Check Point IPS Reviews

I use Check Point IPS to prevent attacks, such as malware, spyware, and any other malicious activity.

What I like best about Check Point IPS is that it can prevent attacks. I also like that it has a log feature.

The hardware-based version of Check Point IPS could be more scalable. Right now, it's not scalable.

I've been working with Check Point IPS for two to three years.

Stability-wise, Check Point IPS is eight out of ten.

Check Point IPS is a scalable solution if it's cloud-based, but if it's hardware-based, it isn't scalable. Scalability-wise, it's a six out of ten.

The Check Point IPS technical support is excellent portal-wise and callback-wise, so it's a nine out of ten.

Positive

Setting up Check Point IPS is straightforward.

Before I deploy Check Point IPS, I'll put it on IDS mode, and then I'll see the current user activity, any malicious activity, and the logs. I then switch to the IPS mode.

You can pay for Check Point IPS yearly, or you can go with a three-year license. There's no extra cost apart from the standard licensing fee.

My company has two hundred users of Check Point IPS.

I recommend Check Point IPS to others because it's scalable, reliable, and easily managed by all users.

My rating for Check Point IPS is eight out of ten.

We have a hybrid infrastructure with an on-premise data center, cloud data center, and multiple branch offices. All of these firewalls are managed via Check Point Multi Domain Management as well as Smart Event to see security events across our environment.

IPS is set primarily to prevent and only some signatures are set to detect (only after some false positives) so we still see them and get notifications via the Smart Event reports.

IPS is updated automatically and pushed to all gateways every two hours. 

Check Point's IPS simply works and is continuously kept up-to-date on all gateways. Via the management, it's possible to let the gateway update the IPS signatures itself, instead of letting the management update itself and then push the updates to the gateways.

If there's a new data center or branch office and everything is still in the test phase, it's possible to set the IPS policy to detect only so you can gather data and create a baseline without completely disabling IPS. That way, you can still see log entries.

Automatic updates can be done either via management or the Gateway itself, without any user interaction. The gateway is up-to-date with the newest signatures.

If you're unsure which profile to use, Check Point has some pre-defined profiles according to its best practices. Each one adds a different load to the relevant gateway, so you have to first check the current load and then decide on the right profile.

IPS signatures can be set quite granularly depending on your environment. You can filter on performance impact, severity, and confidence which makes sizing and adapting easier.

You can't turn off IPS completely as there are some signatures that are set even without activated IPS. If you know that, you can act accordingly. But sometimes you have to do a general exception instead of a granular one.

There are always some false positives with non-RFC traffic. This is good for security, however, it will cause some effort in day-to-day business as there will have to be exceptions for certain applications.

Threat Prevention policies are not very easily manageable as there are several profiles/policies/etc. Therefore, there are several ways to add exceptions and check the configuration.

I've used the solution for over ten years.

The solution is very stable.

The scalability is quite good, depending on which IPS profile you're using.

The solution is easy to set up.

The solution's IPS functionality and firewall functionality are the solution's most valuable features.

The detection needs improvement. We fear that it doesn't detect everything that we want to see.

The solution needs enhanced reporting. The reporting on Cisco Stealthwatch and Darktrace is much bigger. The visibility that they grant for the filtering capabilities over large infrastructures are far superior.

The stability of the solution is good. We've never had any issues.

Scalability is very good. 

We run a very large network. It was really easy to cover the full traffic flow. We just don't know about the reporting aspect - on whether it sees all the traffic that we want to capture. I'm unsure if we will increase usage in the near future as we're currently moving away from the product.

Technical support is okay. I'd rate it seven out of ten. Our biggest complaint is that they are rather slow.

We weren't previously using a different product.

I wasn't involved in the initial setup.

We use the on-premises deployment model.

We're still in the process of evaluating options. We're doing a POC with Cisco and Darktrace and are moving away from Check Point.

I'd rate the solution seven out of ten.

The opportunity to use this tool was provided due to its ease of implementation within our NGFW security environment. The solution has been very good and the tool has a low rate of false positives, which makes it safer and more accurate.                                                                                                                                                                                                                                                                                               

This IPS tool is integrated with our gateways and is managed from our management environment. It has been very useful. It has given us protection to find any vulnerability, detect it, and improve it. It also validates threats reliably through its monitoring panel. The reports and logs help us to deal with decision-making to improve security conditions.

The option of security patches has been better protected to manage the servers' updates in a reliable way.

Its monitoring and reports generate extra help to be able to fight against
vulnerabilities.

We have really liked practically all the product's features - from the easy implementation through Check Point's gateway to its reduction in licensing costs. That especially really positively impacts the company's finances.

The low number of false positives for vulnerabilities builds additional confidence in the brand.

The constant updating of vulnerability signatures gives the tool protection against new and old threats.

Generally, a point that should be improved at the manufacturer level is the help it provides with its support staff. It is somewhat slow in its resolution of problems, even if the problem is with one of its new tools. 

 However, sometimes it is not so easy to implement.

It would be good to update the public documentation of Check Point so that we can generate improvements and best practices based on the documentation.

This is a great security application. We've used it in our Check Point gateways and management environment for more than three years. We've enjoyed excellent performance.

Previously we did not have a tool that would solve our security problems.

It is essential to validate the costs before implementation and also to test before setting up the environment in production.

We value some tools. However, nevertheless, Check Point met the conditions to implement it correctly and comply with what was necessary.

its a excellent solution by my company

Check Point IPS is an IT security solution that offers insight into potential attacks and helps to prevent them from occurring. This solution gathers various signatures and receives new updates when a new vulnerability is identified, thus safeguarding us from potential threats.

The solution has helped improve our security by blocking threats.

The solution is user-friendly and the interface is easy to configure.

The price has room for improvement. The solution's firewalls are quite expensive.

I have been using the solution for five years.

The solution is stable.

The scaling of our system depends on the type of hardware we are using. If we are using a virtual environment, it is easier to scale as we can just add more virtual machines. However, if we are using a hardware appliance, we will need to purchase additional hardware to scale it.

Previously we used an IBM solution but it was expensive and hard to configure compared to Check Point IPS which was a common sense model, and easy to implement with our firewall.

The initial setup is straightforward. I give the ease of setup an eight out of ten.

We first deployed the license and configured the rules in test mode. After making sure there were no false positives, we switched the rules to prevent mode to block any incoming attacks. The last part of the process was to configure a certificate for HTTPS inspection.

The deployment took one month to complete.

The implementation was completed with the help of consultants. Two people were required to complete the work.

Calculating a return on investment for cybersecurity products can be difficult. However, we have not experienced any concerning cyber incidents in the past five years; this is likely due to our strong firewall and comprehensive production system. All in all, this is a positive outcome.

We pay for a bundle subscription that includes additional solutions.

I give the price of the solution a five out of ten.

I give the solution a nine out of ten.

For maintenance, we need to review the log, identify any new signatures, and configure them accordingly.

The solution is used to protect 250 users.

We could potentially cause disruptions to our infrastructure if we do not use a good consultant to guide us through the implementation process.

The Check Point Intrusion Prevention System can block traffic from any source workstation inside our local network and facilitates the analysis of outbound traffic to check if there is any risk in the internal network in order to protect our clients and servers. With this product, we're creating a secure zone. We currently are using this blade in our hybrid environment and it's integrated with our secure gateway. Most of the time, our NOC team continuously monitors traffic in order to find any suspicious activity.

Now that the Check Point Intrusion Prevention System has improved our environment, we feel that we are more protected in our network. By implementing the recommendations that Check Point has given us, we have an optimal security environment now that provides almost real-time detection and prevention. We are protected by the Intrusion Prevention System and can go back and select any period or severity in order to display the latest statistics.

Check Point Intrusion Prevention System has great profiles, and we can continuously create, modify, activate, deactivate or configure any specific setting to allow the profile to focus on just one thing or for certain attacks. I also like that profiles can be applied to groups of workstations that need to be more protected from possible attacks. Each profile that we create has activated protections and some instructions of what the IPS should do with the traffic.

At the moment, I do not see what else can be added to this service. In my experience, I've seen that it has what we need without something additional being required. 

It is easy to use, easy to configure, and practically updates itself without the need to intervene as an administrator of the appliance. We are happy with this platform since it allows us to have security and control over the connections almost in real-time. There are many different services that Check Point Intrusion Prevention System has that are quite useful.

I've been using the solution for about four years.

I've found the stability to be good.

The scalability is great.

Technical support has been great,

Positive

I did not previously use a different solution.

The initial setup was not complex. 

We handled the implementation process in-house.

I've witnessed a 40% ROI.

The cost is a bit high but it is worth it.

I did evaluate other options before choosing Check Point.

So far, I have no regrets about choosing this solution.

The integration is a valuable feature.

The solution’s deployment could be easier.

I have been using Check Point IPS for three years.

There was no issue with the solution’s stability.

The solution is scalable.

We ask about issues with the technical support.

Positive

The initial setup is not easy. You have to configure the same type of menu for each channel and send it to the portal. You can verify the name from your website.

Check Point IPS is a brand and solution for protection.

Overall, I rate the solution a nine out of ten.

I would like the product to provide us with intelligence to understand what we really have in our environment. 

The solution helps us to detect attacks and prevent them. 

The solution does not scale well. 

We have had problems with the management. 

Neutral

The product's initial setup is easy. 

I would rate the product an eight out of ten.