Try our new research platform with insights from 80,000+ expert users
reviewer1643319 - PeerSpot reviewer
IT Manager at a transportation company with 501-1,000 employees
User
Easy to set up, stable, and offers excellent technical support
Pros and Cons
  • "The packet inspections have been a strong point."
  • "I would like there to be a way to run packets that capture more easily in the GUI environment. Right now, if we want to read packet captures, we have to do so from the command line."

What is our primary use case?

It's our main firewall and the first line of protection from outside attacks. We use it to interconnect our remote locations (that use different vendors and equipment) and let the employees work remotely. We're a small site with 300 users and this equipment is more than enough for us. We use almost all the blades and the equipment has run smoothly for years. This NGFW monitors all the traffic outside of the main network, prevents malicious activities, and lets us easily manage network policies to shape our connections.

How has it helped my organization?

We have a lot of flexibility now, and a leg up identifying zero-day threats. We have multiple ways of doing policies now that we didn't have before. The options are more robust than previous products and I would say that we're pleased with the product. The reports I'm getting are that we're satisfied, even impressed, with the options Check Point offers.

There is a scope of improvement in detecting zero-day threats using the SandBlast technology, by introducing emulation of Linux-based operating systems. We have also observed issues while using the products with SSL decryption. There is room for improvement in application-based filtering, as with other firewalls available in the market today. Check Point has improved its application filtering capabilities in the recent past and their latest version, R80, is more capable but still, creating an application-based filter policy is a little cumbersome.

What is most valuable?

It's a NGFW with all of the capabilities required to protect for next-generation attacks at the perimeter level. The module or Security features that are provided as part of the base license with Check Point include (VPN, IPS, Application Control, and Content Awareness) which itself is strong enough to protect the organization.

The packet inspections have been a strong point. Our identity collectors have also been helpful. In many ways, Check Point has been a step up from the SonicWall that we had in-house before that. There's a lot of additional flexibility that we didn't have before.

What needs improvement?

I would like there to be a way to run packets that capture more easily in the GUI environment. Right now, if we want to read packet captures, we have to do so from the command line.

The biggest improvement they could make is having one software to install on all three levels of their products, so that the SMBs, the normal models, and the chassis would all run the same software. Now, while there is central management, everything that has to be configured on the gateway itself works differently on the three kinds of devices.

Buyer's Guide
Check Point NGFW
April 2025
Learn what your peers think about Check Point NGFW. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
848,989 professionals have used our research since 2012.

For how long have I used the solution?

I started using the solution 3 months ago.

What do I think about the stability of the solution?

The web interface was easy for me. The configuration is logical, so it's easy to use and easy to understand how to protect, how to open a port, how to manage, and how to route a device. That's why I prefer Check Point. It's robust and I never have issues with the hardware.

What do I think about the scalability of the solution?

The scalability is quite good. You can scale well across locations for not too much cost. If a company needs to expand, it can do so relatively easily.

Also, cost-wise, it's very affordable to scale up. It's not expensive to add hardware and licenses as needed. They make upgrading very cheap.

We have 200 people on the solution. That said, they are using it with an IPsec tunnel. They don't use all of the capabilities of the hardware. They are using it just to encrypt tunneling between the sites.

How are customer service and support?

Technical support has been excellent

Which solution did I use previously and why did I switch?

Yes, we were previously using SonicWall but security is less robust in comparison to Check Point.

How was the initial setup?

The initial setup is very easy.

What about the implementation team?

We implemented it through a vendor called S G Informatics India Pvt Ltd.

The level of expertise I would rate at 10 out of 10.

What's my experience with pricing, setup cost, and licensing?

I would recommend going into Check Point solutions. Although Check Point has the option of implementing your firewall on a server, I would advise implementing it on a perimeter device because servers have latency. It's best to deploy it on a dedicated device. Carry out a survey to find out if the device can handle the kind of workload you need to put through it. Also, make it a redundant solution, apart from the Management Server, which can be just one device. Although I should note that, up until now, we have not had anything like that ourselves.

Which other solutions did I evaluate?

We have looked into Sophos.

What other advice do I have?

The most valuable features are the security blades and the ease of managing the policies, searching logs for events, and correlating them.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer1625355 - PeerSpot reviewer
Project Manager at a financial services firm with 10,001+ employees
User
Good centralized management and VSX with great scalability potential
Pros and Cons
  • "There is a lot of legacy traffic from other vendors that has been migrated to Check Point which has resulted in a lot of stability in our environment."
  • "The product or services can be improved from the cost and the pricing perspective."

What is our primary use case?

The next-generation firewalls are used on the perimeter within a couple of data centers. There are lots of firewalls and we are trying to consolidate everything in the final solution. The MDS and VSX are real solutions that are easing the consolidation across different domains to make management easier. It also improves the overall solution from the operations perspective where BAU teams can leverage different Check Point product lines, like Smart Log, to support customers on a daily basis.

How has it helped my organization?

There is a lot of legacy traffic from other vendors that has been migrated to Check Point which has resulted in a lot of stability in our environment. Moreover, consolidation happening across different legacy environments is being enhanced by the usage of MDS and VSX solutions offered by Check Point. This is making things easier from both a migration and implementation perspective. It offers easy management architecture, and, with Smart Log, makes life easier for the operations engineers and different teams working with Check Point products.

What is most valuable?

The most valuable feature of Check Point is the Centralized Management (MDS) and Virtualization (VSX) for the firewalls. Using these features provides enhanced security with reduced cost across different domains and tenants with complete segregation from the policies database and a user traffic perspective. Using these features is proving to be scalable as things are virtualized and the resources can be increased or decreased as per the demand or usage from a project perspective.

What needs improvement?

The product or services can be improved from the cost and the pricing perspective. There are a lot of other competitors in the market providing similar solutions with more low-cost options. There is no doubt that the great three-tier architecture of Check Point is great, however, when the cost is considered, it proves to be a bit expensive as compared to other products in the market. Also, the licensing and maintenance costs are quite high. Maintaining these solutions proves to be a bit costly to organizations from a day-to-day perspective.

For how long have I used the solution?

I've used the solution for five years.

What do I think about the stability of the solution?

The stability is excellent.

What do I think about the scalability of the solution?

The scalability is really good.

How are customer service and technical support?

We are satisfied with the level of support.

Which solution did I use previously and why did I switch?

Yes, we have used a different solution previously and have switched because of the great performance that Check Point offers.

How was the initial setup?

The initial setup is pretty straightforward.

What about the implementation team?

Yes, and we had a good experience.

What was our ROI?

The ROI meets our expectations.

What's my experience with pricing, setup cost, and licensing?

The cost is quite high for Check Point products.

Which other solutions did I evaluate?

Yes, however, I prefer not to say which.

What other advice do I have?

Overall, the solution and product line are good but more competitive pricing can be offered.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer:
PeerSpot user
Buyer's Guide
Check Point NGFW
April 2025
Learn what your peers think about Check Point NGFW. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
848,989 professionals have used our research since 2012.
it_user1535559 - PeerSpot reviewer
Network Administrator at Aguascalientes
User
Helpful support, easy centralized management, package inspection facilitates malicious traffic discovery
Pros and Cons
  • "Within the organization, the inspection of packages has given us great help in detecting traffic that may be a threat to the institution."
  • "The equipment is complex, so you need guidance from specialized people or those who constantly work with Check Point. Better forums and information manuals could be provided so that users from different institutions can have more access to the information."

What is our primary use case?

We support various clients in the government sector in Mexico. We provide different solutions in terms of network security, data security, and perimeter security. The NGFM Firewall is available locally and different offices and/or institutions of the government sector pass through a more secure and controlled infrastructure.

This type of infrastructure has different zones or areas that are managed and keeping them centralized has helped us to maintain and control them. In addition, we are generating fast and safe solutions for our users on each site.

How has it helped my organization?

Check Point has provided us with an easier way to control all of the access traffic for more than 50 segments that we have within the organization. In addition, we have been able to maintain stricter control of the users and/or equipment that are had in all the institutions that make up the government sector of the entity.

Check Point technology has allowed us to keep the organization and distribution of the network in order within the institution. In addition, the VPN service we have has worked correctly for users who want to work remotely from their homes, which was of great help during the pandemic.

What is most valuable?

Within the organization, the inspection of packages has given us great help in detecting traffic that may be a threat to the institution.

The configuration of policies has allowed us to maintain control of access and users for each institution that is incorporated into our headquarters. It is well organized.

Some other of the services that have worked well for us are antivirus, anti-bot, and URL filtering. Together, these have allowed us to maintain control and organization amongst the users.

Another one of the pluses that have helped us a lot has been the IPsec VPN, especially in these times of pandemic.

What needs improvement?

Using the tool is somewhat complex when teaching new staff, although after practice it is quite easy to get used to this technology.

One of the improvements that could be included is to have a help menu to obtain advice or help for the different options that are presented in the application.

The equipment is complex, so you need guidance from specialized people or those who constantly work with Check Point. Better forums and information manuals could be provided so that users from different institutions can have more access to the information.

For how long have I used the solution?

The company has been using the Check Point NGFW for more than four years.

What do I think about the stability of the solution?

Compared to other networking equipment I have used, I would say that Check Point's NGFW is just as stable. We rarely have problems, and they can all be properly fixed without affecting productive or critical network elements.

What do I think about the scalability of the solution?

There are currently more than 5,000 users within government facilities in Mexico. This team has provided us with the necessary resources to provide services to users in record time.

With the teams that we currently have, we have not considered increasing the number of technicians. If the need should arise then Check Point is still a very good option.

How are customer service and technical support?

Technical support has been available when we have problems, and they are always there to help us get back up and running as quickly as possible. In addition, the equipment is kept up-to-date with the latest versions, or alternatively, those recommended by the provider.

Which solution did I use previously and why did I switch?

This solution was deployed before I entered this governmental organization. What I have heard is that prior to this, the security and segmentation control was not ideal and they wanted to improve it. With the implementation of Check Point, great improvements have been provided to the infrastructure, maintaining order within the organization.

How was the initial setup?

When I entered the company, the equipment was already installed. With the passage of time, some configurations have been improved and some extra services have also been achieved for mobile users.

What about the implementation team?

It was implemented through a provider that has been guiding us towards the correct use of the equipment and the best practices to keep it updated. The service has been excellent, both in common day-to-day ticketing situations, including the most serious incidents.

What was our ROI?

It has been well worth the investment, as the Check Point technology is there to help when we need it.

What's my experience with pricing, setup cost, and licensing?

One of the main reasons that Check Point is used is that it helps us to administer security at a reasonable price. This is naturally in addition to meeting the expectations of the institution.

An annual technical support fee is paid to maintain the equipment with the most updated licenses and versions and thus avoid vulnerabilities

Which other solutions did I evaluate?

Check Point is the option that has always been considered for its good firewall organization, which allows us to have excellent security.

What other advice do I have?

My advice is to always have a supplier with whom you can resolve doubts or more specific technical questions. Since the equipment requires many very technical parameters, it is helpful to have a person who understands and uses this technology correctly.

Which deployment model are you using for this solution?

On-premises

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: My company has a business relationship with this vendor other than being a customer:
PeerSpot user
Sreegith Sreedharan Nair - PeerSpot reviewer
Senior Network Engineer at LTI - Larsen & Toubro Infotech
Real User
Centralized management, good VPN functionality, provides valuable insights into our traffic
Pros and Cons
  • "The SmartView monitor and SmartReporter help us to monitor and report on traffic."
  • "Integration with a third-party authentication mechanism is tricky and needs to be planned well."

What is our primary use case?

We have deployed Check Point firewalls for perimeter security and also for filtering East-West traffic. 

Check Point helps in improving perimeter security along with giving insights into different kinds of traffic and attacks.

Isolation between different tiers of APPs is critical for us and Check Point is utilized for handling high traffic volumes of East-West traffic.

We are leveraging the VPN module on the perimeter firewall for users to access the VPNs. VPN authentication is integrated with RSA for multi-factor authentication.

How has it helped my organization?

We have reduced the number of firewalls using the VSX cluster from Check Point. This reduced management overhead to a great extent. Also, the stability of clustered firewall helps us in meeting SLAs with clients.

Check Point firewalls can be tuned for one-off cases like allowing out-of-sync packets for a source-destination pair, which is a feature that helped us tackle application issues. 

We have deployed VPN firewalls in multiple data centers, which help with load sharing and redundancy for the VPN traffic.

Managing all of our user VPNs, customer VPNs, and Cloud VPN tunnels' endpoint encryption from a single management portal is helping us.

What is most valuable?

VSX helps to reduce the physical footprint on datacenter racks.

The SmartView monitor and SmartReporter help us to monitor and report on traffic.

Centralized management and management high availability give the ability to manage firewalls in a DR scenario. 

Features such as the ability to simultaneously edit the rule base by multiple admins and revert to a previous rule base revision are very useful.

Having a separate appliance for logging helps us in meeting the security audit requirements, without having an overhead on management.

What needs improvement?

Configurations can be complex in some situations and need experienced engineers for managing the solution.

Integration with a third-party authentication mechanism is tricky and needs to be planned well.

SmartView monitor can be enhanced to display granular details of gateways with a single click. Also, having the ability to generate alerts from the Smart Monitor would be a nice feature.

For how long have I used the solution?

We have been using Check Point firewalls for the last eight years.

How are customer service and technical support?

Support might take a long time to resolve issues in rare scenarios.

What other advice do I have?

My advice for anybody who is implementing this solution is to always keep an identical configuration, even interface statuses, in a VSX cluster before an upgrade to minimize upgrade failures.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
IT cloud network engineer - PeerSpot reviewer
Junior Network Specialist - Cloud Operations Engineer at a computer software company with 5,001-10,000 employees
Real User
VPN is easy to configure while the CLI allows us to automate things
Pros and Cons
  • "One of the most valuable features is the data center object integration with Azure. We are using Azure a lot and there is very nice synchronization between the objects in Azure, and it's very easy to implement rules using this feature."
  • "The NAT services part needs improvement. It's not sophisticated. It needs functions like range assignment for NATing. The way you assign a list of IPs for NATing is too simple. It just allows you to use pools."

What is our primary use case?

We use them to protect our edge infrastructure and for interconnecting our sites using the VPN.

What is most valuable?

One of the most valuable features is the data center object integration with Azure. We are using Azure a lot and there is very nice synchronization between the objects in Azure, and it's very easy to implement rules using this feature.

Other valuable features include: 

  • the VPN — it's quite easy to configure it and it provides us with an easy way to interconnect our sites.
  • the CLI, for automating things
  • it is very easy to manage, to make backups, and to configure
  • the support and the graphical user interface.

What needs improvement?

The NAT services part needs improvement. It's not sophisticated. It needs functions like range assignment for NATing. The way you assign a list of IPs for NATing is too simple. It just allows you to use pools.

There could also be improvement to the automation. They should provide a tool for creating and maintaining rules.

For how long have I used the solution?

I have been using Check Point firewalls for more than five years.

What do I think about the stability of the solution?

The stability is an eight out of 10 because we have had some problems with URL filtering, with the domain filtering in particular. When the domain is under a CDN, it sometimes gives us problems because there is more than one IP for each domain.

We have also had problems with data center objects or Azure objects where we have created a rule and the rule stops working. We opened a case with Check Point and they answered us. We installed fixes and it looks like it's working now.

What do I think about the scalability of the solution?

The scalability is quite nice at the firewall level. It gives us the possibility of implementing clusters and high-availability.

We are also working on an Azure implementation and it looks good. We have not yet deployed to the Azure Check Point implementation, but it promises a lot.

We have about 200 employees and, on the administrative side, there are 12 to 15 people working with the Check Point solution. They are mostly networking infra engineers. We are using about 40 percent of the firewall capacity. We don't currently have plans to increase capacity.

How are customer service and technical support?

We are satisfied with the support. When we have a problem, it's very easy to contact the support center and they give a fast response. I would give their support a nine out of 10.

Which solution did I use previously and why did I switch?

I have worked with the Cisco ASA firewalls and with firewalls from manufacturers like MikroTik.

What was our ROI?

It's hard to measure ROI, but our sense of security, as a company, is good with Check Point.

What's my experience with pricing, setup cost, and licensing?

In terms of quality versus price, Check Point is very balanced.

What other advice do I have?

The biggest lesson I have learned from using Check Point firewalls is that if you know how to work with Linux, you will be able to manage almost all the features.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Network Security Consultant at a energy/utilities company with 5,001-10,000 employees
Consultant
High-capability devices help us to integrate with cloud infrastructure and internet applications
Pros and Cons
  • "It also gives us a single console for everything. Rather than having one device for URL filtering and a different device as a firewall, this gives us everything in one place."
  • "It would help if they were easier to deploy, without needing more technical people. It would be nice if we could just give basic information, how to connect, and that would be all, while the rest of the setup could be done remotely."

What is our primary use case?

We work with these firewalls for overall security, including content filtering.

How has it helped my organization?

High-capacity and high-capability devices help us to integrate with the cloud infrastructure as well as internet applications.

What is most valuable?

The most valuable feature is the URL filtering. 

It also gives us a single console for everything. Rather than having one device for URL filtering and a different device as a firewall, this gives us everything in one place.

What needs improvement?

It would help if they were easier to deploy, without needing more technical people. It would be nice if we could just give basic information, how to connect, and that would be all, while the rest of the setup could be done remotely.

For how long have I used the solution?

I have been using Check Point NGFWs for six years.

What do I think about the stability of the solution?

They're pretty stable. I don't see any issues there.

What do I think about the scalability of the solution?

Scalability means upgrading to newer, better hardware.

From an end-user perspective, everyone in our organization is using it, as it's a perimeter device. If they have to access the internet, they use this firewall to allow that access. We have about 4,000 end-users and about 200,000 concurrent connections.

How are customer service and technical support?

Check Point's technical support is a seven out of 10. Sometimes it takes a lot of time to get the right people on TAC issues. And to buy time, they just use generic questions, which is really time-consuming and doesn't relate to the problem at all.

Which solution did I use previously and why did I switch?

For the infrastructure in question, we have always used Check Point firewalls.

I have worked with Cisco ASA. Cisco is more CLI oriented, whereas Check Point is more GUI oriented. With the GUI, it's easier to manage and administrate it. If the configuration becomes bigger and bigger, it is really easy to see things in the GUI versus a CLI.

The advantage of the CLI is that you can create scripts and execute them. But the disadvantage is that they become so lengthy that it becomes very difficult to manage.

How was the initial setup?

The initial setup is straightforward because it's a GUI interface. Even when it was upgraded, things didn't change in terms of the look and feel. It was still the same. There was no need to learn new things. It's easy for any administrator to learn new features.

On average, deployment takes one to two hours, including mounting and everything, from the physical work to moving the traffic there.

The issue is that we still need people to be onsite to do this because some tasks have to be done on the day. That means a technical person is required to do that work. We can't give it to any other person to do this because, until those particular steps are completed, things can't go any further.

We have six people, network admins, for deployment and maintenance because we have about 30 of firewalls.

What about the implementation team?

We do it ourselves.

What was our ROI?

When we first started using them, we were just using them for basic functionality. Then we started using more features and introducing other components. For example, we had a different proxy server which we depended on. Once we got the Check Point, we could use the same device for multiple roles, which reduced the cost a lot. I would estimate our costs have been reduced by 30 percent.

What's my experience with pricing, setup cost, and licensing?

If you use the features then it's cost-effective. Otherwise, it's expensive.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
reviewer1412340 - PeerSpot reviewer
IT Specialist at a tech services company with 10,001+ employees
Real User
Protects our environment with security checks against vulnerabilities
Pros and Cons
  • "We like the centralized management for configuring multiple firewalls. It also gives us the Antivirus, threat prevention, and vulnerability tests. These four features protect the environment with security checks. Vulnerability tests allow us to configure changes that can protect the environment."
  • "The Antivirus feature is something that could be improved. We don't get much from the Antivirus update in comparison to their competitor's firewalls. It needs to be more advanced because Check Point is nowadays sent all over the world. Therefore, the Antivirus feature should be of very good quality and cover all virus checks. I would also like the Antivirus updates to be more frequent."

What is our primary use case?

We use it to provide security to our environment from the outside world. We are using it to provide security against vulnerabilities using threat prevention, Antivirus, and IPS.

How has it helped my organization?

In advance, we get security vulnerabilities. So, we can configure new security policies, update our antivirus, or check the configuration to protect the environment.

What is most valuable?

We like the centralized management for configuring multiple firewalls. It also gives us the Antivirus, threat prevention, and vulnerability tests. These four features protect the environment with security checks. Vulnerability tests allow us to configure changes that can protect the environment.

What needs improvement?

The Antivirus feature is something that could be improved. We don't get much from the Antivirus update in comparison to their competitor's firewalls. It needs to be more advanced because Check Point is nowadays sent all over the world. Therefore, the Antivirus feature should be of very good quality and cover all virus checks. I would also like the Antivirus updates to be more frequent.

For how long have I used the solution?

I have been working with it for the last seven years.

What do I think about the stability of the solution?

It is a very stable firewall. The updates that we get from this Check Point Firewall are also very stable. 

What do I think about the scalability of the solution?

The scalability is good.

There are more than 10,000 users. The Check Point Firewall is deployed through the company.

How are customer service and technical support?

All their technical people are very solid in their knowledge.

Which solution did I use previously and why did I switch?

I have used Cisco ASA and FTD. We switched from Cisco ASA to Check Point because there were no antivirus, vulnerabilities, or security prevention features. Check Point has more advance features, which are easier to use, than Cisco.

We also had to install IPS devices with Cisco.

How was the initial setup?

The initial setup was straightforward. It was not too difficult to deploy the Check Point firewall. Deployment takes between 12 to 15 months.

We have done a cloud-based deployment throughout our network.

What about the implementation team?

We did the deployment ourselves. We have onsite specialists who have done many deployments.

20 people take care of the deployment and troubleshooting of this firewall.

What was our ROI?

There is a money saving because we no longer require other devices, like an IPS, a separate antivirus, or vulnerability tests. We get all the devices within a single tool. Before, we would have different teams taking care of different devices. Now, we take care of only one device, which is another source of savings. We have saved a lot of money with this solution.

What's my experience with pricing, setup cost, and licensing?

The prices are good for its features. The benefit of its license is we get timely security prevention updates. The price is good for the technology that we get.

What other advice do I have?

This is a good solution. I would recommend to take advantage of as many features as you can. It has many features, and to protect security, you should use all the best features that you can.

As soon as the company will grow, we will definitely increase our usage of the firewall. We have already increased our usage due to employees working from home.

The biggest lesson that I learned is we can use the features of a firewall security to protect our environment. Also, rather than deploying multiple firewalls, we can configure a centralized management system, and this saves time.

I would rate this solution an eight out of 10.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
DouglasSantos - PeerSpot reviewer
Junior Cyber Security Analyst | CCSE | CCSA | CC at Security4IT
Real User
Top 10
Good support, threat extraction, and analysis
Pros and Cons
  • "I haven't had any data leaks or vulnerability situations."
  • "It could be easier to manage the licenses on blades and contracts."

What is our primary use case?

I usually apply Check Point to protect my customer's environment as a main solution boundary gateway, DMZ gateway, LAN gateway, or VPN site-to-site with other Check Point appliances and other vendors. I do a Harmony Endpoint full integration. I use other tools such as threat prevention blades (like IPS and IDS), anti-virus, anti-bot, anti-malware, and the Sandblast solution.

How has it helped my organization?

I haven't had any data leaks or vulnerability situations. The NGFW has been working as it should! It's performing well and offers great security for me and my customers by protecting the environment. Administrators can easily follow and monitor security events, or the health status of the environment or appliance using Smarteview, SmartEvent, and the monitoring blade. We can look at CPU usage, disk space, and traffic and can see user history in real-time. 

What is most valuable?

The threat extraction is the most valuable aspect. It protects the final user and prevents them from falling into the trap of infected files. When a file needs to be downloaded by a machine user, this solution analyzes the file at the same time to send to the user a clean version of this file. If not infected, the real version is available. The threat emulation can scan the computer applications searching for malicious activities and block them according to policy.

What needs improvement?

It could be easier to manage the licenses on blades and contracts. If you have a large environment it will take too much time for your team to verify if all the licenses and contracts are correct and work well. Although it is possible to manage licenses using SmartUpate and SmartConsole, if there are issues, you can only fix them using an expert shell. Simplifying the process would help simplify the daily tasks of administrators.  

For how long have I used the solution?

I've been using the solution for two years.

How are customer service and support?

Technical support works well.

How would you rate customer service and support?

Positive

What's my experience with pricing, setup cost, and licensing?

NGFW is not a cheap solution, however, it does guarantee security. If the goal is to protect assets, using NGFW by Check Point helps immensely.

Which other solutions did I evaluate?

I use this in my company environment. I did not evaluate other options. 

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: I am security analyst and support my company environment and customer environment. I work with this solution daily.
PeerSpot user
Buyer's Guide
Download our free Check Point NGFW Report and get advice and tips from experienced pros sharing their opinions.
Updated: April 2025
Buyer's Guide
Download our free Check Point NGFW Report and get advice and tips from experienced pros sharing their opinions.