Check Point NGFW Reviews

We use this firewall to protect the internal network and to set up the IPSec standard from one location to another.

One of the benefits that we have realized from using this product is that the user interface makes it easier to operate, compared to using the CLI.  In Check Point 5.0, we bought the option, giving us the ability to use the GUI as well as the CLI. A person who is comfortable with the UI can work with it according to different scenarios.

The most valuable feature is the set of encryption options that are available.

Viewing the logs in the interface is easy to do, which is one of the things that I like.

This is a UI-based firewall that is easy to use.

The antivirus feature is a little bit weak and should be improved. The updates are not as regular when compared to other firewalls, such as Palo Alto.

The training materials and certification process should be improved. For example, the certificates are more expensive and there's no good training available on the internet right now.

I have been using Check Point NGFW for approximately seven years, since 2014.

The stability of this firewall is good and we haven't had any problems. It is a well-known, quality brand.

There are no issues with extendability or scalability. Over the course of a year, we added another firewall, bringing us from one to two deployments, and the process was not tough. We were easily able to manage it.

We have approximately 12 people who work with this firewall during different shifts.

I have been in contact with technical support many times, and they are good. Most of the time, they solve the problem as soon as possible, and they give a perfect solution.

Currently, we are using firewalls from different vendors, including Palo Alto and Cisco. Our Cisco ASA solution is completely CLI-based and Palo Alto is like Check Point with an interface that is a mix of UI and CLI-based.

Both Palo Alto and Cisco ASA have very good tutorials available on the internet, including videos on YouTube and courses on Udemy.

On the other hand, Cisco ASA is more difficult to use because there is no UI and for a person who does not have any knowledge of the networking commands, they have to learn them.

The first phase of the implementation is to plan the firewall deployment. After that, we do the configuration and validate it. In the case of a Check Point firewall, this process will take between two and three months to complete.

The complexity of the process depends on the features that you want to add. In general, it is straightforward and not too complex.

I was not present when the first firewall was set up, although I was presented for the deployment of new ones. Whenever there is a new firewall deployment, I am involved. We have between four and five network engineers who take care of this part.

There is no maintenance required from our side. When we have a hardware issue then we contact technical support to get it sorted out.

We have seen ROI; for the purpose that we have deployed this firewall, we are getting returns. Based on this, we are buying more Check Point firewalls.

The price of Check Point is lower than Palo Alto but higher than Cisco ASA. For us, the price for licensing is fine, we have no issue with it, and feel that the cost is justified.

There are no costs in addition to the standard licensing fees.

My advice for anybody who is implementing Check Point NGFW is that if they get stuck, then visit the technical support section of the website and read the articles that are available. I have learned many things from the tech articles, and it's a good website if you want to learn about it in-depth.

One of the things that I learned is that Check Point firewalls also use Linux commands. After working with Check Point, I improved my Linux skills, which is a good thing for me.

I would rate this solution a nine out of ten.

I use Check Point NGFW in my role as an Information Technology Security Engineer. We have implemented it for our customers and use it ourselves.

Fortinet is easier to set up due to its understandable interface and ability to connect to the CLI directly from the web interface without needing an external SSH client.

Check Point NGFW should improve its user interface to make it more user-friendly and intuitive. Additionally, the issue with link selection on VPNs needs to be addressed.

I have been familiar with Check Point NGFW for around two years.

Overall, I am satisfied with the stability of Check Point NGFW.

I am satisfied with the scalability of Check Point NGFW.

We have an engineer who is certified to work with Check Point, and I am satisfied with their technical support.

We have an engineer who is certified to work with Check Point.

I am not dealing with the pricing of Check Point products since I am a technician, not a seller or buyer.

I proposed Check Point, Fortinet, and Juniper to our customers. Fortinet is popular for its ease of use and cost-effectiveness.

I would recommend Check Point NGFW even if the customer doesn't have a Check Point infrastructure.

I'd rate the solution nine out of the ten.

The primary use case is to enhance security by safeguarding the internet connection for both servers and users.

Its greatest asset lies in its user-friendly interface, making it exceptionally suitable and reliable for managing gateways.

When it comes to Check Point's small business gateway series, there might be a need for hardware upgrades, as configuring them can sometimes be a bit challenging.

I have been working with it for two years.

I would rate its stability capabilities eight out of ten.

I would rate its scalability abilities eight out of ten.

Seeking solutions from them can be quite challenging and often takes a while, which then impacts our workload. I would rate it seven out of ten.

Neutral

I have some experience with Juniper, WatchGuard, Cisco, and Fortinet.

The initial setup is relatively complex.

Deployment duration varies based on the customer's specific conditions. On average, an installation might take around twenty minutes.

The best solutions tend to come with a higher price tag. If something is inexpensive, it often implies a compromise in quality. The solution is indeed costly. I would rate it eight out of ten.

Overall, I would rate it eight out of ten.

I use the solution in my company since the solution serves as a firewall and functions on a DMZ network while also providing public-facing services. I serve my company's customers as a firewall administrator.

My company's customers have benefited from the solution's performance, especially when dealing with a huge amount of traffic. Check Point is a well-known name in the security industry that opts for functionalities like signature-based detection and beyond.

The most valuable feature of the solution is the Quantum Intrusion Prevention System (IPS). I also like the solution's functionality, like autonomous threat prevention.

The complexity involved in the solution's initial setup phase and deployment process is an area of concern where improvement is required.

I have been using Check Point NGFW for two years. I work as the solution's integrator. Speaking about the version, I use Check Point Quantum 6400 Next Generation Firewalls.

So far, I haven't faced any issues related to the solution's stability.

Scalability-wise, I rate the solution a nine out of ten.

If I take into consideration my company's customers who use the solution, then I would have to say that there are around 300 to 400 users.

I have availed the services provided by the solution's technical support. My company engages with the solution's local partner to avail the services provided by Check Point's technical support team.

Compared to Palo Alto and Fortinet, Check Point provides good internal performance, especially for big-scale enterprises and entities, making it a tool that is not just suitable for SMEs or mid-sized companies. Check Point is, however, pricier than other solutions.

The initial setup of Check Point NGFW is quite complex. When it comes to the product's setup phase, the engineer should understand the product, and instead of understanding the firewall, it is important to know how to manage or be an admin.

The solution is deployed on an on-premises model.

The solution's deployment is complex.

My company's customers have seen a return on investment from the use of Check Point NGFW.

I rate the pricing of Check Point NGFW a five on a scale of one to ten, where one is high price, and ten is low price.

I take care of the solution's maintenance part, and I feel that it is a straightforward process.

Check Point NGFW is good for big companies.

I rate the overall solution an eight out of ten.

We use Check Point as well as Cisco. The firewall is used in order to continue filtering with VMware VMotion on different data centers. 

We have several data centers that are stretched. Our Check Point firewalls are used to filter north/south traffic.

With BGP on Gaia, when one of the clusters is unreacheable, the traffic is rerouted to another cluster. 

We also use VSX which is really a very good product for macrosegmentation.

The management of the firewall and advanced routing is great. It's easy to use and troubleshoot.

We need east/west Check Point firewalls in order to do micro-segmentation. A good solution for us is a solution that can be installed on différent systems (Linux, Windows K8S, bare metal, etc.) and can have centralized management.

Troubleshooting is also a big feature that will be necessary in this use case. 

I've used the solution for many years.

We also looked at Ciscos ASA and Fortigate.

We currently use Check Point's firewall for our data center. We use Check Point firewall for providing the first layer of security to web application servers and intranet servers. It is robust and easy to upgrade, which makes it less stressful for the administrators. Its failover clustering option also works seamlessly.

The Check Point firewall is used to secure our environments. It also allows us to set up tunnels between our various sites.

We use it for the publication of services, as well as a notification system that reports on user behavior and unusual traffic - both within and outside of the network. 

Over the years, we have experienced various types of attacks on our company, and, without the help of the Next Generation CheckPoint Firewall, we would have lost.

The spoofing feature helps us to prevent various attacks in our organization.

The firewall policy designing and implementation allow for inline policies that make for clearer teaching on the correct use of policies as well as a more readable list. We can also run policies with two or more people simultaneously without problems or the risk of developing the wrong policy.

The initial sizing is not a problem. You can easily add more resources if needed. Reliability is a major factor in any hardware or software solution, and Check Point uses cutting-edge hardware. Their software upgrade process is flexible for different deployment requirements. 

Their threat analysis reporting in their management console is comprehensive and easy to use. The web-based dashboard is well designed and offers a wide variety of out-of-the-box reporting. It offers admins extensive customization.

The list of site-to-site VPN configuration options is long. They can become confusing and communication with other vendors when deploying VPNs is not the strongest. It's totally different from any other VPN vendor I've encountered.

It lists the current threats identified on the appliance's front page. It would be easier to find information by clicking on the threat and clicking the exact logs, rather than all host logs.

The smart console is heavy. It would be better if it was like the web-based consoles that Palo Alto and Fortigate FW offer.

I've been using the solution for more than a year.

I use the solution for VPN mostly, for the IDS and prevention and detection. I use it for security exploits, like HTTPS exploits.

I also use Check Point NGFW as a federation. I use it to connect to my other sites. We have five of them, mostly in cities where we need a high bandwidth.

I use it as well as a VM. We use it a lot because we have all fiber optic connections, so we could use almost all of that. The federation is beautiful because I can transfer all traffic to my main site where I can use just one link to the internet, and I can use it as a proxy as well. It is good to keep control and security.

In terms of what could be improved, we have a cluster with two nodes and usually we have some problems when process gets really high and it has to choose which services it keeps going. I would like to have a better solution here, like if instead of just one we could use both at the same time. It would be good if it could work together. Then when one has a failure or something like that, the other one is there to transfer, to take all the services and keep working. They have an integration between the nodes but I would like to use both of them working together. In the solution they could both be active, instead of active and passive. I would like them to add backup features to Check Point Firewall.

Many companies are going to the cloud. In future releases, it would be nice to have a cloud integration so we could work in a hybrid form for some years, like some services in the cloud and others on-premises. So it would be nice to have some features in this sense.

I've been using Check Point NGFW since 2018. For two years now.

It is stable.

I couldn't tell you about the scalability. I don't know. I know that we can use a federation, but I think it is scalable because we can buy additional licenses. As I mentioned, right now we have five working together, but we can buy until 50 or a 100, so I guess that it is scalable because you can keep increasing.

The initial setup is hard. We came from another Cisco solution and even then it is hard, especially talking about the traffic. So we had to inspect the traffic and sometimes we had to do a lot of configurations. It would be nice if it was easier.

It took about three months to deploy.

It would be nice if it was easier to set up and to maintain.

Right now we keep a contract with a company in Brazil, so we hardly talk to Check Point itself and we don't like it very much. In most cases we have to search and look into the database to really find the solution, so it could be better.

I'd say that Check Point NGFW is a good product but it's hard to set up and keep it going, so we had to invest in some training and we have to keep at least two employees just to keep it working.

On a scale of one to ten, I would give Check Point NGFW an eight.

We deploy solutions for customers. We don't engage in buying. 

We are both consultants and implementers.

We have not had any issues with the firewall.

Support is good and it's centralized architecture.

We are also working on load balancers. We don't have the option to work more with load balancers, we would like to see what else can come out of this in terms of security.

Technical support and scalability both require improvement.

I have been working with Check Point NGFW for the last ten years.

Check Point can scale but at times we have experienced some issues.

Palo Alto is better compared to Check Point. I would rate Palo Alto as superior support to Fortinet or Check Point.

We used to work with Fortinet for approximately five years, and the Palo Alto Appliances was some time back.

I believe the Palo Alto support is excellent, and it has more features than Fortinet. Many businesses, in my opinion, are choosing Palo Alto.

Palo Alto support is very good.

Fortinet's main issue is the support. We can't take it to the enterprise level because the Fortinet support is not very good.

Check Point has previously held a large market share, but perhaps not recently. I think that the price point in India is a bit different. Check Point offers options. I don't see that Check Point is very high, but it is geared more towards enterprises.

We have evaluated Palo Alto Networks VM-Series to see what was available, and recently, I researched the Azure VM series to know how it worked.

I'm leaning toward the now cloud. The appliance base has now been removed. We are now concentrating our efforts on the Azure Cloud, AWS, and other similar platforms. I believe that people must mature in order to work on it. That's where things stand. As a result, we must learn how this is implemented on cloud platforms.

I would rate Check Point a seven out of ten but NGFW a six out of ten.