduces multiple improvements to security, policy enforcement, and user experience.

   What's New:

   • New Threat Prevention Policy – Includes threat emulation, anti-bot, and malware protection, with the flexibility to enable or disable as needed.

   • Trusted Networks via HTTPS Server – Define trusted networks based on an HTTPS server, enhancing security posture.

   • URL Filtering Log Support – Enables logging for better visibility and analysis of URL filtering actions (Allow or Deny).

   • Application Control Enhancements – Administrators can now regulate the use of SaaS applications, ensuring compliance and security by allowing, blocking, or restricting specific applications based on policies. This helps prevent unauthorized access, control bandwidth usage, and enforce corporate security guidelines.

   • Transparent Internet Access Installation – This is a simplified deployment with seamless internet access configuration. For more information, see Deploying the Harmony SASE Agent.

   • Enhanced Anti-Tampering Protection – Agent exit code protection now also applies to uninstallation, preventing unauthorized removal.

   • These updates enhance security, visibility, and ease of management for administrators.

2. Site Security - Strengthening protection and policy enforcement for remote locations.

3. Next-Generation Networking (NGN) – Advancing network performance and security for modern enterprise needs. Admins can now gain early access to NGN capabilities and provide feedback before the general release. To participate, contact your Check Point representative.

   What's New:

   • Single Public IP per Region – Simplifies management by eliminating the need to handle individual gateway IPs.

   • Enhanced IPSec Tunnels – Supports up to eight parallel tunnel legs for improved redundancy, link aggregation, and streamlined IPSec configuration.

• New Point-of-Presence (PoP) in Zurich, Switzerland, expanding coverage and enhancing performance.

• Harmony SASE now features a redesigned log screen that matches the look and feel of Infinity Events. This update provides a seamless and consistent experience across platforms, enhancing visibility and simplifying log analysis.

• New PoP in Brussels - Launched a new Point of Presence (PoP) in Brussels, Belgium, expanding coverage and enhancing performance.

• Hybrid-Split Tunneling Enhancement - Administrators are now guided to configure automatic split tunneling for optimal traffic routing. Existing configurations are migrated automatically with no impact on current networks.

• Microsoft Outlook is now excluded by default from Internet Access bypass rules.

• Administrators can now manage the multi-monitor settings for ZTA RDP applications.

• Improved security warning when disabling 2FA for local users. Administrators can now see a clear notification highlighting the security risks before confirming the action.

• The new Hybrid Split Tunneling functionality automates tunneling of private traffic only, ensuring an optimized end-user experience along with full connectivity (Currently available in Early Availability)

• Added two new predefined member roles, Network Manager and User Manager, for simplified management. These roles simplify permissions setup, enhance security, and improve access control. For more information, see Member Roles and Permissions.

• Added the new Explore Harmony SASE page that helps customers discover and understand Harmony SASE features. It guides them to enhance their security posture, manage SASE effectively, and follow best practices with video guides and tips.

• Harmony SaaS is now accessible through Harmony SASE, offering enhanced security for your SaaS applications. Make sure you have the appropriate license to fully utilize Harmony SaaS. For more information, refer to the Harmony SaaS solution brief (Currently available in Early Availability)
  

• Wildcard support is now available for URL Filtering rules, offering greater flexibility and efficiency. Use the * wildcard to match multiple URLs with similar patterns (for example, *.example.com covers all subdomains and paths under example.com). For more information, see the blog post.

N/A