We primarily use the product to block traffic at the application layer, limiting access to YouTube and social media during busy periods while allowing it during lunchtime or office hours.
IT SecOps Manager at a tech services company with 11-50 employees
Reliable product with good technical support services
Pros and Cons
- "The product's primary benefits include effective intrusion blocking and improved network management."
- "I recommend developing a management console that can more efficiently handle multiple Check Point devices, as we have multiple appliances across different sites."
What is our primary use case?
What is most valuable?
The product's primary benefits include effective intrusion blocking and improved network management.
I appreciate the support provided as well. It is highly reliable and has a prompt response time.
What needs improvement?
The system's operation could be enhanced. I recommend developing a management console that can more efficiently handle multiple Check Point devices, as we have multiple appliances across different sites.
For how long have I used the solution?
We have been using Check Point NGFW since 2016 for approximately eight years.
Buyer's Guide
Check Point NGFW
April 2025

Learn what your peers think about Check Point NGFW. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
848,989 professionals have used our research since 2012.
What do I think about the stability of the solution?
There are occasional issues, but they are typically resolved with subsequent updates. I rate the stability a six out of ten.
What do I think about the scalability of the solution?
We have three sites where we use Check Point NGFW. The first site has about 1000 users, the second site has between 800 and 900 users, and the third site has approximately 100 to 200 users.
I rate the product scalability as two out of ten. Improvement is needed as it could be more convergent, particularly for on-premises solutions.
Which solution did I use previously and why did I switch?
We are currently using Check Point, Palo Alto, and Cisco.
Check Point's advantages include its lower cost than Palo Alto. However, it requires maintenance of many parts, as it is only partially GUI-based. In contrast, Palo Alto is mostly GUI-based, simplifying operations for our IT security team.
How was the initial setup?
The setup process was straightforward. Some aspects in terms of maintenance are easier due to the GUI-based interface.
What about the implementation team?
We took help from a consultant for implementation.
What other advice do I have?
I recommend Check Point Firewalls. It is a solid product with reliable support and frequent updates.
I rate it an eight.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Aug 3, 2024
Flag as inappropriate
Senior Network Security Engineer at a consultancy with 10,001+ employees
Granular with good visibility but needs better training options
Pros and Cons
- "It is easy to administrate and maintain."
- "There needs to be advanced troubleshooting."
What is our primary use case?
I've been dealing with the Check Point environment for over eight years, ever since SPLAT, the R75 versions, and mainly with a multi-domain management (former Provider1) set-up. I also use the Smart Management Server, with a standalone/distributed deployment.
I'm currently engaged in the design, implementation, and maintenance of a large-scale Check Point firewall environment (~100 GWs).
Presently, the customer is using Check Point for perimeter security, IPS, threat prevention, encrypted traffic, as well as access to the internet, and multi-domain server architecture.
How has it helped my organization?
The Check Point solution has improved the way the customer organization functions.
People are working within the organization all over the world, across NALA, APAC, and EMEA regions. Having Check Point as a security vendor made it easy to assure people they could access the resources everywhere, from offices, homes, and across the globe, especially during the pandemic, safely.
One of the last implemented projects was replacing an obsolete Client Auth solution with Identity Awareness, including integration to AVD.
What is most valuable?
The solution plays an important role in preventing security incidents from happening and preventing malicious attempts to infiltrate into the organization while quickly adapting and reacting to any attempts. For example, it protected us against Log4J vulnerability a few months ago.
It is easy to administrate and maintain.
The product is very granular in the Logs & Monitor section and also intuitive to use.
It offers good control and visibility over users' identities and actions.
It provides central policy management, which is easy to manage and maintain.
The product offers great performance tuning features like SecureXL, CoreXL, HyperThreading, and Multi-Queue.
What needs improvement?
The study material and training need to be improved and become more accessible to security engineers working with Check Point.
Needs serious skills for advanced troubleshooting. The configuration might get a little bit too complex for regular engineers, compared with easy administration.
We've encountered a few limitations when trying to accomplish simple tasks required by customers. For example, changing a domain name inside an MDS environment or missing a function in the database which removes the domain object completely from the database.
There are plenty of bugs that are not documented, or with too generic error messages.
For how long have I used the solution?
I've used the solution for eight years.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Check Point NGFW
April 2025

Learn what your peers think about Check Point NGFW. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
848,989 professionals have used our research since 2012.
Cybersecurity Architect at MORO
Good support, centrally managed, and easy activation of blades
Pros and Cons
- "The product offers a robust and intuitive experience, catering to the essential needs of users."
- "There needs to be a Mac version of the Smart Console."
What is our primary use case?
We use the solution as a perimeter and OT demarcation firewall. As we are a large utility company with a distributed network, Check Point plays a vital role in terms of network segmentation. Specifically, we need identity-aware authentication to give us the best VPN compared to other players in the market.
Centralized management is a major plus of Check Point, which provides us with a better user experience.
We use it to safeguard our office network on a routine basis. These firewalls protect against external threats, manage VPN access for remote users, and address various security scenarios.
Our primary focus involves malware prevention, intrusion detection, and ensuring robust security measures to shield our office network from potential cyber threats originating from the internet. It serves as a traditional yet effective security system, providing comprehensive protection against hackers and potential risks associated with internet usage.
How has it helped my organization?
Check Point has a Purpose fit solution for our environment A lot of things need to be improved in Check Point NGFW.
For example, their support team isn't very efficient and useful. The solution itself isn't easy to learn, making it hard for support to provide solutions. The design makes it so pockets (specific teams) have to work together when there's an issue, which creates a mess. Also, Check Point lacks competitive capabilities like SD-WAN and CGM app integration.
Visibility needs improvement. For example, Fortinet shows all connected devices with IP addresses, MAC addresses, and sometimes usernames. More granular detail is crucial for security.
Support efficiency, visibility, and adding competitive capabilities are key areas for improvement.
What is most valuable?
The product offers a robust and intuitive experience, catering to the essential needs of users.
The Cleanup Rule's ability to discard unwanted traffic and the inclusion of default Autonomous Threat Prevention Profiles does simplify security measures; we're able to cater to various deployment scenarios.
I was impressed by how easy it was to activate blades and implement them on a security gateway.
The Smart Console's efficient user interface ensures that the changes to the policy are swiftly made. We're also able to maintain proper audit logs.
What needs improvement?
The solution requires improvements in the following areas:
- Having the Zone Alarm and the standalone endpoint VPN become compatible products.
- Having Smart Console in-place upgrades with IP/fingerprint retention
- A Mac version of the Smart Console.
- Streamlining of the endpoint solution and deployment options.
For how long have I used the solution?
I've used the solution for ten years.
How are customer service and support?
Technical support is excellent.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup was straightforward.
What about the implementation team?
We implemented the solution through a vendor. They offered excellent support.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Cyber Security Engineer at DeliverICT
Good functionality and access control policies while helping limit access to third parties
Pros and Cons
- "Its management web interface is very easy and user-friendly."
- "Finding support is a little bit hard."
What is our primary use case?
We are resellers, and our customers need a robust and well-performing NGFW. The Check Point NGFW tool was acquired since they needed collaborators to have secure access to the company's resources and applications. This tool provides us with the alerts and corrections that must be made when finding a security breach in their environment.
Check Point NGFW also provides a great capacity of features and helps us apply them to the organization. It has web filtering limited to third parties and SSL encryption. The application's administration is very simple and centralized since it helps them a lot in reporting and generating alerts.
How has it helped my organization?
The organization needed a tool that would provide various security functionalities in the organization, and so far, Check Point NGFW has helped them a lot.
It has helped the company by applying access control policies and limiting access to third parties and only those who must enter the organization to use resources and applications.
The application behaved very well with the current resources in the company network; it helped us to prevent several security holes found with web filtering and internal DDoS attacks.
Check Point NGFW can quickly identify where the attacks are coming from, provide detailed and complete information on the attacks, and provide zero-day attacks in real-time.
What is most valuable?
One of the valuable characteristics of Check Point NGFW is that it presents very centralized management. Due to this, their security throughout and outside of the organization has improved.
Many collaborators work from their homes or different places and help them filter and limit access to packet inspection with flexibility and speed that was not previously possible.
The records that it shows and generates (depending on its configuration) make everything very visible to be able to adjust and correct in time. When superiors ask for administrative information, it provides great value.
Its management web interface is very easy and user-friendly.
What needs improvement?
The tool provides what is expected in its security functionality. However, some points must be improved, such as the latency in the GUI entry. It takes a while to register and allow access to the administrative panel.
Customer service should be improved, both in the administrative and technical fields. Support cases have been generated several times, and it takes time to resolve the case. Finding support is a little bit hard. This needs to be improved.
For how long have I used the solution?
I've used the solution for one and a half years.
Disclosure: My company has a business relationship with this vendor other than being a customer: My company is partnered with checkpoint as a reseller.
Cyber Security Consultant at Wirespeed
Good security intelligence, which helps detect threats but room for improvement in stability
Pros and Cons
- "I like the GUI."
- "A lot of things need to be improved in Check Point NGFW. One, their support team isn't very efficient and useful."
What is our primary use case?
For Check Point, the main cases are just perimeter security, network security, basically detecting threats on the network, antivirus, application control, visibility, login, and data threat prevention.
What is most valuable?
I like the GUI. In terms of functionality, it used to be the detection capability. Check Point has good security intelligence, which helps detect threats. They have the historical background to do that. But now, Fortinet is a bit better.
What needs improvement?
A lot of things need to be improved in Check Point NGFW. One, their support team isn't very efficient and useful.
The solution itself isn't easy to learn, making it hard for support to provide solutions. The design makes it so pockets (specific teams) have to work together when there's an issue, which creates a mess.
Also, Check Point lacks competitive capabilities like SD-WAN and CGM app integration. And visibility needs improvement. For example, Fortinet shows all connected devices with IP addresses, MAC addresses, and sometimes usernames. More granular detail is crucial for security.
So support efficiency, visibility, and adding competitive capabilities are key areas for improvement.
For how long have I used the solution?
I have been with Check Point for a very long time. So, it has been almost six years.
What do I think about the stability of the solution?
I would rate the stability a six out of ten. There is room for improvement here.
What do I think about the scalability of the solution?
I would rate the scalability a seven out of ten. My customers are mostly medium-sized businesses, but my clientele also includes enterprises.
How are customer service and support?
There is room for improvement in the customer service and support.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
I'm heavily biased towards Fortinet. Check Point is a direct competitor, so from my experience, it's a decent firewall. There are strong points and weak points, but Fortinet is superior for various reasons.
How was the initial setup?
The initial setup is really straightforward. The GUI is very good. However, the issue I have is with the stability. In terms of simplicity, I don't consider Check Point to be a straightforward solution. Another point to mention is my experience in planning within customer environments. The outcomes are not always as expected.
For instance, when setting up Check Point firewall and flat policies, the policies didn't take effect immediately. There was a situation where the policies took effect after about two hours. Such instances were mind-boggling. Regarding VPN issues, when implementing IP protection between Check Point and other vendors, remote access can be challenging.
In Nigeria, it's predominantly on-premises. Many organizations are moving towards cloud, but many others use a hybrid approach, both on-premises and in the cloud.
A few are using Check Point in the cloud, but most test with Fortinet due to easier integration with public cloud providers like Microsoft. Public cloud vendors also have their own firewalls, like Microsoft and AWS. In terms of adoption, Check Point is behind in cloud adoption in Nigeria.
What about the implementation team?
Overall, the process is very fast and depends on the type of deployment. For example, replacing a Cisco firewall with Check Point requires converting policies, which can take quite a while, depending on the size of the policy base. In my personal experience, setting up Check Point was very quick.
What's my experience with pricing, setup cost, and licensing?
It's reasonably priced, but competitors offer much cheaper options. It's market-related, so the pricing makes sense for what Check Point offers.
What other advice do I have?
My recommendation is to consider Fortinet as an alternative. Overall, I'd rate it a seven out of ten. There's room for improvement, especially since Check Point doesn't seem too focused on our region.
In Nigeria, procuring the firewall and bundled services like technical account management and professional services can be challenging. The service delivery is not as efficient as one would expect, which wouldn't be the case for a European customer.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer:
Software Developer at The Digital Library
Comprehensive protection against network threats, malware, and phishing
Pros and Cons
- "It provides end-to-end resolution."
- "The source package is a bit more expensive than its competitors."
What is our primary use case?
We use the solution for full-scale integration and end-to-end management at the organization. The Check Point NGFW implementation took place quite smoothly.
Check Point NGFW is the best in terms of comprehensive protection against network threats and security against malware and phishing attacks. It smoothly restricts these via anti-phishing algorithms.
Check Point NGFW source package covers all the bases - application control, NAT, DLP, routing, content awareness, VPN, desktop security, and much more.
It is scalable, provides end-to-end resolution and customized productive services like providing a complete solution for perimeter protection that
blocks the traffic based on an IP address or on applications
and content. This makes Check Point NGFW highly promising and makes it a complete solution.
How has it helped my organization?
Check Point NGFW is the best in terms of comprehensive protection against network threats, malware, and phishing and smoothly restricts these via anti-phishing algorithms.
The source package covers all the bases - application control, NAT, DLP, routing, content awareness, VPN, desktop security, et cetera.
It provides end-to-end resolution. It is a customized productive service and a complete solution for perimeter protection that blocks traffic based on IPs, applications, and content.
What is most valuable?
The most valuable services it provides are end-to-end resolution and perimeter protection; It blocks traffic based on IP address, applications, and content.
Check Point NGFW is best in terms of comprehensive protection against network threats, malware, and phishing. It has great anti-phishing algorithms.
What needs improvement?
They could improve by lowering prices. The source package is a bit more expensive than its competitors.
We've had some downtime issues.
It could be more generalized and user-friendly in terms of its support portal for raising tickets. Ads management should all just be on a single click.
Overall Check Point NGFW is highly scalable and provides end-to-end resolution and a wide range of customized productive services with a huge community and team behind it.
For how long have I used the solution?
I've used the solution for about 1.5 years or so.
Which solution did I use previously and why did I switch?
I hadn't gone through any such solution earlier. I just tried in-built system solutions.
What's my experience with pricing, setup cost, and licensing?
Check Point NGFW integration is quite smooth in terms of licensing. They are a bit more expensive, yet they are overall a strong product and a must-have for professionals.
Which other solutions did I evaluate?
No, I did not go through software review websites for recommendations and software services outlooks.
What other advice do I have?
Check Point NGFW is highly scalable. It has a wide range of customized productive services with a huge community and team behind its technology.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Project Management and Deployment Team Leader at Sefisa
Great security features with helpful support and useful integration capabilities
Pros and Cons
- "In addition to the different security features that Check Point security solutions have, their integration with other technologies makes the security environment a complete security type."
- "Check Point could do better to include acceleration technologies like SD-WAN in an integrated or embedded way to provide these new features that Check Point never had and is of great importance in the market."
What is our primary use case?
We have a very robust implementation of firewalls for a central site, a contingency site, and five agencies, all connected by MPLS. In each perimeter firewall, we apply the security features of FW, IPS, AV, and AB. Additionally, we have a VPN concentrator for VPN S2S and C2S.
How has it helped my organization?
Over time, Check Point's solutions have had fewer security breaches than their competitors, which is why they remain in high categories and quadrants, as they are a very robust technology. As pioneers in information security, Check Point has been innovating year after year in information security.
Since we implemented this architecture in our client, we have not had any security breach exploited and the organization maintains communication with its different sites through MPLS and VPN to secure and encrypt the traffic that passes through said connection.
What is most valuable?
In addition to the different security features that Check Point security solutions have, their integration with other technologies makes the security environment a complete security type.
Apart from the technological and innovative solution, a point in favor of Check Point is the support provided by the manufacturer, since over time, we have not had any case that is not resolved, they have a good escalation process and highly qualified staff.
The process of opening a case has different options that are convenient.
What needs improvement?
Check Point could do better to include acceleration technologies like SD-WAN in an integrated or embedded way to provide these new features that Check Point never had and is of great importance in the market.
Its competitors have this SD-WAN technology, if it were not for the fact that Check Point has been more stable historically, this value would weigh negatively for Check Point when choosing a solution.
If Check Point includes this feature, they will be able to cover those architectures where traffic between sites must be protected and accelerated.
For how long have I used the solution?
I have been using Check Point for ten years. It is a very mature and robust technology. R81 is a very stable version and always has great security features.
How are customer service and support?
I consider that they have good support engineers at each level of escalation, according to the criticality of the issue.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I do use other technologies, however, Check Point is historically more stable for me, as they have had fewer exploitable security breaches.
What's my experience with pricing, setup cost, and licensing?
Check Point has a good cost-benefit ratio.
Which other solutions did I evaluate?
We also evaluated Fortinet, Palo Alto, and Watchguard.
Which deployment model are you using for this solution?
Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior Solution Architect at a comms service provider with 51-200 employees
Effective central management, excellent technical support, and reliable
Pros and Cons
- "The most valuable feature of Check Point NGFW is the unparalleled distribution of the network traffic. The central management station they have allows you to manage everything from one place."
- "Check Point NGFW could improve by introducing machine learning and more modeling dividing the way they manage the ports. However, they have evolved over the last year."
What is our primary use case?
We use Check Point NGFW as a perimeter firewall.
What is most valuable?
The most valuable feature of Check Point NGFW is the unparalleled distribution of the network traffic. The central management station they have allows you to manage everything from one place.
What needs improvement?
Check Point NGFW could improve by introducing machine learning and more modeling dividing the way they manage the ports. However, they have evolved over the last year.
For how long have I used the solution?
I have been using Check Point NGFW for approximately 15 years.
What do I think about the stability of the solution?
Check Point NGFW is a stable solution. However, similarly to many other solutions, the stability comes from the engineer that deploys it. It requires a knowledgeable engineer to implement it in the correct way. If you undersize it, for example, you can experience instability.
What do I think about the scalability of the solution?
Check Point NGFW is scalable. The hyper-scale platform can scale up or scale-out. You can buy different powers and stack them.
How are customer service and support?
Check Point NGFW has the most mature technical support in the industry.
The Check Point company has been around for approximately 30 years and they have everything well documented, similar to other vendors, such as Juniper and Powervault.
Which solution did I use previously and why did I switch?
I have used other solutions in the past, such as Palo Alto and it has been more expensive.
How was the initial setup?
The implementation of Check Point NGFW difficulty level depends on the environment. For example, from the initial deployment, it can be easy, but you have to keep your teams learning, they have to consider their traffic size and many other factors. However, the configuration can be difficult, you need a lot of knowledge. Integrating Check Point NGFW with different networks requires a lot of knowledge about the infrastructure.
What's my experience with pricing, setup cost, and licensing?
There are competitors that have more expensive solutions than Check Point NGFW, such as Palo Alto. There are times when Check Point NGFW can have good offerings with a three-year license. The presence of Palo Alto has been heavily invested in marketing.
From Check Point's perspective, I am not sure how they compared with other vendors. I'm not heavily involved in the process of the quotations.
Which other solutions did I evaluate?
I have evaluated other solutions.
What other advice do I have?
Check Point NGFW is trying to innovate in the market, but all the other vendors in the market are doing more the same.
I rate Check Point NGFW a nine out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: partner

Buyer's Guide
Download our free Check Point NGFW Report and get advice and tips from experienced pros
sharing their opinions.
Updated: April 2025
Popular Comparisons
Fortinet FortiGate
Netgate pfSense
OPNsense
Sophos XG
Cisco Secure Firewall
Palo Alto Networks NG Firewalls
Azure Firewall
WatchGuard Firebox
SonicWall TZ
Juniper SRX Series Firewall
Fortinet FortiGate-VM
SonicWall NSa
Sophos XGS
Untangle NG Firewall
KerioControl
Buyer's Guide
Download our free Check Point NGFW Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- How does Check Point NGFW compare with Fortinet Fortigate?
- Is Palo Alto Networks NG Firewalls better than Check Point NGFW?
- Which would you recommend - Azure Firewall or Check Point NGFW?
- Is Check Point's software compatible with other products?
- What do you recommend for a corporate firewall implementation?
- Comparison of Barracuda F800, SonicWall 5600 and Fortinet
- Sophos XG 210 vs Fortigate FG 100E
- Which is the best network firewall for a small retailer?
- When evaluating Firewalls, what aspect do you think is the most important to look for?
- Cyberoam or Fortinet?