Try our new research platform with insights from 80,000+ expert users
reviewer1284540 - PeerSpot reviewer
ICT-System-Specialist at a insurance company with 5,001-10,000 employees
Real User
Central logging and management makes us faster and more efficient, but technical support needs improvement
Pros and Cons
  • "With the new SmartTask offered in R80.40, we will be happy to configure some automatic control-functions."
  • "The Check Point support needs a lot of improvement."

What is our primary use case?

We use Checkpoint Firewalls to protect Datacenter VLANs against each other. In addition, we use them to protect our perimeter systems from the internet, and our internal network from the perimeter.

We have virtualized the systems on a VSX-Cluster using VSLS, but the basics are still the same compared to a traditional cluster. VSX gives us a bit more flexibility in the case of load-sharing. Therefore, it’s quite easy to react in the case of heavily used hardware distributing the load by failover or prioritizing VSs onto different nodes.

How has it helped my organization?

The biggest improvement is the central logging and management of all firewalls. Other IT-departments can get log-access and search for their own if there are missing rules or other issues.

Since we use Identity Awareness the solution becomes more flexible, as users no longer need static IPs. Especially for IT-users, who always need more rights, it was a big improvement.

Implementing Wi-Fi makes it nearly impossible to work without Identity Awareness. Unfortunately, we fought with some bugs in the IA-module, but we got them solved.

What is most valuable?

R80 management has improved and made the product more comfortable for IT people to use.

Filtering through rules and finding similar ones to add additional objects becomes much faster.

With an additional hotfix starting from R80.10, we are able to use the management with Ansible. From R80 on, we started creating objects via script or adding them to groups. That makes some parts “automatic”, or at least much faster.

With the new SmartTask offered in R80.40, we will be happy to configure some automatic control-functions.

What needs improvement?

The Check Point support needs a lot of improvement. We spend a lot of time troubleshooting issues ourselves, create good ticket descriptions, and try to explain in detail what has already been tested. Even so, it takes at least three ticket-updates before support really understands the issue. If you manage to reach the third-level support, you are still forced to be really critical of what kind of suggestions Check Point support is offering you. Running debugs on a test environment is quite different than running them in a heavily used production environment.

Buyer's Guide
Check Point NGFW
March 2025
Learn what your peers think about Check Point NGFW. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
842,767 professionals have used our research since 2012.

For how long have I used the solution?

We have been using Check Point firewalls for 16 years.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Support at a security firm with 51-200 employees
User
Nice portal, good security, and great dashboards
Pros and Cons
  • "The solution is easy to administer thanks to its dashboards. The monitoring is really useful."
  • "Currently, some prices are very expensive."

What is our primary use case?

We require local perimeter security in one of our workshops, which is why we require a new-generation firewall solution. The local equipment works for us to be able to provide perimeter security in our workshop.

Thanks to these Check Point Gateway devices and with the integration of many additional security solutions, we have protection against zero-day threats. In addition, we have the possibility of carrying out all the management from the Infinity security portal and can administer all our policies, view logs, and monitor devices, among other tasks.

How has it helped my organization?

Thanks to Check Point, we managed to carry out a better security implementation. By placing one in a workshop, we managed to solve issues with attacks and malware.

The solution is easy to administer thanks to its dashboards. The monitoring is really useful.

What is most valuable?

The most valuable aspects include:

  • Mobile security. Check Point NGFW includes mobile security features that enable you to secure mobile devices and protect against threats such as mobile malware and phishing attacks.
  • Scalability: Check Point NGFW is highly scalable and can support large networks with high traffic volumes. 
  • What needs improvement?

    The best improvements to be considered are:

    • Improvements in the time and attention given to solutions for generated cases.
    • Licensing that is more comfortable and affordable. Currently, some prices are very expensive.
    • In terms of language in the application, they could better facilitate the handling of others.

    For how long have I used the solution?

    This is an excellent product of the new generation, administered in the Infinity Portal. We have used the product for at least two years.

    Which solution did I use previously and why did I switch?

    Previously, we had not carried out verifications of other devices.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Buyer's Guide
    Check Point NGFW
    March 2025
    Learn what your peers think about Check Point NGFW. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
    842,767 professionals have used our research since 2012.
    reviewer1260276 - PeerSpot reviewer
    Technical Engineer - Technical Security at a tech services company with 1,001-5,000 employees
    Reseller
    Great for content filtering and enabling anti-bots and IPS enabled security
    Pros and Cons
    • "The security posture assessment with two-factor authentication has saved more time and commercial costs by avoiding deploying having to deploy another solution."
    • "Initially, we faced a few challenges with firmware. Later this was addressed with jumbo hotfixes."

    What is our primary use case?

    We wanted to deploy a specialized Next-Generation Firewall in our perimeter security.

    The solution addresses the Security requirements at Perimeter Layer including:

    1. Network IPS
    2. Application Control
    3. IPSEC VPN
    4. SSL VPN.
    5. Proxy

    It was required to enable IPSEC VPN between our vendors across the world

    We got positive responses on Check Point Firewalls from our vendors as well.

    Our team addresses the regular audits with a Next-Generation Firewall, starting from configuration and application vulnerabilities to customized reporting.

    How has it helped my organization?

    We have planned to achieve many business use cases including IPS, Network AV, Content Awareness - Data Leakage Prevention, IPSEC VPNs between our peers, SSL VPN with Posture Assessment, and Web Proxy as well.

    This solution addressed most of our needs but required multiple license subscriptions.

    Below are the few Business use cases we achieved through Check Point NGFW:

    1. SSL VPN with Security Posture Assessment
    2. SSL VPN with In-build Multi-Factor Authentication Option (Certificate + User Credentials)
    3. Content Filtering (Identity Awareness and DLP)
    4. Forward Proxy with Web and Application Control
    5. Enabling Anti-Bots and IPS

    What is most valuable?

    The SSL VPN with posture assessment helped us to remove the dedicated Standalone SSL VPN solution which was benefited both commercially and technically.

    Anti-Bots and IPS enabled security on the network traffic.

    Along with VPN and Proxy (Web and application control), we removed another standalone proxy for internal use and extended the content filtering to roaming users as well.

    The security posture assessment with two-factor authentication has saved more time and commercial costs by avoiding deploying having to deploy another solution.

    What needs improvement?

    It took so many weeks to migrate our old firewall to Check Point after we did internal and external assessments on earlier setups and enabled multiple security features.

    We had difficulty configuring the NAT. For example, instead of following A-B-C, we need to do A-C-B

    Initially, we faced a few challenges with firmware. Later this was addressed with jumbo hotfixes.

    We tried to create a single management software to manage the policies, view the logs, have a mobile access VPN, and do reporting.

    Please concentrate on local services enablement for faster resolutions.

    For how long have I used the solution?

    We have been using this solution since July 2020.

    What do I think about the stability of the solution?

    Initially, we faced a few challenges with the firmware. We later addressed this with help of jumbo and custom hotfixes. Later, it performed well.

    What do I think about the scalability of the solution?

    The solution is scalable in terms of enabling the features and deploying management servers.

    How are customer service and support?

    We would recommend they have regular feedback sessions with customers.

    How would you rate customer service and support?

    Neutral

    Which solution did I use previously and why did I switch?

    We used another firewall that enables basic security features with lot of limitations.

    How was the initial setup?

    We found the setup difficult in the earlier stages as our team used to work with another CLI-based solution.

    What about the implementation team?

    Our In-house team handled the implementation. 

    What's my experience with pricing, setup cost, and licensing?

    I'd advise users to validate the licensing model during the pre-evaluation period itself. It took a few days for us to understand DLP and Mobile Access Blades that had to be procured separately along with the NGTP bundle to address our requirements.

    Which other solutions did I evaluate?

    We evaluated Palo Alto and FortiGate.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Firewall Administrator at a tech services company with 1,001-5,000 employees
    Real User
    Centralized management makes it easy to scale and the GUI makes it easy to use
    Pros and Cons
    • "The most valuable feature is the central management system through the Security Management Server. Apart from that, the graphical user interface helps us to do things easily."
    • "The frequency of the antivirus updates which we get for Check Point firewalls should increase. They should be of good quality compared to the competitive firewalls on the market. They should give us stable antivirus signatures. That is an area in which they can improve."

    What is our primary use case?

    We're using Check Point Next Generation Firewalls to secure the internal LAN network from unwanted threats and for protecting the environment for business use.

    What is most valuable?

    The most valuable feature is the central management system through the Security Management Server. Apart from that, the graphical user interface helps us to do things easily.

    What needs improvement?

    The frequency of the antivirus updates which we get for Check Point firewalls should increase. They should be of good quality compared to the competitive firewalls on the market. They should give us stable antivirus signatures. That is an area in which they can improve.

    For how long have I used the solution?

    I have been using Check Point's Next Generation Firewalls for the last three-and-a-half years.

    What do I think about the stability of the solution?

    These firewalls are very stable and, apart from the antivirus issue which I mentioned, everything is stable in them. The best thing is that they are the most advanced firewall on the market.

    What do I think about the scalability of the solution?

    Per my experience, it is very easy to scale these firewalls, because they are combined with the central management point. It is very easy to push the same configuration to different firewalls at the same time. It does not take much time to extend usage.

    We use them throughout our organization. Currently we have used them for around 50 percent of our needs and there is definitely a room to grow. In the future we will definitely try to increase usage, if it is required.

    How are customer service and technical support?

    We have had a good experience with the Check Point support guys. The solutions they provide are very straightforward and are provided quickly.

    Which solution did I use previously and why did I switch?

    I used Palo Alto firewalls. Compared to Palo Alto we are happier with the Check Point Firewall features. Key differences are the ease of operating Check Point firewalls and the use of Linux, as we are all trained in Linux. It is easier for us to work on the ELA of Check Point firewalls. And Check Point's support is good.

    Check Point is the best firewall we have found for our organization so we went with it.

    How was the initial setup?

    In our company we do setup of Check Point firewalls very frequently because we are a growing company and we are required to do them on a fresh basis for our new branches.

    The initial setup for these firewalls is straightforward. There's nothing complex about Check Point firewalls. They are easy to install and configure. We have cloud-based VM firewalls. We configure them in our environment. It is easy to access them and it is also easy to implement the changes on them.

    Deployment time depends on the condition and the space of the organization. In our case, it requires three to six months for the setup phase. We have the same implementation strategy for all our branches, which is very simple. It is a three-level hierarchy which is recommended by Check Point. We use the SmartConsole, we use the Security Gateway, and we use the Security Management Server.

    In my organization there are six people who have the access to the Check Point firewalls. Two of them are network administrators and four are managers.

    What was our ROI?

    We are happy with the return on investment from the Check Point firewalls. We are happy with the features and with the protection they provide us.

    What's my experience with pricing, setup cost, and licensing?

    The licensing part is easy for Check Point firewalls. You just purchase the license and install it on the firewall. The pricing is a bit high, but obviously it gives you advanced features. If you want to buy the best thing on the market, you have to pay extra money.

    What other advice do I have?

    When implementing the product, follow the recommendations which Check Point provides. Follow the backup for the firewall so that in case of an issue, you have a secondary firewall active.

    The biggest lesson I have learned is that there is a scope of improvement. Companies that are improving and providing updates frequently are growing more. In addition, improving support is a very key part of things. Check Point rates well on all these points.

    Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
    PeerSpot user
    it_user1407843 - PeerSpot reviewer
    Solutions Lead at a tech services company with 1,001-5,000 employees
    Reseller
    We are seeing less traffic going to the server, improving server performance
    Pros and Cons
    • "My favorite feature is the UTM piece and that was the main reason we bought it. It helps us to fine tune the network."
    • "When I was creating the VPN on it and the client side through the portal, that feature was very annoying. I could not use it. It was much more usable after downloading it to the laptop. That was very good compared to using it directly from the browser."

    What is our primary use case?

    It's an on-prem deployment where we use it to protect our client and end-users who are working with the internet, and to protect their servers from external access. They have about 100 users and two servers.

    How has it helped my organization?

    When we did not have SSO, we had problems related to attacks compromising our firewall. That has been mitigated. We have the traffic going through the firewall to the server, so those types of things have really improved. We are seeing less traffic going to the server. When there was direct access to it, there was more and more traffic going to our server. So it has improved our server performance.

    What is most valuable?

    My favorite feature is the UTM piece and that was the main reason we bought it. It helps us to fine tune the network. We use it to block certain websites, to block access to particular locations, such as in Singapore or say Malaysia, where we have offices. We keep the previous device updated and, based on that, we also have static MAC address binding.

    We also use the VPN services. The VPN features are mostly for our cloud connectivity and for our remote users to have local server access.

    What needs improvement?

    When I was creating the VPN on it and the client side through the portal, that feature was very annoying. I could not use it. It was much more usable after downloading it to the laptop. That was very good compared to using it directly from the browser.

    For how long have I used the solution?

    I have been using Check Point NGFW for almost two-and-a-half years.

    What do I think about the stability of the solution?

    It's a stable solution. In the time I have been using this product, I have hardly seen anything break.

    What do I think about the scalability of the solution?

    In terms of scalability, they have products that can fit into the environment. It's a very scalable solution. For our requirements, it fits very well. You can go with whatever kind of setup you want: Active-Passive, Active-Active. Check Point is very easy. Their solution is ready for our market; it's very well suited. Wherever we want to go, Check Point can provide a solution.

    Currently, we are using somewhere around 50 to 60 percent of the box's capacity.

    How are customer service and technical support?

    Sometimes, when I have gotten stuck, I have reached out to support and it's okay. They have helped me very quickly.

    Which solution did I use previously and why did I switch?

    We did not have a previous solution. We went directly with Check Point. We liked the features provided by Check Point and we went for it.

    How was the initial setup?

    The setup is not complex. It's easy to deploy. The documentation provided is very good. Deployment takes me two to three days. The hardware takes one-and-a-half days and then I get all the features up and running.

    We have a standard implementation strategy. We have a checklist. We plan it out. Then we go into the field for the deployment. We have one dedicated engineer for deployment, and I also check it on a regular basis. The two of us are also the ones who manage the solution.

    What's my experience with pricing, setup cost, and licensing?

    We have to consider things, cost-wise, when we are expanding into other locations. We don't have the budget to use it in other platforms. We have some servers that we deploy in AWS and other locations. But instead of going with Check Point, we go with other vendors to fit into the budget.

    Check Point is really costly. When it comes to the Indian market, where we are located, we always consider budget solutions. So this is an area where Check Point could use some improvement.

    In addition to the standard fees, support is an added expense.

    What other advice do I have?

    The biggest lesson learned from using this solution is in terms of security. It is a really good product. I don't think there is anything missing from the Check Point firewalls. The features provided by the company are very good and provide what we need.

    It's a very good security product, as long as you have the budget. It provides modern security and the architecture Check Point provides is good. And the application side will really help any size of business to deal with traffic based on the application.

    Which deployment model are you using for this solution?

    On-premises

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Other
    Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer:
    PeerSpot user
    reviewer1855902 - PeerSpot reviewer
    Senior Consultant at Integrity360
    User
    Great Smart View Tracker and smart dashboard with useful upgrade functionality
    Pros and Cons
    • "The Smart Dashboard allows for rule creation and administration and management and is user-friendly."
    • "Error logs can be more specific."

    What is our primary use case?

    We use the solution for network security, perimeter security, DMZ, antibot, antivirus, endpoint protection, email security, sandblast, and DLP. The environment is a multi-environment and consists of multiple networks, segmented and managed by a management server. These firewalls protect the network, external and internal. 

    We are also protecting several customers and it allows remote access connection from anywhere in a secure way.

    There are also site-to-site VPNs with different customers, vendors, and cloud providers, using the highest security encryption algorithms.

    How has it helped my organization?

    The organization is more secure. These firewalls work as expected. We have a perimeter and network segmentation well defined and firewall features and blades like IPS, Identity awareness, antibot, antivirus, threat prevention, endpoint security, and DLP, all allow the organization to have most of the security components centralized which allows for easier maintenance and monitoring. 

    In relation to the monitoring, Check Point has tools that allow the administrator to track the traffic, and identify threats, attacks, and also check the forensics to understand what happened in case of a breach and ensure it won't happen again.

    What is most valuable?

    The most valuable elements include:

    Smart View Tracker: To check the traffic logs easily. This is the best logging tool for me so far. You can identify almost everything from the logs, using a smart view tracker.

    Smart Dashboard: allows for rule creation and administration and management and is user-friendly. The administration allows you to copy and paste rules, move the order, and create objects, pretty easily. It is very handy.

    CPUSE: A Smart way to upgrade firewall software versions. You can easily verify if you can upgrade to the desired version, download the right package and upgrade, and also check the status of the upgrade. It's a great tool.

    What needs improvement?

    Error logs can be more specific. Sometimes the error shows only a general error and the solution could be hard to find or difficult to apply. 

    Documentation can be improved. It has been improved, however, when you search for errors, in relation to documentation and how to solve it, sometimes it is not that simple to find the right solution. Troubleshooting errors could be sometimes difficult and some tools are only available for the Check Point support team. 

    The price is also a factor to take into account. Other competitors offer low prices in relation to Check Point and the executive team may opt for the cheapest vendor (if you have to compare to another good one yet note a cheaper price).

    For how long have I used the solution?

    I've used the solution for ten years.

    What do I think about the scalability of the solution?

    The solution offers good scalability.

    How are customer service and support?

    The solution offers good customer service and good support.

    How would you rate customer service and support?

    Positive

    Which solution did I use previously and why did I switch?

    I have been using Check Point since the beginning.

    How was the initial setup?

    The initial setup is straightforward.

    What about the implementation team?

    We handled the setup in-house.

    What was our ROI?

    The solution is super stable.

    What's my experience with pricing, setup cost, and licensing?

    The pricing could be better, however, the vendor is excellent and I strongly recommend it.

    Which other solutions did I evaluate?

    I did not evaluate other options.

    Which deployment model are you using for this solution?

    Hybrid Cloud
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Security IT Manager at IFAT Group
    Real User
    Great security, a good user interface, and offers good features
    Pros and Cons
    • "The level of security is excellent. It protects our organization well."
    • "Technical support could be improved."

    What is most valuable?

    The user interface is very good.

    The level of security is excellent. It protects our organization well.

    It's a good overall product and we have a high level of satisfaction with the features on offer. 

    What needs improvement?

    Technical support could be improved. It's hit or miss in terms of the level of service and getting the answers you need.

    For how long have I used the solution?

    I've been using the solution for ten years. 

    What do I think about the scalability of the solution?

    We have hundreds of users that use the solution currently within our company.

    How are customer service and technical support?

    We aren't 100% satisfied with technical support. Sometimes you get the help you need and sometimes you don't. Sometimes it's absolutely amazing. Sometimes they're great. However, you can't rely on them being like that all the time. We'd like the service level to be more reliable.

    How was the initial setup?

    I can't speak to the installation process, as it was handled by an outside firm.

    What about the implementation team?

    We had an integrator that assisted us with the implementation. 

    What other advice do I have?

    I'm a customer and an end-user.

    I would recommend the solution to other organizations especially if the company is looking for a certain level of security.

    I'd rate the solution at an eight out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Security product manager at RRC
    Reseller
    An easy-to-use and easy-to-manage protection solution at a reasonable price
    Pros and Cons
    • "It is easy to use, and its management is the best. Check Point has a great unified management solution for firewalls and security products."
    • "Their technical support can be better. In addition, when we need to use it in a government environment, we face a lot of legal issues related to different types of certifications. It would be better to improve it for these issues. Check Point doesn't have a SOAR system. They work with Siemplify, but it is an integration with another vendor. It would be great if Check Point has an integrated SOAR system."

    What is our primary use case?

    We use Check Point NGFW for perimeter protection of our network from the internet. We also use it for threat protection at the network level and the endpoint level.

    We provide implementation, installation, and support services. We know about all types of firewalls, and we work with all types of installations. We usually use appliances, but in test environments, we use virtual appliances.

    What is most valuable?

    It is easy to use, and its management is the best. Check Point has a great unified management solution for firewalls and security products. 

    What needs improvement?

    Their technical support can be better. In addition, when we need to use it in a government environment, we face a lot of legal issues related to different types of certifications. It would be better to improve it for these issues.

    Check Point doesn't have a SOAR system. They work with Siemplify, but it is an integration with another vendor. It would be great if Check Point has an integrated SOAR system.

    For how long have I used the solution?

    We have been dealing with Check Point firewalls in our company for more than 20 years.

    What do I think about the stability of the solution?

    It is quite stable, but it can vary based on the version.

    What do I think about the scalability of the solution?

    It is scalable. We can use the Maestro solution from Check Point for scalability. We can add new appliances as the company grows. If we need more performance and throughput, we can add additional appliances and have more performance. Check Point Maestro is the best solution for scalability.

    How are customer service and technical support?

    Their technical support can be better.

    How was the initial setup?

    Its initial setup is easy for me. The deployment duration varies. A simple deployment takes two or three days. A complex deployment that involves a cluster configuration or appliance replacement can take up to five days.

    What's my experience with pricing, setup cost, and licensing?

    Its price is reasonable. If we compare its TCO for three years, it is more reasonable than some of the other vendors such as Fortinet, Palo Alto, etc.

    What other advice do I have?

    I would recommend this solution. It is a great solution for endpoint protection and threat prevention. I have been working with Check Point products for a very long time. Check Point is one of our best vendors, and they make great products. 

    I would advise others to learn about firewalls and other Check Point solutions. They have a lot of different solutions. If you choose their firewall, it would be useful to know more about other solutions. It would be one of the ways to improve the protection of your network with Check Point.

    I would rate Check Point NGFW a ten out of ten. 

    Disclosure: My company has a business relationship with this vendor other than being a customer: Distributor
    PeerSpot user
    Buyer's Guide
    Download our free Check Point NGFW Report and get advice and tips from experienced pros sharing their opinions.
    Updated: March 2025
    Buyer's Guide
    Download our free Check Point NGFW Report and get advice and tips from experienced pros sharing their opinions.