Check Point IPS Reviews

We are using Check Point IPS for securing our internal networks and our website, as well as all of the traffic that goes through us. The traffic is analyzed by the IPS, which checks for things like malicious files and different attack patterns.

We are using the virtualized version.

Our old IPS was much more difficult to administer so the adoption of Check Point has helped us in this regard.

The most valuable feature is ease of use.

Check Point IPS has quite a decent database of attacks.

The reports are well written so that you can understand what type of attack has occurred, the originating IP address, and other details.

It is always possible to improve the speed of an IPS, although there is always a performance penalty when using additional security software.

Occasionally there are glitches and errors like false positives, which would be a nice area of this solution to improve upon.

The pricing could be improved.

I have been using Check Point IPS for six or seven years.

The stability is quite good. The product itself is quite good and although we had some issues, they were usually hardware related. Since we upgraded to the virtual edition two or three years ago, we have had almost no incidents. 

We do not have a very big scale so I cannot comment on scalability. The performance is enough for us and to test scale, you would need a bigger connection speed. We have a 500 megabit internet connection and it is almost never saturated. We have tested ours and it works well. The only time we hit a bottleneck is when we are transferring large amounts of data or creating many connections, but that is not our typical use case.

We have 205 employees and they are all protected by Check Point IPS. They are all end-users except for our one system administrator. We do not plan on increasing our usage at this point.

With Check Point, we have had quite good support. They usually respond within two or three days with some kind of resolution or at least they collect logs and analyze them.

Most of our cases are solved with first-level support, which is local. They are our partner who sells this product and they have their own technical people who know our infrastructure. We generally do not need to escalate our issues to Check Point.

Prior to using Check Point IPS, we were using a solution by IBM. It was much more difficult to administer. However, we had already been using the Check Point Firewall product and moving to Check Point IPS was a logical choice. It was easier in terms of administration because it is the same console and we did not need additional servers. In fact, our infrastructure got a little bit smaller and the performance, I would say, is better.

With respect to the performance, having the solutions on the same machine means that the traffic is analyzed once instead of twice. There are fewer hops.

The initial setup was quite straightforward. We had to add the license and enable the policies, which was done within two days. After that, of course, we had some fine-tuning but I wouldn't say that it's a headache. In total, it took about a month before we had the configuration ready and it was in production.

One person was responsible for the deployment and one person is enough to take care of maintenance.

We had some trouble doing all of the troubleshooting and setting up some of our rules, so we had assistance from technical support during this part of the setup. We took care of the main deployment but they guided us when necessary.

It is difficult to calculate ROI for an IPS or a firewall because you can actually live without fancy security if you don't have any data to protect.

This is an expensive solution. I am not exactly sure of the pricing because we have a package deal that has the licenses included. I think that the price of support is around $40,000 USD or $50,000 USD per year.

How it works is that we license a pair of virtual CPU cores, as well as the firewall, and then the IPS is included along with the antivirus and additional products.

We did evaluate several IPS products by different vendors but they all had trouble integrating with our Check Point Firewall. We made the decision that even if the other products were cheaper to buy, they would need additional integration and custom development, so ultimately it was not worth it.

My advice for anybody who is researching this type of solution is that they need to choose the product carefully. Most importantly, I would look from a performance perspective. Secondly, I would consider it from a pricing perspective because there are cheaper solutions available like Sophos and Fortinet, and they are good at what they do. If there is no firewall in place at all and this is their first project with protecting the enterprise, then it is reasonable to look at all of the vendors and look at what features are needed. The most important part is what your administrators are used to using because if you need to train them then it's additional costs.

The next thing that I would suggest is to make sure that you get a good partner because it is important to have good first-level support.  

The biggest lesson that I have learned from using Check Point IPS is to be quite careful about which features you enable with it, and which protections to use. You need to balance performance with security, finding exactly the right configuration for your environment and requirements.

Overall, I would say that this is a decent product. If the pricing were cheaper then I would say that it was perfect.

I would rate this solution an eight out of ten.

Check Point IPS is an IT security solution that offers insight into potential attacks and helps to prevent them from occurring. This solution gathers various signatures and receives new updates when a new vulnerability is identified, thus safeguarding us from potential threats.

The solution has helped improve our security by blocking threats.

The solution is user-friendly and the interface is easy to configure.

The price has room for improvement. The solution's firewalls are quite expensive.

I have been using the solution for five years.

The solution is stable.

The scaling of our system depends on the type of hardware we are using. If we are using a virtual environment, it is easier to scale as we can just add more virtual machines. However, if we are using a hardware appliance, we will need to purchase additional hardware to scale it.

Previously we used an IBM solution but it was expensive and hard to configure compared to Check Point IPS which was a common sense model, and easy to implement with our firewall.

The initial setup is straightforward. I give the ease of setup an eight out of ten.

We first deployed the license and configured the rules in test mode. After making sure there were no false positives, we switched the rules to prevent mode to block any incoming attacks. The last part of the process was to configure a certificate for HTTPS inspection.

The deployment took one month to complete.

The implementation was completed with the help of consultants. Two people were required to complete the work.

Calculating a return on investment for cybersecurity products can be difficult. However, we have not experienced any concerning cyber incidents in the past five years; this is likely due to our strong firewall and comprehensive production system. All in all, this is a positive outcome.

We pay for a bundle subscription that includes additional solutions.

I give the price of the solution a five out of ten.

I give the solution a nine out of ten.

For maintenance, we need to review the log, identify any new signatures, and configure them accordingly.

The solution is used to protect 250 users.

We could potentially cause disruptions to our infrastructure if we do not use a good consultant to guide us through the implementation process.

I use Check Point IPS to prevent attacks, such as malware, spyware, and any other malicious activity.

What I like best about Check Point IPS is that it can prevent attacks. I also like that it has a log feature.

The hardware-based version of Check Point IPS could be more scalable. Right now, it's not scalable.

I've been working with Check Point IPS for two to three years.

Stability-wise, Check Point IPS is eight out of ten.

Check Point IPS is a scalable solution if it's cloud-based, but if it's hardware-based, it isn't scalable. Scalability-wise, it's a six out of ten.

The Check Point IPS technical support is excellent portal-wise and callback-wise, so it's a nine out of ten.

Positive

Setting up Check Point IPS is straightforward.

Before I deploy Check Point IPS, I'll put it on IDS mode, and then I'll see the current user activity, any malicious activity, and the logs. I then switch to the IPS mode.

You can pay for Check Point IPS yearly, or you can go with a three-year license. There's no extra cost apart from the standard licensing fee.

My company has two hundred users of Check Point IPS.

I recommend Check Point IPS to others because it's scalable, reliable, and easily managed by all users.

My rating for Check Point IPS is eight out of ten.

We first saw that this blade was available to use in our Check Point gateway. Later, we understood that there are advanced threats that are in charge of exposing weaknesses. We did not have our perimeter completely covered, which is why we decided to use this technology.

This technology helps us to detect and prevent attempts at exploiting vulnerabilities. It also helps a lot as the tool poses very few false positives, giving the tool good credibility.

Check Point IPS has helped us to have greater perimeter security through our Check Point Gateway. It offers us an easy implementation and has great protection across our infrastructure.

By means of Smart Events, we can carry out very advanced monitoring of the threats that have tried to enter our infrastructure.

It is a great tool. It is totally recommended by us. It really covers many areas of security, such as anti-malware, data loss, improper use of protocols, and preventing known exploits.                             

One of the characteristics that we liked the most is the functionality and easy implementation via the Check Point Gateway.

The cost is reduced to being a blade. That is a good detail of the product in terms of licensing.

Protection in real-time is very good. It helps us detect things on time and make decisions to improve perimeter security.

Also, a very good feature is the optional mode of putting it only in detection mode. They are ensuring in that sense that they are not so intrusive at the beginning of the implementation in production environments.

Sometimes Check Point documentation is not always updated, which is why when some implementations change, it generates confusion about details. In addition to extending some implementations, it would be good for Check Point to keep its documentation public and updated.

This product, as a blade, does not include the license with the Check Point gateway.

Some errors are generated in the implementation of the Smart Cloud in the Infinity Check Point Portal. When that happens, cases of withdrawal must be carried out without embargo for a long time in response.

We have been using this solution for about two years and have received the expected results. We are satisfied with the product.

Previously we did not use another brand or tool. This is our primary solution now.

We did evaluate other options. It is always important to evaluate various options to see how they adapt to the client's system and infrastructure.

We recommend the product. It is highly safe and easy to use.

We have a hybrid infrastructure with an on-premise data center, cloud data center, and multiple branch offices. All of these firewalls are managed via Check Point Multi Domain Management as well as Smart Event to see security events across our environment.

IPS is set primarily to prevent and only some signatures are set to detect (only after some false positives) so we still see them and get notifications via the Smart Event reports.

IPS is updated automatically and pushed to all gateways every two hours. 

Check Point's IPS simply works and is continuously kept up-to-date on all gateways. Via the management, it's possible to let the gateway update the IPS signatures itself, instead of letting the management update itself and then push the updates to the gateways.

If there's a new data center or branch office and everything is still in the test phase, it's possible to set the IPS policy to detect only so you can gather data and create a baseline without completely disabling IPS. That way, you can still see log entries.

Automatic updates can be done either via management or the Gateway itself, without any user interaction. The gateway is up-to-date with the newest signatures.

If you're unsure which profile to use, Check Point has some pre-defined profiles according to its best practices. Each one adds a different load to the relevant gateway, so you have to first check the current load and then decide on the right profile.

IPS signatures can be set quite granularly depending on your environment. You can filter on performance impact, severity, and confidence which makes sizing and adapting easier.

You can't turn off IPS completely as there are some signatures that are set even without activated IPS. If you know that, you can act accordingly. But sometimes you have to do a general exception instead of a granular one.

There are always some false positives with non-RFC traffic. This is good for security, however, it will cause some effort in day-to-day business as there will have to be exceptions for certain applications.

Threat Prevention policies are not very easily manageable as there are several profiles/policies/etc. Therefore, there are several ways to add exceptions and check the configuration.

I've used the solution for over ten years.

The solution is very stable.

The scalability is quite good, depending on which IPS profile you're using.

The solution is easy to set up.

My primary use case for Check Point IPS is very simple: I first identify some signature behaviors and secure levels and then I apply some signatures. I usually do not deploy IPS from CheckPoint. Overall, I manage signatures.

The Check Point IPS feature I find the most valuable is the firewall. It is great and easy to work with. 

I'm not sure what I really like in IPS because it's automated. You read the permit and you try to apply the signature and read the behavior of the solution and find how to fix it. So I don't think Check Point IPS is a great solution. 

I don't I like working with it very much because there's other stuff you can do to have more information. However, Check Point IPS does prevent important attacks easily.

What I would like to improve in IPS would be the capacity of the hardware. I would also like to be able to sort signatures by severity. This would greatly impact how well I can manage my environment. 

In the next release, I would like to see automatic signature deployment. 

I have been using Check Point IPS for nearly a year now. 

On a scale of one to ten, with one being the worst and ten being the best, I would rate Check Point IPS an eight. 

Most of our clients have the majority of their critical resources on prem to protect their DMZ, so we use IPS for that. We are resellers, implementing and providing support to our clients. I'm a system engineer IT support.

The solution helps our clients because once IPS is implemented, they don't have to worry about the security of their most critical infrastructure, and they can focus on their core business rather than the IT side of things. They know that once the solution is in place, they can have full trust in it.

The product is user-friendly and easy to implement. We receive training on how to onboard and when we are onboarding clients, we have the option of engaging Check Point to assist. It's a good provision to have. In terms of functionality, it's one of the best solutions on the market. 

Most complaints for Check Point relate to licensing fees. You need to be prepared to pay extra for implementing this product. 

I've been dealing with this solution for over a year. 

The solution is stable and robust. 

The solution is easily scalable. 

The initial setup is quite straightforward and they provide documentation that is of good quality. Deployment takes around 30 minutes and maintenance is easy.  

This is not a difficult tool to use as long as you understand the basics of networking and security. I rate this solution nine out of 10. 

We use the solution as a firewall to monitor and prevent intrusion into our system.

The notifications are the most valuable feature of the solution.

The solution is expensive and the cost has room for improvement.

The installation documentation has room for improvement. We can use more detailed information because sometimes it is difficult to understand.

I have been using the solution for two years.

The solution is stable.

The solution is highly scalable.

We have 100 people using the solution in our organization.

I have had issues with the technical support not contacting me back.

Neutral

The initial setup is straightforward. The configuration is completed with a few clicks. After the configuration, we can access the portal and start using the firewall. 

We used a vendor for the implementation.

I give the solution a nine out of ten.

The maintenance is easy.

Check Point IPS has zero-day detection and next-generation servers which make it a good solution and I recommend it.