Try our new research platform with insights from 80,000+ expert users
Hugo Alexis Espinoza Naranjo - PeerSpot reviewer
Perimeter Security Administrator at a security firm with 51-200 employees
Real User
Top 5Leaderboard
Great protection from cyber attacks and DDoS with reduced downtime
Pros and Cons
  • "Check Point helps reduce downtime and costs associated with detected cyberattacks and can block those threats to ensure protection from any significant damage that may be caused within the organization."
  • "There is an issue with precision."

What is our primary use case?

It has allowed us to provide protection that we did not have before. We have tested and reviewed different solutions throughout the year to establish the best solution that would allow us to meet internal demands based on the products our organization sells and makes available from third parties. We need to protect information from those catalogs the database users who are willing to purchase services with us and at the same time we need to keep them protected. We need a safeguard from cyber threats to reduce downtime in costs associated with attacks and a potential loss of communication against our services in the data center.

How has it helped my organization?

Check Point helps reduce downtime and costs associated with detected cyberattacks and can block those threats to ensure protection from any significant damage that may be caused within the organization. We get an environment with protected data centers where there is no interruption of services and no significant loss (including reputational loss) to our company. 

What is most valuable?

By having a solution that allows us to protect systems and data from cyber attacks or unauthorized instructions (including malware and DDoS attacks), we can protect our system from all kinds of threats. Check Point reduces downtime and costs associated with attacks that cause communication losses and guarantees compliance with security. It also ensures the privacy of all the data that we have stored, which helps us maintain a high level of reputation when it comes to careful administration and data segmentation. Now, there is a formalization of data protection. Check Point is really compatible with the internal needs of our organization, and its features offer us a great advantage.

What needs improvement?

There is an issue with precision. There is room for improvement based on the type of threats that are constantly evolving. They need to ensure they are managing to keep up with threat changes and generate some new approaches. 

Another feature that I would like to see as a substantial improvement is the expansion of support in cloud environments. We need to ensure we can have access to public and private clouds and need to be able to include integrations with different popular providers. 

They need to offer IoT as device support.

Buyer's Guide
Check Point IPS
December 2024
Learn what your peers think about Check Point IPS. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.

For how long have I used the solution?

I've used the solution for one year.

Which deployment model are you using for this solution?

Private Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Edwin Solano Salmeron - PeerSpot reviewer
Soporte técnico superior at Acobo
Real User
Top 5Leaderboard
Great visualizations with helpful event analysis and centralization features
Pros and Cons
  • "Its event analysis and centralization features are very important for any organization."
  • "I would like to have the possibility of adding features to this IPS solution in the future."

What is our primary use case?

This solution allows us to achieve a healthy network and good security within our organization given its functions, management, and control. The level of detection and intelligent algorithms that protect against distributed attacks have helped us to secure ourselves and provide protection in real time. These capacities and needs complement our security based on a scheme that our fund or financial distribution can achieve under annual or quarterly protection measures (or every three years). 

How has it helped my organization?

Check Point offers us good protection. It has also allowed us to acquire services and products under a scheme that allows us to put together, as if it were, an offering of different functions or characteristics, giving added value to each one of them when they connect to each other. It is a solution that we can constantly build with each of the blades that we add. This makes it possible for us to have savings based on the security structure that we need for the organization. Thus it is a solution that has saved us significantly in additional investment when dealing with security.

What is most valuable?

Speaking of the IPS solution, it is important to understand that each of these features is based on real-time detection, analysis, and centralization of events. We were able to interpret that the solution is a total complement to each of the needs that any organization may have. Its event analysis and centralization features are very important for any organization. Those allow you to generate a general visualization, making a complete panorama of each of the events that you have inside your security system. 

What needs improvement?

I would like to have the possibility of adding features to this IPS solution in the future. It allows us to reach and integrate with other solutions that we have in the same portfolio of this security provider. It has the possibility of achieving and integrating the detection and analysis of this equipment against the integration and analysis that is done in the final devices, generating a correlation and installation of agent propagation from an internal security center. 

For how long have I used the solution?

I've used the solution for four years. 

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Check Point IPS
December 2024
Learn what your peers think about Check Point IPS. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.
Telecommunication Team Leader at a financial services firm with 201-500 employees
Real User
Top 5
Provides new versions of IPS policies and indicators of compromise, which help us maintain an up-to-date security posture
Pros and Cons
  • "The integration of IPS with the firewall is quite efficient."
  • "A reduction in price would always be welcome."

What is our primary use case?

I primarily use Check Point IPS as the second layer of security. The first layer includes routers, DDoS protectors, and access lists on other network devices. Check Point IPS is used for threat prevention in the network, not for web applications. I also rely on other solutions for web application firewalls.

What is most valuable?

The integration of IPS with the firewall is quite efficient. It's easy to implement, monitor, and prevent certain situations on the same platform, which is very useful for me. Also, the real-time update function is beneficial. Check Point provides new versions of IPS policies and indicators of compromise, which help us maintain an up-to-date security posture.

What needs improvement?

Currently, the solution is good for my needs, so I don't have any particular improvements to recommend. However, a reduction in price would always be welcome.

For how long have I used the solution?

I have been using Check Point IPS for over ten years.

What do I think about the stability of the solution?

The stability of the solution is very high. I would rate it as ten out of ten. It has been consistently reliable.

What do I think about the scalability of the solution?

Scalability can depend on the environment. In my setup, using a hardware version, scaling is not easy. There's a limitation on the power because it's not a modular harmonic system. Others might find it easier to scale if they use the Harmony solution.

How are customer service and support?

Customer support used to be very good, rating at nine or ten out of ten a few years ago. Recently, it's not as strong, more around six or seven out of ten due to the quality of solutions provided and support handling of cases.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

I have used many platforms for Check Point, including Nokia and Splat, and now I use a dedicated platform for Check Point IPS.

How was the initial setup?

The initial setup was simple, though it was a long time ago.

What's my experience with pricing, setup cost, and licensing?

The price could be lower. It's always better for an end user when prices are reduced. The cost makes it difficult to implement in smaller companies.

Which other solutions did I evaluate?

I have used many vendors and platforms, such as Nokia and Splat along with Check Point, for various security needs.

What other advice do I have?

Overall, I rate Check Point IPS a nine out of ten. I recommend it to other users for its integration capabilities and stability.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Zdenek Zeithaml - PeerSpot reviewer
Network Security at a insurance company with 51-200 employees
Real User
High availability, helpful support, and effective management of devices and policies
Pros and Cons
  • "The most valuable feature of Check Point IPS is the management of devices and policies."
  • "Check Point IPS' main problem is it is mostly software based. The performance is dependent on the CPU power, and the limited number of patterns."

What is our primary use case?

We are using Check Point IPS for the detection and prevention of threats for our PCI firewalls where it's mandatory to use it.

What is most valuable?

The most valuable feature of Check Point IPS is the management of devices and policies.

What needs improvement?

Check Point IPS' main problem is it is mostly software based. The performance is dependent on the CPU power, and the limited number of patterns.

For how long have I used the solution?

I have been using Check Point IPS for over five years.

What do I think about the stability of the solution?

Check Point IPS is stable.

What do I think about the scalability of the solution?

The stability of Check Point IPS depends on too many factors. It always depends on the usage and the traffic. However, we did not have any issues with scalability.

We have approximately 40 to 50 people involved in using Check Point IPS, such as the firewall and IPS managing teams.

How are customer service and support?

We have onsite engineers from the Check Point IPS directly on our site.

I rate the support from Check Point IPS a four out of five.

How would you rate customer service and support?

Positive

How was the initial setup?

The initial setup of Check Point IPS is straightforward because there are security profiles with default recommended configuration. However, these were beneficial at the time when produced but they are not that helpful anymore. 

It can take some time to do verification because there are some protocols where you know that there could be problems. For example, for some of the sharing features, you have to be careful. Those there are the profiles you can use for the setup, you do have to do a lot of manual work to have everything work correctly.

I rate the setup of Check Point IPS a two out of five.

What about the implementation team?

We did the implementation of Check Point IPS in-house.

What's my experience with pricing, setup cost, and licensing?

There is a license needed to use the Check Point IPS which is not expensive. However, the Check Point IPS device is expensive.

What other advice do I have?

We are replacing the IPS from Check Point with a different solution, which is related to the IPS functionality. The reason for the replacement is because Check Point IPS are at their end of life and are not creating or not using the security policy for the traffic, it mostly acts as an IPS.

We are planning on using Trend Micro. It will be better because there will be a dedicated device that is doing only the IPS. The performance will be better and it has a larger number of patterns updated weekly.

I have a very long and extensive experience with the Check Point ISP. It is a good solution, but sometimes it's causing issues, but it's a general problem for all the networks and security devices.

I rate Check Point IPS a nine out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
User
Easy to use, stable, and allows flagging if patterns are detected
Pros and Cons
  • "IPS easily allows follow-up flags on recently updated patterns. If, in rare cases, a false positive does occur, it is quickly detected and an exception can be easily created."
  • "I am not aware of a preview channel or some repository to have a preview on upcoming signatures, however, this would be nice to have."

What is our primary use case?

IPS is part of our Check Point Firewall Solution and a key function in securing our infrastructure. It is good to have an instance already on the gateway that protects specific services from attacks.

Very often, patch installations and downtimes cannot be implemented immediately in the case of critical security vulnerabilities.

IPS helps to secure short-term security vulnerabilities with its regular signature updates. The variety of products being covered is always impressive.

IPS is a key instance to secure services behind our Gateway.

How has it helped my organization?

Online attacks and malware have been evolving, using sophisticated and even evasive attack methods. Check Point addresses the changing threat landscape while meeting several key operational requirements for Intrusion Prevention Systems. Check Point IPS protections include checks for protocol and behavioral anomalies which means they detect vulnerabilities in well-known protocols such as HTTP, SMTP, POP, and IMAP before an exploit is found.

If you have any doubt if an update might interfere with any of your services, you can just mark it as "detect only" and observe how it behaves.

What is most valuable?

IPS easily allows follow-up flags on recently updated patterns. If, in rare cases, a false positive does occur, it is quickly detected and an exception can be easily created.

Basically, it is easy to use and offers a wide variety of protections through all kinds of software, services, appliances, and IoT-Devices. Updates are available regularly and can be easily downloaded and deployed through all the infrastructure. Rollback is easy to perform if ever something happens. It is a must-have on each gateway.

What needs improvement?

Usually, new signatures for known vulnerabilities come very quickly. In some cases, I would have liked the updates to be faster.

I am not aware of a preview channel or some repository to have a preview on upcoming signatures, however, this would be nice to have.

There is not too much else I am missing on Check Point Intrusion Prevention.

For how long have I used the solution?

We've used the solution for years now.

What do I think about the stability of the solution?

We have no concerns at all when it comes to stability. 

What do I think about the scalability of the solution?

We've never reached a performance limit.

How are customer service and support?

Technical support is responsive and helpful.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I've worked with Check Point for years now.

How was the initial setup?

The setup process is straightforward. I'd recommend others join a CCSA training to cover the required knowledge.

What about the implementation team?

We implemented through our vendor and they were very experienced.

Which other solutions did I evaluate?

I've worked with other vendors before - however, of those that I've used, I found they didn't offer the whole package under one admin console.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer1164006 - PeerSpot reviewer
Director Of Information Technology at a security firm with 1-10 employees
Real User
Helpful alerting, provides valuable network insights, and the pricing is negotiable
Pros and Cons
  • "Overall, it give me a lot of insight into my network that I didn't have before."
  • "The pain point that I have with this solution is contacting technical support."

What is our primary use case?

We primarily use Check Point to provide visibility into our network. It lets us see the east-west traffic, and it gives us a lot of information to work on as far as what kind of traffic was passing through.

How has it helped my organization?

Overall, it give me a lot of insight into my network that I didn't have before.

What is most valuable?

It lets us know about anomalous behavior and it provides alerts regarding activity on certain ports. It lets me decide, for example, whether something is a valid connection, or causes me to question why a certain port is open.

What needs improvement?

The pain point that I have with this solution is contacting technical support.

For how long have I used the solution?

I have been working with Check Point IPS for more than a year.

What do I think about the stability of the solution?

Stability-wise, this product is great.

What do I think about the scalability of the solution?

The scalability comes from the fact that this is an on-premises device that ties into a cloud service. It's a hybrid application. Once you have it installed, it's collecting information. You put it right there in front of your input into the network, and it picks up all of the traffic.

How are customer service and support?

Sometimes, technical support takes a long time to get back to you.

Which solution did I use previously and why did I switch?

I used Check Point Endpoint Security, as well as the Network Detect and Response (NDR) appliance.

I am currently using Darktrace and Vectra in addition to Check Point. I've been using all three and I find that Check Point is the one where I get the most information from. I will stop using Vectra this year but I will retain Darktrace, as long as they keep it at a certain price.

Darktrace takes a lot more configuration; unlike Check Point, there are a lot more changes that need to be made. When it's fully integrated, it requires a lot of time and it may end up being as useful as the Check Point.

The reason I keep all three is because they all give me a different kind of view. They all give me different information. If they gave the same information, it'd be useless to keep them.

With respect to similar security products, I have demoed CrowdStrike, worked with Symantec, and am also using Check Point.

How was the initial setup?

Check Point was fairly usable out of the box.

I am using an on-premises appliance that ties into a cloud service.

What's my experience with pricing, setup cost, and licensing?

Pricing for this solution is negotiable and I'm happy with our pricing.

I suggest negotiating either at the end of their fiscal year or at the end of every quarter. At the end of the quarter, they have an incentive to lower the prices to sell as many units as possible in order to meet their end-of-quarter quota.

What other advice do I have?

If I could only keep one of my security solutions, it would be Check Point. To me, it provides the most valuable information.

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Oleg P. - PeerSpot reviewer
Senior Network and Security Engineer at a computer software company with 201-500 employees
Real User
New protections can be automatically activated in the "Staging mode", which only detect the possible threat and alerts them
Pros and Cons
  • "The number of the IPS protections is amazing - after the latest update I see more than 11000 in the SmartConsole."
  • "In my opinion, the Check Point software engineers should works on the performance of the blade - when it is activated with the big number of the protections in place, the monitoring shows us the significant increase in the CPU utilization for the gateway appliances - up to 30 percents, even so we are cherry-picking only the profiles that we really needed."

What is our primary use case?

Our company works in developing and delivering online gambling platforms. The Check Point NGFWs are the core security solution we use to protect our DataCenter environment located in Asia (Taiwan). The environment has about ~50 physical servers as virtualization hosts, and we have two HA Clusters consist of 2x5400 hardware appliances, managed by an OpenServer Security Management Server on a Virtual Machine (KVM), all running on R80.10 with the latest JumboHotfix. 

The Clusters serve as the firewalls for both inter-VLAN and external traffic. We have the Intrusion Prevention System (IPS) blade activated on both Check Point HA Clusters as the counter-measure against advanced threats and malware. The IPS blade mostly used for ingress traffic from the Internet to the DMZ VLAN.

How has it helped my organization?

I think that the security of our DataCenter has been increased to a large extent by activating of the Check Point Intrusion Prevention System software blade. Before that, we used the Cisco ACLs and Zone-Based firewall configured on switches and routers, which currently not an efficient solution for protecting from advanced threats. Now we have state-of-the-art, true, and efficient Next-Generation firewall, and the IPS blade is the heart of it. The security profiles activated in the IPS blade check the traffic not just by TCP/UDP port of the connection, but by traffic patterns and the application behaviour. 

What is most valuable?

The number of IPS protections is amazing - after the latest update, I see more than 11000 in the SmartConsole.

All the protections are tagged and categorized by the vendor/type/product, the severity of the threat, confidence level, and performance impact of the activation, which helps in finding and enabling only he profiles that we really need (e.g. we don't have any Microsoft Windows servers in our environment, so decided to disable such protections by default).

The protections are updated based on the schedule - we used the default once-a-day approach.

I also like that the new protections may be automatically activated in the "Staging mode", which only detect the possible threat and alerts them, but doesn't block the actual traffic, thus minimizing the impact of the false positives. 

What needs improvement?

In my opinion, the Check Point software engineers should works on the performance of the blade - when it is activated with the big number of the protections in place, the monitoring shows us the significant increase in the CPU utilization for the gateway appliances - up to 30 percents, even so, we are cherry-picking only the profiles that we really needed.

Due to that fact it is also not so easy to choose the correct hardware appliance when you are planning the infrastructure. It is even more important when you realize that the Check Point hardware is very expensive.

For how long have I used the solution?

We have been using this solution for three years, starting since late 2017.

What do I think about the stability of the solution?

The solution is reliable and stable, we didn't have any software or hardware issue while using it.

What do I think about the scalability of the solution?

The Check Point software blade is activated on the HA Clusters in Active-Standby mode. There's a space to grow with the current setup, but eventually, we may switch to the Active-Active mode and add additional appliances to the clusters.

How are customer service and technical support?

Even so we had a number of the support cases opened with the Check Point team, none of them was connected with the IPS blade. In general, there are professionals in the support team, but some cases took surprisingly long time to be resolved. 

Which solution did I use previously and why did I switch?

Before the Check Point IPS, we relied on the simple stateful firewalls configured on Cisco switches and routers and moved to Check Point to get improved security against the modern threats.

How was the initial setup?

The initial setup was easy, as was the configuration. Now the solution almost doesn't require the time for managing it.

What about the implementation team?

The implementation was done by the Certified Check Point Expert we have in the in-house team - the Check Point solutions are popular, so there are such engineer available on the job market.

What's my experience with pricing, setup cost, and licensing?

The overall cost of the solution is really high. You should properly scale the setup you are planning to purchase. 

The licensing model is simple, but some of the software blades are not included into the default bundles and should be purchased separately - pay attention to that.

Which other solutions did I evaluate?

We didn't evaluate the other solutions.

What other advice do I have?

The correct performance sizing is essential for this kind of software - use the tools provided by the vendor, and consult the sales if you are still not sure.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Adrian Cambronero - PeerSpot reviewer
Consultant at ITQS
Reseller
Top 5Leaderboard
Easy to implement with helpful support and good ROI
Pros and Cons
  • "Check Point IPS manages risk categories very well and accordingly helps us protect each of our devices in real-time."
  • "When entering, it always takes a long time to load."

What is our primary use case?

Check Point IPS was implemented two years ago to protect our infrastructure from threats.

It began by being implemented in local environments with a reduced staff to carry out the corresponding tests and not cause a total company blockage. Once the tests were over, we gradually extended to different departments. We began to use Check Point IPS to be able to provide security of Internet to users using the IPS and anti-virus anti-bot modules, we also apply them to invite us to enter the company and thus monitor outgoing Internet traffic and thus avoid malicious users. Prevention and detection are one of the most valuable pillars of security.

How has it helped my organization?

This tool has allowed us to obtain complete reports of the applications' vulnerabilities, which helps us remedy these vulnerabilities presented by the organization. 

It helped us a lot to monitor the internal traffic keeping monitored each server or user that enters the platform in this way Check Point IPS. It has allowed us to proactively reduce any incorrect configuration of network access that results from delegation. 

One of the points where Check Point needs to improve is in the support they offer, since there we have had a few inconveniences.

What is most valuable?

The implementation of Check Point IPS brought a lot of value to our organization with all the characteristics that the tool shows, starting with great visibility in a single dashboard, which makes it much better. You don't have to go through different tabs. 

Another feature is that it allows you to create multiple rule profiles. We can block directly from the outside without waiting to look at the logs.

With these and other features, Check Point IPS manages risk categories very well and accordingly helps us protect each of our devices in real-time.

What needs improvement?

It is always important to be improving the product to be at the forefront of technology. 

One of the improvements that would be good is to improve the latency in the portal. When entering, it always takes a long time to load. Also, when the tool is already running, you feel a slight decrease in performance.

The application has many facilities when using the tool. The configuration of each of the policies should have filters. 

We need to be able to understand and detect each of the vulnerabilities.

For how long have I used the solution?

This solution has been used for approximately two year in the company.

What do I think about the stability of the solution?

It's very stable. We never had any issues of it stopping to work. It's been very stable.

What do I think about the scalability of the solution?

We have not observed any significant performance impact on the firewall gateway by enabling the IPS module.

How are customer service and support?

The Check Point engineer we dealt with during setup had a lot of experience. His working knowledge helped us with the implementation.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

It is the first time that we've implemented a tool of this type.

How was the initial setup?

We implemented the product in-house with the aid of support as part of a POC.

A Check Point engineer who had a lot of experience helped us with the implementation.

What about the implementation team?

We implement the product internally with the help of support.

What was our ROI?

Attacks are prevented and detected based on severity, helping our organization eliminate compromising attacks. When making an investment with these tools, you are taking care of an important aspect that will double your profits.

What's my experience with pricing, setup cost, and licensing?

With Check Point, the IPS license could be included with the firewall product. Therefore the cost of the license is not huge.

Which other solutions did I evaluate?

Other solutions were not evaluated. We have always worked with Check Point products.

What other advice do I have?

One piece of advice is to have the latest database. You want to be protected against the latest attacks.

Which deployment model are you using for this solution?

Private Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Check Point IPS Report and get advice and tips from experienced pros sharing their opinions.
Updated: December 2024
Buyer's Guide
Download our free Check Point IPS Report and get advice and tips from experienced pros sharing their opinions.