Try our new research platform with insights from 80,000+ expert users
SeniorNe6c94 - PeerSpot reviewer
Security Engineer at Tenece Professional services
Reseller
Enables us to complete the network compliance rules and has a great GUI
Pros and Cons
  • "We use Check Point to complete the network compliance rules."
  • "This product has room for improvement in technical support for Africa."

What is our primary use case?

The management of our company requires a firewall implementation. We use Check Point to complete the network compliance rules.

How has it helped my organization?

We use Check Point NGFW for compliance. The initial request leads to secondary requests. By the time you have recognition, there is recollection. For the main service, it's collection.

What is most valuable?

The feature we have found to be the most valuable is the management firewall. 

What needs improvement?

This product has room for improvement in technical support for Africa. There are some problems with African countries. We also need to provide excellent services. 

The additional feature I would most like to see included in the next release of this solution is removal management.

Buyer's Guide
Check Point NGFW
November 2024
Learn what your peers think about Check Point NGFW. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
815,854 professionals have used our research since 2012.

What do I think about the stability of the solution?

The stability of the solution is quite good. It has a great GUI and it's comfortable. I love the content. Of course, you also have great support.

What do I think about the scalability of the solution?

The new version is highly scalable. Now all of our users depend on the firewall. We have about 150 users. We require two staff for deployment and management.

Which solution did I use previously and why did I switch?

We previously used Sophos. We switched for more security. 

How was the initial setup?

The initial setup was straightforward. Our deployment took two or three weeks. Deploying the first one was two weeks, but the other ones were around one week.

What about the implementation team?

For the first setup, I used a consultant. For the second one, I didn't. We didn't need one.

What's my experience with pricing, setup cost, and licensing?

Licensing costs for this solution are on a yearly basis.

What other advice do I have?

On a scale from one to 10, I would rate this product a nine. Nobody's perfect.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Senior Network Administrator at a financial services firm with 1,001-5,000 employees
Real User
Beneficial management features and scalable
Pros and Cons
  • "The separate management feature of Check Point NGFW is very convenient."
  • "The technical support is really poor. We have to wait for approximately 48 hours sometimes for a simple solution."

What is our primary use case?

We are using Check Point NGFW as a firewall for our organization. All the internet traffic goes through it.

What is most valuable?

The separate management feature of Check Point NGFW is very convenient.

For how long have I used the solution?

I have been Check Point NGFW for approximately five years.

What do I think about the stability of the solution?

The solution is stable when it is running incapacity, if it goes beyond it can be not stable. There could be more stability by having more ports or CPU power.

What do I think about the scalability of the solution?

The solution is scalable.

How are customer service and support?

The technical support is really poor. We have to wait for approximately 48 hours sometimes for a simple solution.

How was the initial setup?

The installation is not straightforward.

What about the implementation team?

We needed help from the Check Point expert experts because we deployed it in the HA. It's a bit different from the other firewall vendors. You need a Check Point expert to deploy it initially.

We have a five-person technical team for the maintenance of the solution. We use managers, admins, engineers, and developers.

What other advice do I have?

I rate Check Point NGFW an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Check Point NGFW
November 2024
Learn what your peers think about Check Point NGFW. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
815,854 professionals have used our research since 2012.
Engineer at CENACE
Real User
Easy to set up, stable and scalable
Pros and Cons
  • "Configuration and deploying are easy."
  • "The price of this product could be improved."

What is our primary use case?

My primary use case of this solution is for the data center in the perimeter security. We configure all of our security features like anti-boot, antivirus, and filtering.

What is most valuable?

I think the most valuable feature is that the application and configuration were easy for us. When we need to do some work with the networks, configuration and deploying are easy - if I want to search for information, it is easy in the Check Point platform.

What needs improvement?

I think the price of this product could be improved - other solutions are cheaper in comparison. In the next release, I would like to be able to perform sandboxing to check email attachments and information sent through the cloud for viruses.

What do I think about the stability of the solution?

I think this solution is stable.

What do I think about the scalability of the solution?

My impression is that the solution is scalable.

What about the implementation team?

I implemented using a vendor team, whose performance was good.

Which other solutions did I evaluate?

I considered using Cisco before deciding on Check Point.

What other advice do I have?

Check Point is easy for the configuration user. I would rate this solution as eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Consultant at KoçSistem
Real User
Good support, improves performance, stable, and scales well
Pros and Cons
  • "One of the most valuable features is performance improvement, wherewith ClusterXL and CoreXL, you can improve performance."
  • "Check Point should include additional management choices; for example, Check Point does not offer full management support via browser."

What is our primary use case?

I'm a consultant at a Check Point partner. I have deployed a lot of Check Point firewalls and support Check Point firewalls for our customers. Our customer environments are different. I have deployed standalone, cluster, and two-layered firewalls.

How has it helped my organization?

Check Point firewall products include a lot of modules including Application Control, IPS, Email security, Mobile access, Content Awareness, URL Filtering, Antivirus, Antibot, and DLP

Check Point meets our customers' requirements at the perimeter with an all-in-one solution. For example:

  • The IPS blade prevents attacks with updated signatures.
  • URL filtering policy control customers' users' internet activity.
  • Antivirus and antibot blade controls malicious activity and files.
  • Mobile access blades allow customers to access their sites from anywhere securely.

What is most valuable?

There are a lot of features that I have found valuable for our customers.

For example, active/active and active/standby high availability features are very useful. If you want to share traffic loads to both cluster members, you can use the active/active feature, whereas if you don't want to share traffic loads then you can prefer active standby. Your connections sync on both cluster members for either highly available choice, so your connections never lost.

One of the most valuable features is performance improvement, wherewith ClusterXL and CoreXL, you can improve performance.

What needs improvement?

Check Point should include additional management choices; for example, Check Point does not offer full management support via browser.

You should use Check Point Smart Console for management, although it is an EXE and is supported only on the MS Windows platform. If you are using Linux or Mac, you cannot manage Check Point. Instead, you need to use a virtual PC with the Windows OS installed, running inside Linux or Mac. Check Point states that this is a decision made for security reasons, but that certain management features can be done through the browser, although not fully.

For how long have I used the solution?

I have been using the Check Point firewall for more than 20 years.

What do I think about the stability of the solution?

This solution is very stable for all of our customers.

What do I think about the scalability of the solution?

One of our customers has more than 200 branch offices, which are protected by Check Point SMB appliances. All of these appliances are managed by Check Point SmartProvisioning. This customer has one Check Point cluster that secures server segments and another Check Point cluster to secure the client segment.

The latest product, Maestro is very good and scales well.

How are customer service and technical support?

Check Point support is very good and we are very satisfied.

Which solution did I use previously and why did I switch?

My company is working with different firewall products but I am a Check Point expert and only support their products.

How was the initial setup?

The initial setup is straightforward.

What about the implementation team?

All implementation is handled by our team.

What was our ROI?

There are different ROIs for each customer but our customers' ROIs are high, as expected.

What's my experience with pricing, setup cost, and licensing?

The pricing is high compared to competitors.

Which other solutions did I evaluate?

Our customers evaluate other products but a lot of them prefer Check Point.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: KocSistem A.S.
PeerSpot user
Lead Solution Advisor at a consultancy with 10,001+ employees
Real User
Fix holes in endpoint security management infrastructure, which might be letting things through like ransomware
Pros and Cons
  • "The application authentication feature of Check Point is the most valuable as it helps us keep users secure."
  • "Check Point should quickly update and expand its application database to have what Palo Alto has."

What is our primary use case?

We recommend to clients who are installing applications that they can work with Check Point Next Generation Firewalls. Our role is to support our customers in terms of their migration, firewall room cleanups, and implementing all the security features that the firewall has.

Our clients have branch offices in Mexico and Bermuda. Check Point is one of the top names in these areas.

How has it helped my organization?

Our clients come to us to fix holes in their endpoint security management infrastructure, which might be letting things through like ransomware. We recommend Check Point Firewalls and some other endpoint security management solutions to mitigate these risk factors. We use this solutions to help build a perimeter for the company, as it helps filter threats from affecting our clients' infrastructure.

What is most valuable?

The application authentication feature of Check Point is the most valuable as it helps us keep users secure. 

It works smoothly when managing clients' on-premise and cloud firewalls.

What needs improvement?

Permissions from the client regarding troubleshooting and how well we can packet capture have not been smooth.

Check Point should quickly update and expand its application database to have what Palo Alto has. 

There have been some issues with third-party integrations.

For how long have I used the solution?

I've been using Check Point Firewalls since 2012. This was right from the beginning when it was hardware from Nokia and the R65 and R66 models. So far, that has gone well.

What do I think about the stability of the solution?

They are stable. There are no standalone Check Point boxes. If a module goes down, it doesn't affect the base as a whole. Check Point Firewalls have nice redundancy.

What do I think about the scalability of the solution?

Scalability is a good feature that this solution has. It is easy scale out and do site-to-site implementations. Sometimes, you have to clean the OS or RAM to free up availability. However, if you do this, then there are generally no issues with scaling it.

How are customer service and technical support?

The documentation is really good. 

Their support guys response is really quick. Though, sometimes it takes them more than four to five to get back to us via email and acknowledge an issue. If you have the diamond support, it is definitely fast. However, if you don't have that sort of expensive after-sale support, then it is a problem to engage a Check Point technician at a very fast pace.

We actively participate in the community group.

Which solution did I use previously and why did I switch?

Our clients are migrating over to Check Point NGFW from Cisco, Juniper, and Fortinet because they want the Check Point Application Intelligence feature. 

How was the initial setup?

We set up the management tool for the clients to manage all their infrastructure.

The migration is generally seamless and takes one shift or day (about nine hours).

We migrate clients to Check Point from other solutions. We also have situations where it's a clean install for deployment, which is the most common scenario.

What about the implementation team?

We are working with Check Point Firewalls to provide installation, migration, updates, setup, etc. 

In the beginning, we needed help from the vendor with the setup. The support was good.

What was our ROI?

Our clients have seen ROI.

What's my experience with pricing, setup cost, and licensing?

Cisco pushes clients to purchase their hardware, and this is not the case with Check Point. This helps to easily manage costs.

Which other solutions did I evaluate?

There are now more competitors in the market, like Palo Alto and VMware. 

Palo Alto is a bit more smooth and cost-efficient than Check Point. Palo Alto has Unified Threat Management (UTM) coupled with a dake lake database that is huge. Also, its migration is more smooth than Check Point's. 

What other advice do I have?

Look for a software with licenses that support the features you want. I would recommend doing an RFP before purchasing. Get in touch with Check Point's sales team and compare it with other solutions.

Check Point features are always evolving. They try to stay abreast of the market. I would recommend not using older, obsolete models of Check Point because of this. 

I would rate this solution as an eight out of 10.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
reviewer1392339 - PeerSpot reviewer
Network Engineer at a legal firm with 1,001-5,000 employees
Real User
It has a good IPS features, we haven't seen any security breaches
Pros and Cons
  • "The interface and the IPS intrusion prevention are the most valuable features of this solution."
  • "With the version we're on, it's a bit time-consuming if you have multiple IP addresses to add. But in the later versions, which we're moving to, it makes it a lot easier to add IP addresses with dynamic objects, as they call it."

What is our primary use case?

We use it for standard firewalls.

What is most valuable?

The interface and the IPS intrusion prevention are the most valuable features of this solution.

It's pretty straightforward to use once you get your head around it. It's fairly straightforward to use. 

What needs improvement?

With the version we're on, it's a bit time-consuming if you have multiple IP addresses to add. But in the later versions, which we're moving to, it makes it a lot easier to add IP addresses with dynamic objects, as they call it.

In the next release, I would like to have the ability to automatically add rules from the tracking log. I've used that in other firewall software whereby you can trace the logs, and from the log, you can add a new rule automatically. That would be a nice feature.

For how long have I used the solution?

I have been using Check Point NGFW for around a year. 

We're on R77 and soon to go to R80. They're virtual machines.

What do I think about the stability of the solution?

It is very stable. We had one issue recently where Check Point had made a change, and it took a lot of our connectivity down. But that was really a one-off, so that was a mistake on Check Point's side with their policy testing/QC control that affected lots of their customers. 

What do I think about the scalability of the solution?

I've not had to deal with scaling them but from what I understand, they scale to huge organizations.

We have around five IT engineers who use this solution in my company and five who work on deployment and maintenance.

It's used throughout the business, with around 1,500 users, so for all the traffic. We do not have plans to increase usage. 

How are customer service and technical support?

 I've used the technical support. They're very responsive, we usually get a response the same day. The advice they've given has been very good and the knowledge base articles that they send are also very good.

Which solution did I use previously and why did I switch?

In other companies I've worked at, I also used all sorts of firewall solutions including FortiGate, Cisco, and pfSense. Check Point is easier than Cisco but more complex than pfSense or FortiGate in terms of its features and management.

Check Point's push to make deploy policy changes is slow when you've made a change to then push it out to the firewall. It does take 10 minutes or so to push that change out, so it's not as instant as some of the other firewalls I've used.

What was our ROI?

I have seen ROI. There have been no complaints. We haven't had any security breaches, so it's been good.

What other advice do I have?

It's a good product. My advice would be to get some training or watch some videos on using it. You do need a bit of training on it. Initially, there is quite a steep learning curve.

My comfort level with it is on and off. I've been at my company for a year and I'm starting to get comfortable, but it's such a big product that unless you're using it all day, every day, you wouldn't master it. If that was all you were doing every day, then it would probably take you three or four months to get the hang of it.

I would rate Check Point NGFW an eight out of ten. It's not as easy as the other firewalls I've used but that's probably due to the large feature set.

Which deployment model are you using for this solution?

On-premises
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Senior Technical Consultant at Ivalue Infosolution
Consultant
Feature-rich, easy to deploy, security oriented, and offers scalability and great throughput
Pros and Cons
  • "The most valuable feature is the Stateful Inspection, which was developed by Check Point."
  • "No product is perfect and there is always room for improvement."

What is our primary use case?

I am a Check Point distributor and the Next-Generation Firewall is one of the products that I am dealing with. My customers use this as part of their security solution that covers mobile devices, computers, their network, cloud, SD-WAN, IoT devices, IP phones, IP cameras, and others.

How has it helped my organization?

Checkpoint has provided Security to the entire data center. 

What is most valuable?

This is a feature-rich product and all of them are useful.

The most valuable feature is the Stateful Inspection, which was developed by Check Point.

The throughput is very good with Check Point. Checkpoint ThreatCloud is the largest threat intelligence database. 

Checkpoint management is a single pane of glass from where you can manage all the CP solutions from a single point be it on-prem or cloud or hybrid.

What needs improvement?

There is always room for improvement and CP Dev team is on right path.

For how long have I used the solution?

I have been working with Check Point firewalls for more than five years.

What do I think about the stability of the solution?

This is a stable firewall. It is very good.

What do I think about the scalability of the solution?

Scalability and throughput are very high. They have also launched a solution called Check Point Maestro, which provides cloud-level scalability on-premises. This makes it very scalable.

Which solution did I use previously and why did I switch?

My customers use firewall products from several vendors, including Sophos. Sometimes they replace their existing firewalls, and at other times, they run Check Point in parallel.

How was the initial setup?

The initial setup is very simple. This solution can be installed on-premises or on the cloud.

It takes between 30 and 45 minutes to deploy.

What about the implementation team?

Our in-house team does the installation for our clients. We also handle support, depending on what level of support the client has. Sometimes, they go directly to the OEM.

What other advice do I have?

Until earlier this year, the consolidated management was application-based and required installation. As of recently, they have launched web-based management, as well as cloud-based management. This is an upgrade that I had been waiting for because we no longer have to go to the dashboard. Instead, we just enter the IP into chrome and you get the dashboard on the web page, without having to install anything.

This is a very good product, although there is always room for improvement.

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Network Security Administrator at a computer software company with 201-500 employees
Real User
User-friendly with IPS already configured in the box, and the dashboard is good and easy to use
Pros and Cons
  • "Check Point has a lot of features. The ones I love are the antivirus, intrusion prevention, and data loss prevention. Apart from that, there is central management through which we can integrate all the firewalls and support them. It makes it easy to manage all the firewalls."
  • "The antivirus is less effective than its competitors' antivirus. The antivirus is good, but in other firewalls, such as Palo Alto, it's quite effective. Check Point should provide more output. Sometimes it provides comprehensive information and sometimes it doesn't."

What is our primary use case?

We use it to provide security in our organization. Check Point Next Generation Firewalls are designed to support large networks, like a telco environment.

What is most valuable?

Check Point has a lot of features. The ones I love are the 

  • antivirus
  • intrusion prevention 
  • data loss prevention. 

Apart from that, there is central management through which we can integrate all the firewalls and support them. It makes it easy to manage all the firewalls.

It's also user-friendly and not very complex. Anyone can use it and the dashboard is quite good.

What needs improvement?

Check Point has notably fewer tutorials on Google. If I'm facing any kind of issue and I Google it, less stuff is available. 

Apart from that, the antivirus is less effective than its competitors' antivirus. The antivirus is good, but in other firewalls, such as Palo Alto, it's quite effective. Check Point should provide more output. Sometimes it provides comprehensive information and sometimes it doesn't.

For how long have I used the solution?

I have been using this firewall for more than one year.

What do I think about the stability of the solution?

The stability is good. We've never seen any kind of issue with the Check Point firewalls. In very rare cases we go to their TAC, but we normally try to resolve the situation from our side.

What do I think about the scalability of the solution?

They are quite scalable. They are designed to extend in large data centers and tech environments. They are designed to support the needs of large networks, and offer reliability and performance.

How are customer service and technical support?

Check Point's technical support is quite good. It's quite helpful. We have never faced any kind of issue with them. Whenever we have an issue with the firewalls, we just raise it with them and they are quite supportive and quite technical as well. They provide a resolution on time and effectively.

Which solution did I use previously and why did I switch?

Previously, I worked on Cisco ASA firewalls and they have a lot of disadvantages. They have a lot fewer features compared to the Check Point firewalls. We just started using Check Point as a firewall in our organization and they give us new features which are better than the Cisco ASA. With Check Point, the IPS is already configured in the box, unlike the Cisco ASA, and there are a lot of features which help us to provide more security for our customers. In our case, the customers are all employees of our organization.

All of these are reasons we switched to Check Point.

How was the initial setup?

The setup is straightforward.

Deployment depends on the customer's architecture or network.

In terms of a deployment plan, we have different teams in our organization that support different business cases. After an implementation ticket is raised by the requester it goes to the planning stage, then it goes to the implementation stage and then it goes to the validation stage. The planning stage is done by the network security admins. The approval stage that is done by our managers and the validation stage is done by us, the network security admins. This is the process that we follow in our organization. Everything is documented.

What about the implementation team?

We do the deployment ourselves, but if we face any kind of issue, we just raise an issue with their TAC.

What's my experience with pricing, setup cost, and licensing?

The pricing is good. It's not so expensive. You can deploy it and it will do a lot of jobs in one package. It's a good choice compared to the other firewalls.

Which other solutions did I evaluate?

We looked at Palo Alto and the Cisco FTD Next-Generation Firewall.

What other advice do I have?

Check Point Next Generation firewalls are very good. They have a lot of features in one box and they're not that expensive. They support a lot of features, including antivirus, data loss prevention, and the central management is very good. We can configure all the firewalls through the central management. They have many things in a small package. I would recommend them.

The biggest lesson I have learned from the solution is that it has a lot of features that I was not aware of. The dashboard is quite simple and it's not complex to use.

We make changes on this Checkpoint Firewall as per customer demand. If they want to add a rule on the firewall we do that, and if they want to remove something we remove it for them. If they want to change the position of some rules or to allow or deny any kind of traffic, we do that for them.

In our organization we have a team of 20 - 25 network security admins. Sometimes the network team will also implement changes and they are about 25 people. Sometimes we get  the help of our managers to approve the changes or validate whether the change has been implemented correctly or not. If I sum it up, it's a team of about 100 people who directly use the solution, and they also take care of deployment and maintenance.

Which deployment model are you using for this solution?

On-premises
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Buyer's Guide
Download our free Check Point NGFW Report and get advice and tips from experienced pros sharing their opinions.
Updated: November 2024
Buyer's Guide
Download our free Check Point NGFW Report and get advice and tips from experienced pros sharing their opinions.