Try our new research platform with insights from 80,000+ expert users

Check Point NGFW pros and cons

Vendor: Check Point Software Technologies

4.4 out of 5

307 reviews
96% willing to recommend

1,252 followers

Pros & Cons summary

Check Point NGFW offers comprehensive protection with integrated Threat Prevention and Antivirus features, excelling in intrusion prevention and management, serving various business sizes. However, it faces challenges with stability, requiring frequent reboots, and technical support is often slow. Licensing is complex and costly, while third-party integration and VPN interoperability need improvement. Antivirus updates are less frequent and advanced compared to others, making licensing expensive and causing potential limitations for organizations seeking seamless security solutions.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.

Prominent pros & cons

PROS

Check Point NGFW is highly valued for its robust security features, including threat prevention and intrusion protection, significantly enhancing cybersecurity defenses.

Its centralized management system allows for efficient handling of multiple firewalls from a single dashboard, simplifying configurations and policies.

Check Point NGFW provides seamless scalability, supporting expansion and adaptation to growing network demands and large data centers.

Its superior reliability and stability ensure consistent performance without downtime, enhancing operational continuity.

The platform offers comprehensive antivirus and network traffic inspection capabilities, fortifying protection against a wide array of threats.

CONS

Check Point NGFW suffers from stability issues that require frequent reboots.

The firewall lacks effective technical support and timely issue resolution.

There are challenges and complexities in setting up and deploying VPN configurations.

Check Point NGFW's pricing is considered high compared to competitors.

Interoperability and integration with third-party vendors are limited and require improvement.

Check Point NGFW Pros review quotes

PS

Pushkin Sawhney

Principal Network and Security Consultant at Vodafone

Sep 14, 2020

Check Point definitely has a great architecture, where you can just enable the software blades and deploy a secure service. Overall, it provides ease of deployment and ease of use.

Read full review

SV

Steve Vandegaer

Senior Engineer Security at NTT Security

Sep 6, 2020

The feature I like the most is their central management, the Smart controller which you can use to manage all the firewalls from one location... Being able to access almost everything in one location — manage all your gateways and get all your logs — for me, is the best feature to work with.

Read full review

BF

Senior IT Manager at a mining and metals company with 501-1,000 employees

Oct 9, 2020

The packet inspections have been a strong point. Our identity collectors have also been helpful. In many ways, Check Point has been a step up from our SonicWalls that we had in-house before that. There's a lot of additional flexibility that we didn't have before.

Read full review

Check Point NGFW

Free Report: Check Point NGFW Reviews and More

Learn what your peers think about Check Point NGFW. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.

842,296 professionals have used our research since 2012.

reviewer1425090

Network and Security Specialist at a tech services company with 51-200 employees

Sep 23, 2020

I love the interface of R.80.30. The R.80 interface is very nicely thought out with everything in one place, which makes Check Point easier to use.

Read full review

I.

Ifeanyi Onyiaodike

Network security engineer at Fidelity Bank

Sep 7, 2020

The most valuable feature for us is the VSX, the virtualization.

Read full review

AS

Technical Support Engineer at AlgoSec

Sep 6, 2020

The Anti-Spoofing has the ability to monitor the interfaces. Suppose any spoofed IP addresses are coming from an external interface, it won't allow them. It will drop that traffic. You have two options with the Anti-Spoofing: prevent or detect. If any kind of spoof traffic is coming through the external interface, we can prevent that.

Read full review

Director at Trend Micro

Jun 5, 2024

The solution's technical support is fine.

Read full review

reviewer1098015

Network Security Engineer/Architect at a tech services company with 1,001-5,000 employees

Sep 9, 2020

The most valuable features are the security blades and the ease of managing the policies, searching log for events, and correlating them.

Read full review

Network & Systems Administrator I at Department of Mental Health

Sep 2, 2020

The simplicity of the access control is the most valuable feature for us. It gives us the ability to easily identify traffic that is either being allowed or denied to our network.

Read full review

KK

Network Associate at a wireless company with 1,001-5,000 employees

Feb 17, 2021

We have between five and ten firewalls on-premises, and if we want to configure or push the same configuration to all of the firewalls, then the centralized management system is very helpful.

Read full review

Show 10 more reviews (out of 300)

Check Point NGFW Cons review quotes

PS

Pushkin Sawhney

Principal Network and Security Consultant at Vodafone

Sep 14, 2020

The area it needs improvement is the SandBlast Agent. It receives a file, or if it detects a Zero-day attack, it takes the file and analyzes it, either on-premise or in the Check Point Cloud, and then it reports back whether the file is secure or non-secure, or is unknown. That particular area definitely needs a bit more improvement, because there is a delay... where it needs improvement is where [SandBlast is] an appliance-based solution rather than a software or cloud-based solution.

Read full review

SV

Steve Vandegaer

Senior Engineer Security at NTT Security

Sep 6, 2020

The biggest improvement they could make is having one software to install on all three levels of their products, so that the SMBs, the normal models, and the chassis would all run the same software. Now, while there is central management, everything that has to be configured on the gateway itself works differently on the three kinds of devices.

Read full review

BF

Senior IT Manager at a mining and metals company with 501-1,000 employees

Oct 9, 2020

The VPN setup could be simplified. We had to engage professional services for that. That's not a problem, but compared to other products we've used, it was a little more complex.

Read full review

Check Point NGFW

Free Report: Check Point NGFW Reviews and More

Learn what your peers think about Check Point NGFW. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.

842,296 professionals have used our research since 2012.

reviewer1425090

Network and Security Specialist at a tech services company with 51-200 employees

Sep 23, 2020

The naming in the inline layers and ordered layers needs improvement. It makes things very complicated. I've seen quite a lot of people saying that. For audit policies, it is okay since it's very simple to see. However, this area is for very large organizations, which have too many policies, and they need to share all these policies. For small to medium-sized businesses, they don't need it. Even if somebody has 500 rules, if they try to use it, it can be very confusing.

Read full review

I.

Ifeanyi Onyiaodike

Network security engineer at Fidelity Bank

Sep 7, 2020

The VPN part was actually one of the most complex parts for us. It was not easy for us to switch from Cisco, because of one particular part of the integration: connecting the Check Point device to an Entrust server. Entrust is a solution that provides two-factor authentication. We got around it by using another server, a solution called RADIUS.

Read full review

AS

Technical Support Engineer at AlgoSec

Sep 6, 2020

For the user or anyone else who is using Check Point, they are more into the GUI stuff. Check Point has its SmartConsole. On the console, you have to log into the MDS or CMS. Then, from there, you have to go onto that particular firewall and put in the changes. If the management console could be integrated onto the GUI itself, that would be one thing that I would recommend.

Read full review

Director at Trend Micro

Jun 5, 2024

If you check each and every point from this part, you will find some flow in an area, or you will discover another flow in another area.

Read full review

reviewer1098015

Network Security Engineer/Architect at a tech services company with 1,001-5,000 employees

Sep 9, 2020

Debugging is very complex when compared to Fortinet, for example. That's the worst thing about Check Point. The deployment of the solution is harder than it is with the competitors. But after you've deployed it, the operation is easy.

Read full review

Network & Systems Administrator I at Department of Mental Health

Sep 2, 2020

I would like there to be a way to run packet captures more easily in the GUI environment. Right now, if we want to read packet captures, we have to do so from the command line.

Read full review

KK

Network Associate at a wireless company with 1,001-5,000 employees

Feb 17, 2021

The level and availability of training should be improved.

Read full review

Show 10 more reviews (out of 304)

Related questions

82

How does Check Point NGFW compare with Fortinet Fortigate?

186

Is Palo Alto Networks NG Firewalls better than Check Point NGFW?

37

Which would you recommend - Azure Firewall or Check Point NGFW?

30

Is Check Point's software compatible with other products?

116

What do you recommend for a corporate firewall implementation?

85

Comparison of Barracuda F800, SonicWall 5600 and Fortinet

576

Sophos XG 210 vs Fortigate FG 100E

173

Which is the best network firewall for a small retailer?

185

When evaluating Firewalls, what aspect do you think is the most important to look for?

40

Cyberoam or Fortinet?