Try our new research platform with insights from 80,000+ expert users
Nagendra Nekkala - PeerSpot reviewer
Senior Manager ICT & Innovations at Bangalore International Airport Limited
Real User
Top 5Leaderboard
A scalable and user-friendly tool that can be customized and deployed easily
Pros and Cons
  • "The product is very user-friendly."
  • "It will be good if the product is rack-mounted."

What is our primary use case?

We use the solution as a perimeter firewall. We also use it for endpoint security and VPN.

What is most valuable?

The product is very user-friendly. The configuration can be managed and customized as required. We can customize the tool for each stakeholder.

What needs improvement?

It will be good if the product is rack-mounted. The product must be updated to protect users from the latest firewall threats.

For how long have I used the solution?

I have been using the solution for almost six years.

Buyer's Guide
Check Point NGFW
December 2024
Learn what your peers think about Check Point NGFW. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
823,875 professionals have used our research since 2012.

What do I think about the stability of the solution?

The tool is very stable.

What do I think about the scalability of the solution?

The tool is easily scalable. Almost 2000 people are using the product in my organization.

How are customer service and support?

The support is good.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We also work with other vendors. Check Point is as good as its competitors, but its cost is a bit higher.

How was the initial setup?

The initial setup is very easy. One firewall engineer can deploy the product within a few hours. It is very easy to maintain the tool. We need only one person to maintain it.

What's my experience with pricing, setup cost, and licensing?

The tool is a bit expensive. The product’s operational cost is very high. We pay a yearly licensing fee. We also pay for support.

What other advice do I have?

Check Point is the most user-friendly solution. It can be configured quickly. Overall, I rate the product an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer9814083 - PeerSpot reviewer
Flat Earth Networking, Inc. at Cyber Security Engineer
User
Top 10
Good logging and searchability with useful free trial licenses
Pros and Cons
  • "Being able to search in clear text is simple for the customer and for troubleshooting an environment."
  • "It's too expensive for mid-market companies."

What is our primary use case?

We have multiple customers that use this product.  Integrated logging is the best around.  

It's clear and does the job it's supposed to do.  

We typically install this as the network edges and encourage our customers to have one at each location. Some prefer to backhall the smaller sites to the main branch where it handles all the inspection and rules.  

We also set up multifactor SSL VPN solutions at the main location which allows visibility into remote worker traffic. Overall, it's used mostly by small to medium businesses.

How has it helped my organization?

We have been able to sell this product for a long time as it's highly rated and has a deep feature set. We have probably sold millions of dollars worth of Check Point products over the years.  

When the customer comes to us wanting the most protection we typically suggest Check Point first. Our engineers enjoy being able to quickly deploy a solution and have the familiarity with the product to be able to troubleshoot it quickly once it's deployed. For the most part, we train our customers to be able to manage it themselves.

What is most valuable?

Mostly the logging features of the Check Point NGFW are the most valuable.  Being able to search in clear text is simple for the customer and for troubleshooting an environment. 

I also like that you can get trial licenses for just about every product solution.  This allows us to suggest a feature, implement it, and then show the customer that it has value. We tend to retain the customer on that product for the long term once it has been deployed and they are able to see what it's doing to protect them.

What needs improvement?

The only thing holding it back is the price. It's too expensive for mid-market companies. There are other platforms that have emerged that have a similar feature set, however, are more difficult to deploy. This is really only a problem for the engineers as the customer doesn't care how many hours the engineer has to put in to make it work in their environment. If the Check Point product came in at a lower price point it would make it easier for the customer to see the value in cost, thus making it easier for us to sell.

For how long have I used the solution?

I've used the solution for seven years.

What do I think about the stability of the solution?

It has been the most stable for a long time.  That track record is something that you can show the customer. 

What do I think about the scalability of the solution?

The product is highly scalable especially if you integrate the orchestration solution. 

How are customer service and support?

Support is hit or miss lately. They have lost too many good reps to other companies. 

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We have used other solutions, however, we continue to use Check Point NGFW.

How was the initial setup?

The initial setup is simple once you have the appropriate infrastructure setup.  Once Check Point gets away from the central management solution and allows for on-box management it will make small businesses happier. 

What about the implementation team?

I am part of the vendor team. We do a good job implementing it, although sometimes it takes too much time to deploy a product. 

What was our ROI?

We tell the customer that the ROI is the protection they are receiving and the stability of the product.  

What's my experience with pricing, setup cost, and licensing?

We tell customers truthfully it's the best product, however, it has the highest cost and you'll pay for each license.  

Which other solutions did I evaluate?

We are always evaluating other solutions for our customers. Palo Alto and Fortigate are the top two others at the moment.

What other advice do I have?

They just need to get the pricing down or do a better job of bundling the licensing.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: We are a reseller
PeerSpot user
Buyer's Guide
Check Point NGFW
December 2024
Learn what your peers think about Check Point NGFW. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
823,875 professionals have used our research since 2012.
Hugo Alexis Espinoza Naranjo - PeerSpot reviewer
Perimeter Security Administrator at a security firm with 51-200 employees
Real User
Top 5Leaderboard
A state-of-the-art perimeter firewall with good ROI and helpful management capbilities
Pros and Cons
  • "The characteristics on offer have come to give an added value under a single investment, thus offering many advantages."
  • "The policy installation module should be improved."

What is our primary use case?

In the search to establish the best perimeter security while achieving standards, protection, reduced expenses, and additional benefits, we found this product. It allows us to see a low return on the investment that could be established. We like the Check Point brand, thanks to the characteristic benefits, evolution, and innovation that the brand has. It's allowed us to establish and meet the needs we have.

How has it helped my organization?

The state-of-the-art perimeter firewall we use today has great benefits and an outstanding number of available features put into place. The characteristics on offer have come to give an added value under a single investment, thus offering many advantages. We have achieved and a return on investment and the benefits are consistent with the expectations set in motion. We are managing to correct and protect not only one area, but we are putting into operation additional functions to achieve an appropriate level of security. 

What is most valuable?

We like that we can create different VPN services connected from site to site or remote desktop connections to establish connections from point to site or from site to site, thus giving us a really high capacity to establish and manage simultaneously. This has allowed us to be a little more flexible, giving each of the members of the organization the possibility of working from home and being able to interconnect with the different branches of our central service quickly, safely, and efficiently. 

What needs improvement?

The policy installation module should be improved. It needs to be faster and have a complete interface to manage and apply changes more quickly when creating a policy or wanting to modify an existing one. 

One of the features that has been getting better over time is the way you install and apply your policies. Before, they were very slow. Today, it has improved. That said, it could be a little faster and more efficient and thus achieve a fast, light, and efficient installation in the services that are being configured instantly when they are applied.

For how long have I used the solution?

I've used the solution for one year.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer1895619 - PeerSpot reviewer
Information Technology Security Specialist at AKBANK TAS
User
A good firewall with useful app and URL filtering
Pros and Cons
  • "The fact that these can be separated and made in different layers provides excellent convenience for the administrators who regulate the rules."
  • "When you want to open the gateway by double-clicking on the interface, sometimes it can cause silly problems such as freezing."

What is our primary use case?

The product is basically for completing a firewall task. On top of that, the aim is to find a comprehensive solution with the innovations from next-gen. We made an isolated zone in a small part of the company. Here, we aimed to provide basic security features with few security devices. In this context, we ran the Check Point appliance by opening almost all the blades on it. The Check Point software architecture was able to provide quite good results because it ran on its own OS. It's pretty good as a VM. At a point where we wanted to isolate VM devices, we provided a solution with a VM series of Check Point.

How has it helped my organization?

It has similar features to other competitors in standard sizes, so it's not a subject where it differs much. It provides us with a layer of security as a firewall. With the new blades that are opened as an extra, it can provide solutions that are needed today, such as IPS and URL filtering. 

You can do app and URL filtering through a separate policy layer. The fact that these can be separated and made in different layers provides excellent convenience for the administrators who regulate the rules. In object searches, object explorer is very easy and fast.

What is most valuable?

In my company, there have between ten and 15 firewalls on-premises, and if I want to configure or push the same configuration to all of the firewalls, then the centralized management system is easy and very helpful. 

It is difficult to convey the end-user experience. However, in general, administrators can get used to the interface and start working quickly. Especially after Revision 81.10, I can say that everything became more stable and faster in terms of management. It should be said that it does quite well on the DDOS side.

What needs improvement?

There are parts that are still on the SmartDashboard screen and that condemn you to use it, which should be removed and moved to the SamartConsole interface, which is the main screen. 

In addition, when you want to open the gateway by double-clicking on the interface, sometimes it can cause silly problems such as freezing. To fix these problems, Check Point needs to get rid of the SmartDashboard screen completely. Also, there is a need for performance improvements in the interface so that when the data and rulesets are large, there is a need for performance improvements in the next versions.

For how long have I used the solution?

I've used the solution for about six years.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Adhi Wahyu - PeerSpot reviewer
Network Engineer at RSUP Dr. Sardjito
Real User
Top 10
Excellent antivirus, antibot, and intrusion prevention systems
Pros and Cons
  • "We can manage which users have access to certain websites."
  • "The product could provide an easier user interface and management, by combining all functions (network and policy configuration) into one single application rather than split it into different applications."

What is our primary use case?

We use the NGFW to give security and protection to our local network and internet user from internet threats like viruses, worms, bots, and intrusion. 

We also use it to control the internet URLs accessed by the user. We subscribe to two internet service providers with total bandwidth available of 450 Mbps and we have more than 700 internet users connected. 

Check Point's firewall does a good job of protecting the user from malicious threats. It is able to run smoothly without being a bottleneck in the network. 

How has it helped my organization?

Check Point NGFW helps us to secure our user's computer and our server and therefore helps us to maintain business operations. It has important features like an intrusion prevention system, anti-virus, and anti-bot capabilities. 

It also helps us manage bandwidth efficiently by managing what website is allowed to access by users. 

We're limiting user access to websites with high bandwidth demand like video streaming and social media, of forbidden websites like adult websites. 

We can manage which users have access to certain websites.

What is most valuable?

The antivirus, antibot, and intrusion prevention systems are great. It's very important due to the fact that to prevent is better than to recover. The features play a critical role in preventing any security incidents from happening and minimalizing them before they become bigger problems. 

Its URL filtering feature is great. We can manage which users are allowed access to which websites at a certain time. We can also manage which application is allowed and forbidden for the users. 

Check Point has a vast list of applications it is able to manage - from torrents to games, social media, etc. 

What needs improvement?

The product could provide an easier user interface and management, by combining all functions (network and policy configuration) into one single application rather than splitting it into different applications. 

Users will also really appreciate it if Check Point provides a free management and logfile analysis module. In the existing setup, a user must pay an extra subscription fee to have access to the firewall management module. It makes the user without a subscription unable to fully gain insight from the firewall log file so they are unable to fully utilize the device

For how long have I used the solution?

I've used the solution for four years.

What do I think about the stability of the solution?

It's stable. The system runs with minimal problems. I said minimal because yes there were problems. In 4 years using checkpoint, we have maybe 2 major problem. One was hardware modul failure, that replaced as soon as possible by support team, and the other was software/configuration problem, that get solved also with the help of support team

What do I think about the scalability of the solution?

It has the ability to scale depending on the product model.

How are customer service and support?

They provide good support, depending on your troubles. For more complicated requests, maybe you will have to pay.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

Check Point is the company's first NGFW.

How was the initial setup?

The initial setup is simple, however, customizing it could be complex.

What about the implementation team?

We implemented the solution through a vendor team. The score I'd give for their expertise is seven out of ten.

What's my experience with pricing, setup cost, and licensing?

if you pay for the setup cost, make sure you get it set up exactly as you need it to be.

Which other solutions did I evaluate?

We looked into Sophos, Sangfor, and Palo Alto.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer1717920 - PeerSpot reviewer
Cyber Security Consultant at Capgemini
Real User
Easy to use and very complete with competitive pricing
Pros and Cons
  • "While not being cheap, their pricing models are competitive."
  • "There is no clear way to report incorrect classification to support and a business is neither happy nor forgiving when they cannot receive mail from a crucial business partner."

What is our primary use case?

It's a unified policy table that combines threat prevention and segmentation policies. 

Smart Event allows consolidated event management and exporting features is very useful when we need to deal in reports, since, for some time now, everyone has been working from home and on the firewall from Check Point. 

This function is implemented very conveniently and securely. The VPN over this firewall works as well as a standard VPN device. All in all, I'm delighted with their security solution. It is making configuring numerous layers of security policies easy to use and it always has been one of the things I liked most about their firewall solution.

How has it helped my organization?

Check Point firewalls are one of the most easy-to-use complete firewall solutions on the market. They protect our LANs against intruders, offer VPN for site-to-site connections, and haven't had a major issue in about 15 years. 

While not being cheap, their pricing models are competitive. 

A better approach to security focuses on prevention, blocking malware and other threats was difficult before they entered the network. By blocking the infection of “patient zero,” an NGFW with real-time prevention eliminates risk, damage, and cost to the organization.

What is most valuable?

It provides an SSL inspection facility. The SSL/TLS protocol improves the privacy and security of traffic by wrapping network communications in a layer of encryption and applying robust authentication. While this is a major benefit for data security, cyber threat actors also use SSL/TLS to conceal their activities on the network. An NGFW must go beyond signature-based detection to use technologies capable of detecting and remediating novel and zero-day threats.  

Sandboxing (including static, dynamic, and behavioral analysis) is great.

What needs improvement?

It's nearly impossible to add an exception for threat prevention services - like antivirus and anti-bot. You will be stuck with Indicators of Compromise marked as detect only, caching issues, and random effects. 

There is no clear way to report incorrect classification to support and a business is neither happy nor forgiving when they cannot receive mail from a crucial business partner. 

The KBs article should also be improved as all the global KB articles do not provide all the activity steps related to every issue.

For how long have I used the solution?

I have been using this product for the last five years.

Which solution did I use previously and why did I switch?

I have not used any other product.

What's my experience with pricing, setup cost, and licensing?

The setup is very easy with minimal cost for licensing as well.

Which other solutions did I evaluate?

I have not used any other product.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer1724520 - PeerSpot reviewer
System Engineer at Infosys
Vendor
User-friendly with a great Smart Console and easy management capabilities
Pros and Cons
  • "Everything is easily managed through their Smart Console dashboard. It's a very easy-to-understand dashboard that provides a detailed view."
  • "While not being cheap, their pricing models are competitive. In the pricing structure, however, they need improvement."

What is our primary use case?

The Check Point firewall is a reliable perimeter security product. Check Point gives me access to explore various security features in a single box (loaded with all features that an organization needs most). 

I can say I have been using it for one year and getting a grip on it and I will always try to implement it wherever it is required. 

When it comes to Check Point, there are great security features and a marvelous inbuilt design that caters to handling all threats, including zero-day attacks and perimeter security. I really like the user-friendly interface of the Smart Console dashboard and the maximum security is integrated.

How has it helped my organization?

The intruder blocking real-time is a great feature that does not even require policy installation or committing to something. This feature enables real-time attack mitigation along with full security access which helps our organization to improve its security factors. 

IPS detection is a big plus for me since it deeply scans the packet. 

URL fileting along with application control gives me the access to manage the least privilege to maximum rights on a single click.

What is most valuable?

The product provides multiple security layers that build upon each other, from the traditional security policy that is IP and port-based to application security, intrusion prevention, and their latest sandblast cloud-based malware detection. 

Everything is easily managed through their Smart Console dashboard. It's a very easy-to-understand dashboard that provides a detailed view. Check Point helps to resolve a lot of problems, such as showing our organization all known threats. 

It is easy to deploy and manage. 

The product offers a simple Web User Interface.

What needs improvement?

While not being cheap, their pricing models are competitive. In the pricing structure, however, they need improvement. 

I would love to see an SSL offloading feature that is not there right now. I am following many forums related to Check Point and it seems like they are going to launch it very soon. SSL Offloading will be very helpful for NBFC and for financial institutes.'

The Check Point NGFW OS is a historically grown OS. It has been on the market for a long time and has many releases. It is a very complex system. All features are done in software - no extra hardware chips are installed.

For how long have I used the solution?

I have been using this solution for almost a year.

What do I think about the stability of the solution?

This solution is one of the best solutions in terms of stability.

What do I think about the scalability of the solution?

It is highly scalable.

Which solution did I use previously and why did I switch?

I have been using this solution from the start as it was recommended by my organization.

What's my experience with pricing, setup cost, and licensing?

The pricing is a little bit high, although I have no issue with the licensing or setup. It is easy to use.

Which other solutions did I evaluate?

I have stuck to this solution as I read reviews before and it was all positive in regards to Check Point NGFW. I did not use a different solution.

Which deployment model are you using for this solution?

On-premises

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer1694958 - PeerSpot reviewer
Service Manager Datacenter LAN at a manufacturing company with 10,001+ employees
User
Great Anti-Bot and application control features but administration of routing should be on the central dashboard
Pros and Cons
  • "The QoS blade is very good for controlling traffic such as Windows patches, mail traffic and other stuff."
  • "The client for the central tools is very big - maybe using web access in future releases, similar to other vendors should be possible."

What is our primary use case?

We primarily use the solution for central administration and management of a lot of locations worldwide. That's the main task for this solution for our Central IT Team. Central logging and troubleshooting are 2nd level topics that are great to handle with the SmartDashboard and other tools.

We started in the past with base features and checked the NGFW features. Application Control gives us the option to permit applications and not just some IP address lists. Before we had so much manual work for dealing with firewall rules.

For some topics, we've given the Service Desk permissions and it's working great.

How has it helped my organization?

We have so many standalone firewalls. The central management of Check Point with different sessions/permissions is great. We can administrate all topics smoothly. The Application Control brings us to the next level of controlling cloud apps and other stuff.

Anti-Bot and the IPS are good features to check/defend our servers and company. We can prevent servers easily for vulnerabilities from/to the public internet and we can see what traffic/actions is active on our lines. 

Our Security Operation Center is very happy about the solutions too due to the fact that they have so much transparency.

What is most valuable?

QoS, Anti-Bot, IPS, and Application Control are the main features we're using.

The QoS blade is very good for controlling traffic such as Windows patches, mail traffic and other stuff. In the past, sometimes we had no control and couldn't help when too much traffic had occurred.

Anti-Bot is great at preventing our clients and corporate network from calling the central control.

IPS is good in protecting our systems in DMZ zones when patching of servers sometimes can't be done.

Application control for controlling Cloud Apps like MS Teams, M365 Apps, or others, is perfect. Previously, we had only IP Lists for stuff like this.

What needs improvement?

Administration of the routing and system settings should be moved to the central dashboard. It's not good to go to all GAIA Interfaces to change settings there.

The client for the central tools is very big - maybe using web access in future releases, similar to other vendors should be possible.

The firmware for the Check Point Firewalls is very big. It takes a long time when we are using small lines for data transfers. Other vendors have updates lower than 100MB. For Check Point often we need a minimum of 2GB.

For how long have I used the solution?

I've used the solution for nine years.

What do I think about the scalability of the solution?

The scalability is great.

Which solution did I use previously and why did I switch?

We previously used Watchguard. It was not so good with different vendors for some features.

Which deployment model are you using for this solution?

Private Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Check Point NGFW Report and get advice and tips from experienced pros sharing their opinions.
Updated: December 2024
Buyer's Guide
Download our free Check Point NGFW Report and get advice and tips from experienced pros sharing their opinions.