Check Point Application Control Reviews

It is one of the main solutions that we have applied in our offices for the administrative control of access to specific services social networks within the corporation, viewing of videos or services that in some way distract the worker from their activities. It's also facilitated us with the ability to separate the databases by a gateway which makes the administration and the permissions granted to the end-users much easier.

One of the ways it's helped us improve was in the administration and the permissions for specific services. This was very useful to us when making a database per gateway and configuring them through layers to have better visualization, control, and administration of the rules, which allows new administrators to have a better scope and understanding of the organization. This has undoubtedly been the newest thing for us as gateways administrators.

One of the aspects of the solution that has given us more value is the integration of a domain controller with the firewall through the dashboard which allows that through inline layers, LDAP.

The visualization of users, the administration, and the permissions that we can grant to users makes our configuration a more dynamic environment since, as organizational units of an active directory, we can grant permissions to users to specific applications allowed through the URL filtering or application control within the dashboard.

With Check Point we are more protected, however, one of the issues is the cost. They are expensive products due to the fact that we have to buy blades for each solution that we want to integrate into our corporate. Without a doubt, it is worth it, however, it is an important point that could be considered. 

Likewise, nowadays a 2MFA solution could be integrated to Check Point since nowadays remote connections made with remote workers are required to protect the extension from the office to your home through a VPN connection.

I've used the solution for about three years.

The Check Point solution is very stable, however, the installation of JHF at least once a month is somewhat annoying since that could be interpreted as not being a stable solution.

In terms of scalability, my impressions have always been good since there is a lot of scalability in this service. For example, you can integrate several solutions to a centralized administration.

They have an excellent support team. They are fast and it is easy to escalate any situation.

Positive

We did not previously use a different solution.

The setup was straightforward.

We handle the implementation in-house.

We've seen a 40% ROI.

Despite the somewhat high cost, based on the blades, it is a reliable solution.

We didn't evaluate other solutions.

Check Point has provided us with a Check Point management server tool where we manage our Gateways. It helped us limit the applications, sites, and different actions that are part of the users' daily lives. We can limit with granularly the applications that users access.  

Segmentation is key. We managed to divide everything by department to be able to generate the security that each one requires. Now, managers have greater flexibility.

This product or feature included in our security admin has helped us a lot to be able to control our users. It helps us with effectiveness since users can use laptops correctly, being more productive.

It has also been possible to avoid modern threats that can enter and attack user equipment, servers, and the business network. These attacks would affect work continuity in addition to company data that could be affected.

The most important characteristic is granularity, which allows our teams to have different security profiles depending on the department to be protected.

There is also a list of applications pre-loaded in the systems to be able to have blocks or permissions to use different applications.

Finally, the licensing of our Check Point gateways, which are not licensed separately, provides an advantage.

Check Point licenses are somewhat expensive, in addition to the fact that it is difficult to validate their costs without a Check Point partner - which is why it is difficult to validate them.

Support is only available in the English language, which affects some regions where Check Point products will be used.

The SLAs of checkpoint products are sometimes not met since the cases created are sometimes attended to very late after opening them.                     

We have used this solution for at least five years in its different versions. It has helped us a lot with business security.

We have not previously used any product like this.

The costs should be reviewed with a partner of Check Point. As for the implementation, it is really simple.

Several proofs of concepts were carried out, and Check Point was the best.

This is an excellent product.

The company-based applications have benefited from this software in the enhancement of security and performance acceleration. 

Check Point Application Control monitors all tools' performance and operations in all enterprise activities. 

The reported performance metrics help us allocate resources and unlock hidden business potentials. Over the past year, this product has boosted the end output of all applications and promoted efficient teamwork. Each tool can easily link and integrate with others with set task objectives.

Check Point Application Control has highly improved business operations with modern data control systems. 

It ensures that the health of each application can handle the set tasks and projects without any challenges. 

We have increased workflow performance and improved the service delivery to our clients. 

Data transfer with preferable security measures has enhanced better collaboration among teams. The connection of applications has enabled members to understand the data flow and set goals with real-time reports.

The set security measures integrated with applications help us to identify and set policies that can support our programs. 

It mitigates the security risks that can affect business tools and their implications on the overall production capacity. 

The workflow tracking capacity provides data on all employees working with certain tools and their contributions. 

Check Point Application Control can monitor the operations of many applications at the same time without low-performance experiences. There is increased revenue from the reduced cost of consolidating required security tools.

The set security features have increased the production efficiency of all applications. The new IT team monitoring this system requires proper training in order to execute the targeted goals effectively without failure. 

The set performance monitoring systems are complex to interpret and scale down their operations. 

The customer service team works tirelessly to ensure our teams are satisfied. Cloud network security has kept our assets secure since we deployed with a smooth continuation of other enterprise activities.

I've used the solution for one year and four months.

This product is stable and with high-performance capabilities.

I like the persistence of improving security across the organization from this application.

I have no words for the support team; I really congratulate them on the excellent job!

Positive

I have previously worked with AppDynamics - although the security models did not meet our targets.

It is easy to setup and learn how the product works.

The vendor team did the implementation.

The set targeted ROI has been achieved.

The setup procedure is good and the cost is suitable for most enterprises.

I evaluated operations and performance of AppDynamics.

Check Point Application Control is the best solution for security and performance controls.

In our company, when acquiring CKPOINT products to be able to have perimeter protection for our teams, both cloud and on-premise.

we are able to carry out greater protection with Check Point's gateway, integrated with access control. It is a great help.

Check Point Application Control has been of great help in being able to provide access and granular security improvements for different departments with different profiles within the company. It is important to be able to do this in environments that deserve greater control in different areas.

We gained a lot in control, however, also through the reports it was possible to determine what was happening, and subsequently, make security improvements in the application control blade. Its use is really simple and intuitive, and when we have had doubts we have relied on the public documentation.

One of the advantages of Check Point Application Control is the large number of profiles included within the tool to be able to generate granular policies, in addition to permissions between servers or even web access.

Its implementation is simple. It is another great advantage. In our case, we use it with our R81 Check Point Gateway. It was implemented in Microsoft Azure, being a virtual device.

On the other hand, the log reports are very good for making validations and decisions.

Something important to mention is the improvement at the support level. It could be more advanced. Sometimes the responses are somewhat slow or based on a schedule that is not always the same as the companies. It's difficult to generate a session with them to better explain your needs.

We would also like the costs to be more comfortable. Although they are not different from other security tools, they could have improvements to provide greater interest to customers who are interested or loyal to Check Point's products.

In the company, we have made security improvements in recent years to be able to solve technological gaps in which vulnerabilities could greatly damage work continuity. Application control is a great help for our gateways.

Previously we had used Fortinet Gateways, however we liked what Check Point offered better at the level of modern security tools.

It is very important before implementing security improvements to have a test environment to evaluate correctly. I recommend taking previous implementations into account.

Before opting for Check Point, we validated and verified several demos with other manufacturers, however, we liked it better and it was better adapted to our internal needs.

Application and URL filtering is the perfect combination to block unwanted application and web browsing traffic based on the defined policy.

Customers who don't have a dedicated proxy can utilize Check Point's Next Generation Firewall as an Application Control.

It allows users to define policies based on source IP, user role, or group, which can easily identify traffic flow with SAML. You can allow or block traffic coming or going out to the internet for specific applications or websites.

Most organizations take advantage of application control, which provides the most efficient and accurate results to block or allow application traffic.

No organization requires entire access for an application running as that would cause more risk, which is not desirable. If we want to allow certain required applications, with Check Point, application control is possible.

For customers that have database servers and public-facing servers and want to provide access to specific services, Check Point is perfect.

With application control and URL filtering, it becomes possible to block/allow applications and sub-applications the maximum flexibility to allow for policy-based access roles. The solution offers user notifications for blocked access, time-defined policies, and bulk categorization of malicious applications.

With Check Point Application Control, it is possible to mitigate unwanted application traffic even it detects items, and allows traffic for specific ports which can be required to run the specific application successfully while blocking traffic from all remaining ports.

We get a Smart Event Report which clearly shows us how many applications are running under the Check Point Gateway and which applications require more security rules while revealing vulnerabilities.

Customization rules for custom applications help to define rules.

The application layer is the most usable feature Check Point provides to categorize and distribute the different sets of rules which work in a top-down lookup approach. This allows users to define policies separately within that particulate layer.

By default, an implicitly cleanup rule exists.

The product offers easy-to-install policies and makes it simple to troubleshoot application-related traffic.

The solution is integrated with an app wiki to provide a large application database.

Smart Event generates reports which are very useful in order to identify non-required applications running into the environment.

The working principle of Check Point Application Control is far different from all other vendors in the market. It basically works in parallel with security rules. Every time packet must go from policy lookup into security rules. It sometimes leads to a troubleshooting phase for which we can create application traffic.

SD-WAN functionality can be added.

Direct API integration for customized application features can be added.

Load balancer functionality for application traffic might be a better option.

There is no completely stable solution. Even if you consider a competitor solution, you will face some issues from time to time.

The scalability is based on the device throughput.

There is dedicated TAC support for the specific blade in Check Point, which provides for a better resolution.

We did a direct migration from Sophos/Cisco FTD to Check Point. This has been done for many customers and usually leads to changing application control.

The initial setup is straightforward in terms of the policy configuration and licensing.

We are the vendor. We can assist in implementations.

The setup is very straightforward and the licensing works based on a subscription model.

We did look at dedicated proxy servers.

Application control is part of the administration of Check Point management. We use it to provide protection and access to applications and sites in a safe way on the computers that are protected by our gateways.

The use of this feature has been very important for perimeter protection through our gateways, it is fairly simple to use for the protection of specific applications and sites. This is in addition to the fact that these controls can be applied in a granular way from a network to a specific host which is incredible for the security administration of any company.

Check Point Application Control is a powerful tool and has given us the protection that we needed for our business. We are now able to secure ourselves internally.

Without the use of this tool, we had suffered from the use of applications not allowed within the company. This generated the loss of effective time for our employees, in addition to generating major security problems due to the use of applications that generated cyber threats that affected the operation of the company.

Thanks to Check Point Application Control we are able to control these vulnerabilities and provide both greater employee productivity and greater perimeter security.

We loved Check Point Application Control for its granular control and ability to apply policies between groups, hosts and networks depending on the need.

On the other hand, the integration of our AppWiki with a large number of preloaded applications in segments helps to apply policies more easily and effectively.

The integration with Check Point Security Management and Check Point Security Gateway potentiates the company's perimeter security. This is a truly powerful feature and it is easy to implement.

Check Point is a fairly complete security vendor, however, we would like to have a better SLA for technical support issues, sometimes they take a long time to resolve customer issues.

On the other hand, the documentation is not always as clear as we would like it to be, it takes a long time to review it and implement solutions with the best practices of the manufacturer.

Finally, their costs are high, I think they could improve and make it more competitive against the competition, even if they are better protection tool.

Previously, we had only used applications that generated this protection as a test, however, they did not meet our expectations like Check Point.

Our recommendation to other clients is to have a partner that helps them with the company's requirements in addition to the costs.

We did validate proofs of concept from other manufacturers, but we liked the Check Point's protection more.

With the growing technological advances that the organization is having and the data that the company needs to protect is no longer just at the perimeter area. We also need to protect the applications that are being developed, and we need to develop, grow, and deliver tailored services for different companies. We have looked for a line of security that could contemplate establishing and securing each of the lines of fire that could possibly be attacked at the moment that we made available a new application and a new service for each user or customer. They have come to have great importance in our company.

Check Point Application Control has allowed us to integrate more capabilities by limiting the use of applications. Categories can classify things so we can segment each of the features to control granularity and integrate next-generation firewall security. This allows us to consolidate security controls by reducing the costs that the company will have to invest in when it comes to having Next Generation security. This is one of the best reasons why we have invested in solutions of this type because they give us the ability to have less expense with greater security, having first-world innovation and security.

Among the features that we have used, we like being able to identify the identity of the user who is doing transactions. Thanks to that, we have greater control, and management, and have the possibility of establishing limits and controlling each of the actions that the user will establish in the application. Based on the control and capabilities of the solution, we can say today that the added value and capabilities of its features make it the ideal security solution for any company.

Seeing the capabilities and features that we are using today, we can say that we could expect an additional feature that could allow us to integrate this management and even security with APIs. Establishing passwords, communicating, and all the traffic of command data services could be established through this type of connection, and we could take advantage of secure and stable connections. This gives us the possibility to establish, place and secure the data in a safer way.

The company has been around for about a year. For a few months, we have been implementing the solution to protect and control the issue of applications in the Next Generation firewalls.

We have main and branch offices as well as on-premise and cloud data centers. Using Application Control we control the necessary applications instead of creating one or several rules for one application. 

With the AppWiki from Check Point, we can even show users that don't have a log in what applications there are and even see the risks involved at a single glance.

If you use Microsoft services, there are a lot of different applications that the firewall can differentiate and this shows also in the logs.

Using Application Control instead of normal rules and ports helps with ever-changing product versions. In the past, each version could add/remove certain ports which have to be added or removed by the administrators. With automatically updated applications, you don't have to do that continuously.

Enabling Application Control is unbelievably easy as once it is enabled you can use all relevant applications within the rule base.

Seeing applications within the logs also makes troubleshooting easier as you can see if the firewall recognizes the relevant application.

Check Point Application Control offers a wide selection of applications, and even within those, you can configure uploads, downloads, et cetera, on a very granular level. That way, users can use a single application for viewing data but are unable to upload potentially unwanted files. Basic functionality can be provided without decreasing security. In addition, using Check Point Logs we can also see what is allowed/blocked and can act accordingly.

Using APCL within the normal rule base also makes administration easier.

If you want to use Application Control over your whole environment you have to license it for all gateways. Otherwise, you can only work with a subset of it. Therefore, pricing can be quite an issue.

We saw that sometimes APCL stops working and can cause an impact on the rest of the rule base. Therefore, it's advisable to check that the gateway can always update itself with the newest applications.

Sometimes applications are not recognized. This may be due to HTTPS Inspection settings. It's also advisable to fully inspect traffic.

I've used the solution for over two years.