Try our new research platform with insights from 80,000+ expert users

Check Point NGFW pros and cons

Vendor: Check Point Software Technologies

4.4 out of 5

307 reviews
96% willing to recommend

1,252 followers

Pros & Cons summary

Check Point NGFW offers robust central management with advanced security functionalities like threat prevention, antivirus, and antispam, ensuring comprehensive network protection. It is praised for scalability and detailed logging but has stability issues requiring frequent resets. Protection is updated against emerging threats, yet antivirus effectiveness lags behind competitors. Hardware compatibility and support challenges exist, especially in Africa, and pricing is seen as expensive and complex, with slow technical support resolution.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.

Prominent pros & cons

PROS

Check Point NGFW features centralized management, enabling configuration and updates across multiple firewalls simultaneously.

The system enhances security with deep packet inspection and threat prevention capabilities, protecting against both known and zero-day threats.

IPsec VPN, advanced IPS, and application control enhance network security and compliance by regulating and monitoring traffic thoroughly.

Configuration and deployment processes for Check Point NGFW are straightforward, and the management console facilitates quick policy deployment.

The SmartEvent feature and detailed logging capabilities greatly assist in fast and effective troubleshooting and network management.

CONS

Check Point NGFW experiences stability issues, with frequent reboots and unreliable tunnels.

Integration with third-party vendors is limited, causing challenges in interoperability with other systems like ArcSight and RSA.

The pricing of Check Point NGFW is considered high, with suggestions for more competitive structuring to accommodate different market segments.

Technical support is criticized for being slow and lacking in efficiency, particularly in regions like Africa and India.

Users find the initial setup process complex, requiring expert knowledge and additional training.

Check Point NGFW Pros review quotes

PS

Pushkin Sawhney

Principal Network and Security Consultant at Vodafone

Sep 14, 2020

Check Point definitely has a great architecture, where you can just enable the software blades and deploy a secure service. Overall, it provides ease of deployment and ease of use.

Read full review

SV

Steve Vandegaer

Senior Engineer Security at NTT Security

Sep 6, 2020

The feature I like the most is their central management, the Smart controller which you can use to manage all the firewalls from one location... Being able to access almost everything in one location — manage all your gateways and get all your logs — for me, is the best feature to work with.

Read full review

BF

Senior IT Manager at a mining and metals company with 501-1,000 employees

Oct 9, 2020

The packet inspections have been a strong point. Our identity collectors have also been helpful. In many ways, Check Point has been a step up from our SonicWalls that we had in-house before that. There's a lot of additional flexibility that we didn't have before.

Read full review

Check Point NGFW

Free Report: Check Point NGFW Reviews and More

Learn what your peers think about Check Point NGFW. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.

815,854 professionals have used our research since 2012.

reviewer1425090

Network and Security Specialist at a tech services company with 51-200 employees

Sep 23, 2020

I love the interface of R.80.30. The R.80 interface is very nicely thought out with everything in one place, which makes Check Point easier to use.

Read full review

I.

Ifeanyi Onyiaodike

Network security engineer at Fidelity Bank

Sep 7, 2020

The most valuable feature for us is the VSX, the virtualization.

Read full review

AS

Technical Support Engineer at AlgoSec

Sep 6, 2020

The Anti-Spoofing has the ability to monitor the interfaces. Suppose any spoofed IP addresses are coming from an external interface, it won't allow them. It will drop that traffic. You have two options with the Anti-Spoofing: prevent or detect. If any kind of spoof traffic is coming through the external interface, we can prevent that.

Read full review

Director at Trend Micro

Jun 5, 2024

The solution's technical support is fine.

Read full review

reviewer1098015

Network Security Engineer/Architect at a tech services company with 1,001-5,000 employees

Sep 9, 2020

The most valuable features are the security blades and the ease of managing the policies, searching log for events, and correlating them.

Read full review

Network & Systems Administrator I at Department of Mental Health

Sep 2, 2020

The simplicity of the access control is the most valuable feature for us. It gives us the ability to easily identify traffic that is either being allowed or denied to our network.

Read full review

KK

Network Associate at a wireless company with 1,001-5,000 employees

Feb 17, 2021

We have between five and ten firewalls on-premises, and if we want to configure or push the same configuration to all of the firewalls, then the centralized management system is very helpful.

Read full review

Show 10 more reviews (out of 300)

Check Point NGFW Cons review quotes

PS

Pushkin Sawhney

Principal Network and Security Consultant at Vodafone

Sep 14, 2020

The area it needs improvement is the SandBlast Agent. It receives a file, or if it detects a Zero-day attack, it takes the file and analyzes it, either on-premise or in the Check Point Cloud, and then it reports back whether the file is secure or non-secure, or is unknown. That particular area definitely needs a bit more improvement, because there is a delay... where it needs improvement is where [SandBlast is] an appliance-based solution rather than a software or cloud-based solution.

Read full review

SV

Steve Vandegaer

Senior Engineer Security at NTT Security

Sep 6, 2020

The biggest improvement they could make is having one software to install on all three levels of their products, so that the SMBs, the normal models, and the chassis would all run the same software. Now, while there is central management, everything that has to be configured on the gateway itself works differently on the three kinds of devices.

Read full review

BF

Senior IT Manager at a mining and metals company with 501-1,000 employees

Oct 9, 2020

The VPN setup could be simplified. We had to engage professional services for that. That's not a problem, but compared to other products we've used, it was a little more complex.

Read full review

Check Point NGFW

Free Report: Check Point NGFW Reviews and More

Learn what your peers think about Check Point NGFW. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.

815,854 professionals have used our research since 2012.

reviewer1425090

Network and Security Specialist at a tech services company with 51-200 employees

Sep 23, 2020

The naming in the inline layers and ordered layers needs improvement. It makes things very complicated. I've seen quite a lot of people saying that. For audit policies, it is okay since it's very simple to see. However, this area is for very large organizations, which have too many policies, and they need to share all these policies. For small to medium-sized businesses, they don't need it. Even if somebody has 500 rules, if they try to use it, it can be very confusing.

Read full review

I.

Ifeanyi Onyiaodike

Network security engineer at Fidelity Bank

Sep 7, 2020

The VPN part was actually one of the most complex parts for us. It was not easy for us to switch from Cisco, because of one particular part of the integration: connecting the Check Point device to an Entrust server. Entrust is a solution that provides two-factor authentication. We got around it by using another server, a solution called RADIUS.

Read full review

AS

Technical Support Engineer at AlgoSec

Sep 6, 2020

For the user or anyone else who is using Check Point, they are more into the GUI stuff. Check Point has its SmartConsole. On the console, you have to log into the MDS or CMS. Then, from there, you have to go onto that particular firewall and put in the changes. If the management console could be integrated onto the GUI itself, that would be one thing that I would recommend.

Read full review

Director at Trend Micro

Jun 5, 2024

If you check each and every point from this part, you will find some flow in an area, or you will discover another flow in another area.

Read full review

reviewer1098015

Network Security Engineer/Architect at a tech services company with 1,001-5,000 employees

Sep 9, 2020

Debugging is very complex when compared to Fortinet, for example. That's the worst thing about Check Point. The deployment of the solution is harder than it is with the competitors. But after you've deployed it, the operation is easy.

Read full review

Network & Systems Administrator I at Department of Mental Health

Sep 2, 2020

I would like there to be a way to run packet captures more easily in the GUI environment. Right now, if we want to read packet captures, we have to do so from the command line.

Read full review

KK

Network Associate at a wireless company with 1,001-5,000 employees

Feb 17, 2021

The level and availability of training should be improved.

Read full review

Show 10 more reviews (out of 304)

Related questions

87

How does Check Point NGFW compare with Fortinet Fortigate?

177

Is Palo Alto Networks NG Firewalls better than Check Point NGFW?

48

Which would you recommend - Azure Firewall or Check Point NGFW?

63

Is Check Point's software compatible with other products?

172

What do you recommend for a corporate firewall implementation?

88

Comparison of Barracuda F800, SonicWall 5600 and Fortinet

809

Sophos XG 210 vs Fortigate FG 100E

240

Which is the best network firewall for a small retailer?

330

When evaluating Firewalls, what aspect do you think is the most important to look for?

49

Cyberoam or Fortinet?