Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
BarYassure
Employee
Employee

Harmony Endpoint - Roadmap Survey

Hi All

We appreciate the CheckMates community, and it is very important for us to hear your feedback about Harmony Endpoint.

Please let us know in the comments regarding the following:

1. What is your most wanted feature / security capability? 

2. What are the most urgent product improvements?

 

We in the product management team will analyze the feedback and will do our best to add those features to our product roadmap. 

0 Kudos
42 Replies
Alex-
Leader Leader
Leader

Getting rid of the Legacy Smart Dashboard and pushing everything that can in the Web Smart Console is a feedback often received from customers.

the_rock
Legend
Legend

1) More VPN features available via smart console (heard is coming in R82)

2) I often hear complaints about harmony endpoint causing issues, but as soon as its uninstalled, problems go away

 

0 Kudos
G_W_Albrecht
Legend Legend
Legend

1) suggestion is for Harmony Endpoint ?

2) this can be reported just for every Endpoint solution on the market ! In most of these cases, all blades including EFR are running regardless of client PC HW and load. Newest issue form my customers is a 100% load by EFR blade after install on Win servers that will not re-occur after a reboot...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
BarYassure
Employee
Employee

Thank you for the Feedback, I really appreciate it..

0 Kudos
OCD-TL
Participant
Participant

Improvements to Endpoint VPN are high up my list. The license is part of Harmony Endpoint but 99% of config is in Smartconsole/gateway so better integration would be appreciated.  

0 Kudos
BarYassure
Employee
Employee

Thank you for the Feedback, I really appreciate it, i will update it as part of the roadmap. 

0 Kudos
G_W_Albrecht
Legend Legend
Legend

For Harmony Endpoint ? This is not applicable here !

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
BarYassure
Employee
Employee

Yes for Harmony Endpoint.
Sorry if it was not clear enough. 

0 Kudos
G_W_Albrecht
Legend Legend
Legend

This was a response to Alex concerning legacy smart dashboar (that is not used by Harmony Endpoint afaik).

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Alex-
Leader Leader
Leader

OK, I read too fast didn't realise the thread was specifically about Endpoint.

0 Kudos
BarYassure
Employee
Employee

Thank you for the Feedback, I really appreciate it. 

0 Kudos
RS_Daniel
Advisor

Hello,

1. Leave a firewall in detect mode and after some time recommends rules to include on the rulebase. Something similar to tailored safe mode but for access control.

2. Definitely Harmony Endpoint consuming too many resources on the endpoint. Run diagnostics and low memory mode are a good start but no enough, first one does not include disk usage information (yet?). Too many processes running on the OS. Many tasks trigger high resources usage (antimalware scan, forensics correlating events, upgrades).

Regards

RS_Daniel
Advisor

I did not realise it was about Harmony Endpoint either XD...

So i would change point 1 for: Some feature to allow endpoints without internet access to connecto to EPMaaS. Many servers do not have permissions to go to interner because of internal policy. Not talking about signatures updates that are covered with super nodes, but about logs, push operations and policy updates. It can work maybe trough super nodes or as it was done with on prem deployments with policy servers.

Regards

_Val_
Admin
Admin

LOL, the title of the post says "Harmony Endpoint", the space it is posted to is called "Harmony Endpoint", not sure I can do something to make it more obvious 🙂

0 Kudos
the_rock
Legend
Legend

Initially, it was not, it was just called roadmap survey, it was changed recently to add harmony endpoint lol

0 Kudos
Sven_Glock
Advisor

Last night the title was still without "Harmony Endpoint". That's why here are so many confused posters 😉


the_rock
Legend
Legend

100%...I checked my emails about it and all of them simply showed title "Roadmap Survey". We have the facts AND the proof : - )

Andy

0 Kudos
_Val_
Admin
Admin

I hope we fixed it now, if not, let's see what else can be done 🙂

0 Kudos
BarYassure
Employee
Employee

Thank you for the Feedback, I really appreciate it, i will update it as part of the roadmap..

0 Kudos
JozkoMrkvicka
Mentor
Mentor

1. full IPv6 support for all products and features

2. Bug bounty

Kind regards,
Jozko Mrkvicka
G_W_Albrecht
Legend Legend
Legend

2. was not asked for - this is no new feature nor a product improvement. I would not say that using bugs for earning money is always bad, but obviously most of the time 😎

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
the_rock
Legend
Legend

IPV6 support...thats excellent point @JozkoMrkvicka 

0 Kudos
BarYassure
Employee
Employee

Thank you for the Feedback, I really appreciate it...

0 Kudos
Tom_Hinoue
Advisor
Advisor

I would like to strongly request for an uninstaller/clean up tool for EPS, as many competitor endpoints have.

I have experienced many times where a customer installed EPS but introduced many issues on their client. To resolve it they try to uninstall by "remove programs" but sometimes does not complete and leaves some EPS components left on the PC, where running EPS installer again somewhat fails and can't even repair/reinstall.

Existing SKs most of the time tell us to use safemode/edit registry/manually create files...blah blah... but this is not something we can easily ask customers to do. In worst cases TAC informs us to clean install Windows...

I believe I'm not the only one that wants this feature 🙂

(1)
the_rock
Legend
Legend

Thats excellent feedback/suggestion. I dont work too often with this product, but whenever I do, thats constantly what I hear back from customers.

Andy

BarYassure
Employee
Employee

Thank you for the Feedback, I really appreciate it, i will update it as part of the roadmap.

0 Kudos
Luiz_
Collaborator

  • We always hear from Kaspersky customers (I've heard from some SentinelOne customers too) how it's easier to deploy their endpoints using network discovery (they first discover all machines in their network, without the need for AD) and sending endpoints remotely through the console. I think this should be looked into carefully, because the reality is - at least where we operate - that customers are more concerned from an operational point of view rather than security. They understand products are "similar" securitywise, so they are looking for products that make their life easier. Most of our deployments are using GPO, but we have potential customers that either do not have AD or are not willing to use it for endpoint deployment. Remote Deploy feature always bring customers concerns because we need to disable Defender on machines prior the deploy. I think there's room for improvement.
  • Same thing for PC Inventory. They love Kaspersky because they can dinamically keep tabs on which PCs they have, CPU specs, RAM, softwares installed, etc. Again, operational point of view. With Harmony they understand they'll have better security, but they are going to increase man hours to operate it, losing operational features from Kaspersky.
  • Another feature they love is the ability to disable the endpoint on the end user machine for 10 minutes using a password. It's easier to debug problems that happen. With Harmony we either give this option to the user (no need for a password or timers) - not optimal - or we need to create a policy with everything disabled and put this machine on this policy, but it takes time for the policy to update and sometimes they forget to take the machine out of the policy. Not optimal too.
  • Customers always find it confusing to work with a lot of different client versions. We've seen that the evergreen client is on the roadmap and this is something they always ask about.
  • Focused support: we also often hear complaints about the endpoint causing issues (they are very diverse, it's hard even to specify) that are solved as soon as the endpoint is removed. It's hard to argue with them that it wasn't the endpoint's fault. From this point we need to collect CPinfo and whatnot, but the TAC case always takes more time to reach a conclusion than the customer is willing to wait. Most of the times a change of version is recommended, which is considered by customers as a bland solution. Sometimes even to reach a conclusion that it was not endpoint's fault, just for us to install it again and experience the same issues. A revamped debug/analysis of clients issues would be very much welcomed.

For now this is what comes to mind, I'll keep you posted if I remember anything else.

(2)
the_rock
Legend
Legend

All super valid points @Luiz_ 

0 Kudos
BarYassure
Employee
Employee

Great Point, thank you!

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events