Try our new research platform with insights from 80,000+ expert users
DmitryPavlukhin - PeerSpot reviewer
Security Analyst at HOST
Real User
Enables us to catch much more malware and spam with incoming traffic, and we now are more protected with our environment
Pros and Cons
  • "AV, IPS, AntiSpam, Sandbox. That's gentlemen set for any basic security, and it was implemented very well. In our reports, the most exciting results belong to AV and IPS. It can be explained by using ThreatCloud - a global knowledge base, which accumulates signatures for all existing and new coming malware, and all the Check Point solutions are always up to date with potential threats."
  • "I hope for product simplification. It would be better to use one security console, instead of many of them (for licensing and monitoring). The solution is hard for newcomers and takes much time to deep in. Also, I want a historical graph for throughput and system resources usage. Maybe it will be great to make easy step-by-step installation and configuration cookbooks as Fortinet did, and integrate the documentation within the solution."

What is our primary use case?

We use Check Point NGFW as a perimeter NAT Gateway with the security features, it helps us to prevent hackers. We implement Check Point-based infrastructures for our customers. In most cases, this is the same perimeter gateway and internal segmentation firewalls. Many of our customers also using the VPN feature to organize remote access to the company's assets for employees, especially in the COVID period, and to connect their branch offices to the base infrastructure. Environments are differing from one out customer to another, but these are primary use cases. 

How has it helped my organization?

We catch much more malware and spam with incoming traffic, and now we are more protected with our environment. For our customers, this is always a surprise, when we are running a pilot project - how mush malware and attacks we catch during the two weeks period. Check Point has a great report called "Security Check Up", that show these results on informative charts. In our region, our customers use primarily local solutions, that has no good security features inside. Check Point has a certification there, which allows them to work in our region and make the world safer. 

What is most valuable?

AV, IPS, AntiSpam, Sandbox. That's gentlemen set for any basic security, and it was implemented very well. In our reports, the most exciting results belong to AV and IPS. It can be explained by using ThreatCloud - a global knowledge base, which accumulates signatures for all existing and new coming malware, and all the Check Point solutions are always up to date with potential threats. When we using sandbox with Sandblast agent, often there are not real-world exciting results, but when we show a solution in work with existing samples, it also shows good results. 

What needs improvement?

I hope for product simplification. It would be better to use one security console, instead of many of them (for licensing and monitoring). The solution is hard for newcomers and takes much time to deep in. Also, I want a historical graph for throughput and system resources usage. Maybe it will be great to make easy step-by-step installation and configuration cookbooks as Fortinet did, and integrate the documentation within the solution. In most cases, the solution works great and I recommend it for our customers.

Buyer's Guide
Check Point NGFW
March 2025
Learn what your peers think about Check Point NGFW. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
842,767 professionals have used our research since 2012.

For how long have I used the solution?

3 years.

What do I think about the stability of the solution?

Everyone falls sometimes. I recommend using high availability or at least two power blocks. 

What do I think about the scalability of the solution?

Nice, easy to connect and implement high availability.

How are customer service and support?

Support is great, we solved cases with solution integrations easily.

Which solution did I use previously and why did I switch?

We are using many solutions at the same time. Just to be closer to our customers. 

How was the initial setup?

Initial is very easy. Further - harder.

What about the implementation team?

In-house

What was our ROI?

12 months.

What's my experience with pricing, setup cost, and licensing?

NGTP is easy and strong. If you need the best security - use SanbBlast in addition.

Which other solutions did I evaluate?

We always check security options before implementing them to customers.

What other advice do I have?

Good solution - I recommend it. 

Which deployment model are you using for this solution?

On-premises

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)
Disclosure: My company has a business relationship with this vendor other than being a customer: Our company is a Security Integrator. We are Check Point Partner and Deploy their solutions for our customers.
PeerSpot user
Senior Technical Consultant at Ivalue Infosolution
Consultant
Feature-rich, easy to deploy, security oriented, and offers scalability and great throughput
Pros and Cons
  • "The most valuable feature is the Stateful Inspection, which was developed by Check Point."
  • "No product is perfect and there is always room for improvement."

What is our primary use case?

I am a Check Point distributor and the Next-Generation Firewall is one of the products that I am dealing with. My customers use this as part of their security solution that covers mobile devices, computers, their network, cloud, SD-WAN, IoT devices, IP phones, IP cameras, and others.

How has it helped my organization?

Checkpoint has provided Security to the entire data center. 

What is most valuable?

This is a feature-rich product and all of them are useful.

The most valuable feature is the Stateful Inspection, which was developed by Check Point.

The throughput is very good with Check Point. Checkpoint ThreatCloud is the largest threat intelligence database. 

Checkpoint management is a single pane of glass from where you can manage all the CP solutions from a single point be it on-prem or cloud or hybrid.

What needs improvement?

There is always room for improvement and CP Dev team is on right path.

For how long have I used the solution?

I have been working with Check Point firewalls for more than five years.

What do I think about the stability of the solution?

This is a stable firewall. It is very good.

What do I think about the scalability of the solution?

Scalability and throughput are very high. They have also launched a solution called Check Point Maestro, which provides cloud-level scalability on-premises. This makes it very scalable.

Which solution did I use previously and why did I switch?

My customers use firewall products from several vendors, including Sophos. Sometimes they replace their existing firewalls, and at other times, they run Check Point in parallel.

How was the initial setup?

The initial setup is very simple. This solution can be installed on-premises or on the cloud.

It takes between 30 and 45 minutes to deploy.

What about the implementation team?

Our in-house team does the installation for our clients. We also handle support, depending on what level of support the client has. Sometimes, they go directly to the OEM.

What other advice do I have?

Until earlier this year, the consolidated management was application-based and required installation. As of recently, they have launched web-based management, as well as cloud-based management. This is an upgrade that I had been waiting for because we no longer have to go to the dashboard. Instead, we just enter the IP into chrome and you get the dashboard on the web page, without having to install anything.

This is a very good product, although there is always room for improvement.

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Check Point NGFW
March 2025
Learn what your peers think about Check Point NGFW. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
842,767 professionals have used our research since 2012.
SeniorNe6c94 - PeerSpot reviewer
Security Engineer at Tenece Professional services
Reseller
Enables us to complete the network compliance rules and has a great GUI
Pros and Cons
  • "We use Check Point to complete the network compliance rules."
  • "This product has room for improvement in technical support for Africa."

What is our primary use case?

The management of our company requires a firewall implementation. We use Check Point to complete the network compliance rules.

How has it helped my organization?

We use Check Point NGFW for compliance. The initial request leads to secondary requests. By the time you have recognition, there is recollection. For the main service, it's collection.

What is most valuable?

The feature we have found to be the most valuable is the management firewall. 

What needs improvement?

This product has room for improvement in technical support for Africa. There are some problems with African countries. We also need to provide excellent services. 

The additional feature I would most like to see included in the next release of this solution is removal management.

What do I think about the stability of the solution?

The stability of the solution is quite good. It has a great GUI and it's comfortable. I love the content. Of course, you also have great support.

What do I think about the scalability of the solution?

The new version is highly scalable. Now all of our users depend on the firewall. We have about 150 users. We require two staff for deployment and management.

Which solution did I use previously and why did I switch?

We previously used Sophos. We switched for more security. 

How was the initial setup?

The initial setup was straightforward. Our deployment took two or three weeks. Deploying the first one was two weeks, but the other ones were around one week.

What about the implementation team?

For the first setup, I used a consultant. For the second one, I didn't. We didn't need one.

What's my experience with pricing, setup cost, and licensing?

Licensing costs for this solution are on a yearly basis.

What other advice do I have?

On a scale from one to 10, I would rate this product a nine. Nobody's perfect.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Senior Network Security Engineer at a tech services company with 51-200 employees
Real User
Top 5
The product is highly scalable and flexible, but the cost of add-on features is too high
Pros and Cons
  • "The product is flexible."
  • "The cost of add-on features is too high."

What is our primary use case?

We use the tool as a data center firewall. Some of our customers use it as a perimeter firewall. We are only using the security gateway.

What is most valuable?

The product is flexible. I like the product’s performance and throughput.

What needs improvement?

The cost of add-on features is too high.

For how long have I used the solution?

I have been using the solution for five to six years.

What do I think about the stability of the solution?

The tool is stable. We haven’t faced any issues after configuring and putting it in production.

What do I think about the scalability of the solution?

We have roughly 7000 appliances. The tool is scalable. I like the scalability of the solution. We have 10 to 20 customers.

How are customer service and support?

The technical support is good.

How would you rate customer service and support?

Positive

How was the initial setup?

The initial setup is easy.

What's my experience with pricing, setup cost, and licensing?

The pricing is moderate. The license cost is good. However, some features like VPN are costly.

What other advice do I have?

We use the solution for our clients. My recommendation depends upon the requirements. I do not recommend the product for an SMB. I recommend it for enterprises. It has good performance and throughput. Overall, I rate the solution a seven or eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: customer/partner
PeerSpot user
reviewer1055286 - PeerSpot reviewer
IT Security Administrator at a tech services company with 51-200 employees
Real User
Easy to manage with good features but there are security bugs that are annoying
Pros and Cons
  • "We have all the features we want or need in this appliance. It's been good so far."
  • "Sometimes there are security bugs, which is frustrating."

What is our primary use case?

We primarily use it for internet security. We use it for firewalling, ePass, and threat detection including anti-malware protection, bug protection, and social inspection. We can also use it for DLP.

What is most valuable?

The solution helps out in our security goals. It acts as a primary source of protection for threats from the internet and is great for data leakage protection.

Most of the time, it's pretty stable. 

We have all the features we want or need in this appliance. It's been good so far. 

What needs improvement?

Sometimes there are security bugs, which is frustrating.  

Right now, we have a problem with DLP and this problem has become very big. Check Point, our firewall, is not handling data properly. There seems to be some sort of security bug.

For how long have I used the solution?

I've used the solution for ten years or so. It's been a decade at least. 

What do I think about the stability of the solution?

The solution, for the most part, is very stable. We find it to be quite reliable. There are bugs, however, which have caused some issues. 

What do I think about the scalability of the solution?

The solution is not scalable per se. There is only one way to upgrade and that is to buy new appliances.

Currently, we have around 7,000 people using this solution.

Likely, we won't be increasing usage. We are building new releases and we are considering changing this solution to another vendor. We might switch from Check Point to maybe Palo Alto or Cisco. We don't know which yet.

How are customer service and support?

We haven't really dealt with technical support. We typically go through our partners.

Which solution did I use previously and why did I switch?

We also use Cisco as well. We use Cisco ASA. Check Point, right now, is our primary firewall.

Check Point offers very good management. For an administrator, it's easy to manage this appliance, this firewall. Cisco, historically, has a big problem with this, specifically with FTD firewalls. There also tend to be some bugs you have to contend with.

How was the initial setup?

I can't speak to the initial setup process. Our partner handled it and therefore I wasn't really part of the process. That said, for me. the process is pretty simple.

My understanding is that the deployment took a few days. 

I'd rate the experience of the initial setup at a four out of five. 

About two people were able to handle the implementation process. Typically, they are architects and engineers. 

What about the implementation team?

We had a partner set up the solution for us.

What was our ROI?

We have seen a decent ROI. I'd rate it at a four out of five. 

What's my experience with pricing, setup cost, and licensing?

I can't speak to the cost of the solution. We deal with it through a partner, and I'm not involved in any of the pricing aspects. 

Which other solutions did I evaluate?

We are considering switching to Palo Alto or maybe Cisco in the near future. 

What other advice do I have?

We are a customer and an end-user.

Some blades, some function blades on Check Point, are very good, however, it's not all of them. Right now, I know DLP and social inspection are a problem. New users should be aware of this. 

Overall, I would rate the solution at a seven out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer1281831 - PeerSpot reviewer
Security and Network Engineer at a tech services company with 501-1,000 employees
Real User
User-friendly configuration, good support, and trouble-free upgrades have made our jobs easier
Pros and Cons
  • "The rules are very easy to deploy and can be optimized pretty quickly."
  • "One of the main features that need improvement is the rule filter export."

What is our primary use case?

The Check Point NGFW is the best product that I have ever used. It has pluses and minuses, as do others, but the usability, simplicity, and the configuration abilities are very user-friendly. After a while, other vendors just don’t come close to it.

The second thing is that is just works and it does it with ease. The upgrades and bug fixes are frequent and well documented. Also, the patches just work ;-)

There are some negatives but as I already said, they aren’t many and from my point of view, we can see past them.

How has it helped my organization?

It has made our lives and working in the company a lot easier. We have a better overview of the logs and what happens with the traffic in our company. Which means that the search for the certain logs is easy, quick and smooth. The overview of the logs is also very good as it is very detailed. The installation is allot quicker as it was before what also helps us with the implementation of the firewall rules. The rule consolidation is also very important as we have more than 60 fw rule change requests per day.

What is most valuable?

The rules are very easy to deploy and can be optimized pretty quickly. The R80 has a great feature on how the rules are processed, which costs less in terms of CPU and threads than it did before.

The features that are integrated into the firewall are very useful for our everyday use. Examples of these are the log manager, the firewall monitor commands, and the Linux commands. These are all very useful and helpful.

The VPN tunnels are easy to set up once you understand how they have to be configured.

What needs improvement?

One of the main features that need improvement is the rule filter export. All of the other vendors can export the filtered IPS as a PDF or CSV file, but with the smart dashboard, it’s just not possible. One can only export the whole rule base and then search for the IPS, which is super time-consuming as you can’t send the whole rule base to a customer. You would get weird questions about certain rules, why they are deployed or configured as they are, and maybe even get unwanted tips on how to change them.

For how long have I used the solution?

We have been using Check Point NGFW for eight years.

What do I think about the stability of the solution?

In terms of stability, this solution is very good.

What do I think about the scalability of the solution?

The scalability is high.

How are customer service and technical support?

The technical support is very good.

Which solution did I use previously and why did I switch?

We did not use another solution prior to this one.

How was the initial setup?

The initial setup is very easy.

What about the implementation team?

I implemented and deployed Check Point NGFW alone.

What's my experience with pricing, setup cost, and licensing?

Maybe the pricing is a bit high but you get the durability and the duration.

Which other solutions did I evaluate?

We evaluated Palo Alto and Cisco ASA.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer1719525 - PeerSpot reviewer
Chester at Iocane
User
Great centralized management with good threat extraction and excellent commitment to innovation
Pros and Cons
  • "Management integration is holistic as centralized management has been core to the solution for decades."
  • "Potential improvements could be made around simplifying VPN functionality and configuration."

What is our primary use case?

I work for a systems integrator and have designed and deployed solutions over many years with Check Point components. Problems solved with Check Point NGFWs have included securing the edge, data center segregation, SWG replacement, Remote Access, and many others.

I have designed and installed Check Point deployments from a single SMB appliance to multiple highly available chassis, running numerous virtual systems. Numerous different use cases include appliance form-factors, running modules, and licenses.

How has it helped my organization?

I have always found that Check Point's fully integrated management provides significant improvements to organisations where I have deployed them. As management has always been integral in the Check Point deployment, all functionality and visibility is natively baked into the management platform, which provides a single point to configure and monitor every function. Alternative vendors have added centralized management functionality as a secondary feature and therefore have never been able to compete on this front.

What is most valuable?

Management integration is holistic as centralized management has been core to the solution for decades. Where other vendors have bolted management on over time, Check Point has always made it central to everything that they do.  

I find that this is one of the most significant and valuable features of Check Point. In addition to that, many new features that eventually become the standard across the industry end up being first introduced by Check Point - sometimes years ahead (such as Threat Extraction which allows active content to be stripped from files being downloaded and a "clean" copy to be provided in near real-time, while sandbox inspection is being performed).

What needs improvement?

Product-wise, I have no real complaints. 

Potential improvements could be made around simplifying VPN functionality and configuration.  

The main area that the organization can improve is around the lack of local, in-state technical support. Competitor vendors have a strong presence in the Adelaide Market, however, Check Point has always been limited with its commitment to staffing local technical resources. If this focus is made, I could see Check Point returning to the strength that it once had in the Adelaide market.

For how long have I used the solution?

I've used the solution for 17 years.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Support Manager at Sefisa
MSP
Stable and very robust with helpful technical support
Pros and Cons
  • "The product is very scalable."
  • "Sometimes when they bring on new upgrades, they affect something else."

What is most valuable?

I do like that this solution is a very robust firewall.

It's very stable. 

The product is well supported. The solution is very scalable. 

Technical support has been quite good. 

What needs improvement?

The only thing I would like to improve is the updates. Sometimes when they bring on new upgrades, they affect something else. That happens sometimes. For example, something that was working well might have a new issue after an update. It's understandable as they do have like to add innovations. When you are innovative, you face some risks. 

They have already announced that they will be adding SD-WAN as a new feature.

For how long have I used the solution?

I've been using the solution for 18 years.

What do I think about the stability of the solution?

The solution is very stable. There are no bugs or glitches. It doesn't crash or freeze. It's reliable. That said, I would like the latest version to be more stable.

What do I think about the scalability of the solution?

The product is very scalable. You have very good options. For example, if you start with a smaller firewall and you want to upgrade to have newer hardware, they have different options. For example, you can run a script that is going to tell you the new appliances that you need, according to your new requirements according to your network consumption. 

It did launch Maestro about two years ago. Maestro is something that allows you to stack firewalls. If your current firewalls handle the traffic anymore, you can add new firewalls to it. 

If you want to change the firewall you can do these trade-ins. You can return the old firewall and they will give you a special discount. 

How are customer service and support?

Technical support has been very helpful and responsive. We've been happy with the level of support they offer. 

How was the initial setup?

The product is easy to set up. I am seasoned on Check Point. For me, it's very easy. I wouldn't say it's hard. 

What other advice do I have?

I'd rate the solution at a ten out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer:
PeerSpot user
Buyer's Guide
Download our free Check Point NGFW Report and get advice and tips from experienced pros sharing their opinions.
Updated: March 2025
Buyer's Guide
Download our free Check Point NGFW Report and get advice and tips from experienced pros sharing their opinions.