Support Center > Search Results > SecureKnowledge Details
Types of applications excluded from Harmony Connect App by default Technical Level
Solution
Check Point Harmony Connect App is a client application for Windows 10 and for Mac, providing secure access to corporate resources and to the Internet. Securing the traffic happens by sending all traffic using IPsec tunnels through Check Point's cloud. Check Point's cloud applies access control and threat prevention for this traffic. 

There are known target applications that cannot be routed to Check Point's cloud. These applications are accessed directly and do not participate with the IPsec tunnels of Harmony Connect:

Check Point's cloud operations
Access to portal.checkpoint.com and its subdomains happens outside of Harmony Connect tunnels to ensure proper setup and updates of Harmony Connect App's routing settings.

Content restricted to specific countries
Check Point uses public cloud vendors in order to enforce its security policy. The following applications automatically block access from public cloud IP addresses. Therefore access to these applications happens outside of Harmony Connect tunnels to ensure users do not get blocked by the applications' servers:
  • Netflix
  • YouTube
  • Tax authorities of various countries

Web conferencing applications
Access to the following applications happens outside of Harmony Connect tunnels, to ensure smooth experience when performing video conversations over the Internet:
  • Skype
  • Skype for Business
  • Zoom
  • Cisco WebEx
  • Google Meet
  • Microsoft Teams
  • Amazon Connect Cloud Call Center

Software update
Harmony Connect occasionally redirects the user's traffic to the identity provider in order to ensure the user name is known and enforce a security policy according to the users and their associated groups. Some automated software services may run at arbitrary times from the user's machine. Therefore access to the following applications happens outside of Harmony Connect tunnels, to ensure there is no interruption performing these updates:
  • Windows Updates
  • Apple Software Update
  • iCloud
  • Mozilla Software Update
  • Adobe Updates

Custom bypassed destinations
Administrators can provide additional domains and networks to exclude from Harmony Connect tunnels. At Check Point Infinity Portal, navigate to Harmony Connect > Settings > Harmony Connect App, and scroll to the Bypass Destinations section.
This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment