Check Point NGFW Reviews

While the solution is good, we wish to have something that is a bit better, as the threats have evolved over time. We have been using Check Point for more than than eight years and are interested in a better solution. We entered a review site which ranks top security firewalls and saw that Palo Alto is ranked number one, followed by Fortinet, with Check Point in the lead. We noticed that Palo Alto was much more expensive than Fortinet, but wished to know which key features differentiated the two. 

Though we did not take issue with the price of Check Point NGFW, we felt that it was providing us with inadequate support here in Uganda. This is why we decided to switch solutions. I should note that I do not have a technical background and am responsible for procurement. 

The value we were getting for our money was an issue. I work for a bank for which security is very important, but we were not being assured of the appropriate support. The licensing fees we were paying did not equate with adequate local support. We had already had a bad experience with Check Point, so we did not bother with a quote from it and, instead, got one from several local companies that can support either Palo Alto or Fortinet. 

We do not feel that the local support given in Uganda is equitable with the pricing. 

While the pricing is okay, the local Ugandan support one gets is not commensurate with it. 

I rate Check Point NGFW as a six out of ten. 

Our customers primarily buy the solution to protect the network from malware at the perimeter of the Network. The next-gen firewalls help the customer to have an application-level control of the traffic.

The features that I have found most valuable are its flexibility and user interface. This is already a well-established product in the market for quite a long time, more than 20 years. They've got a huge customer base.

In terms of what could be improved, I'd like granularity where you can have all the levels of policies that are defined. 

In additional feature that could be added to this solution in the future is micro-segmentation, like Palo Alto has on the firewall itself.

I began using Check Point Next Generation Firewall very recently, about four or five months ago.

We have an internal team for maintenance.

In terms of scalability, what we have seen is that it has a big deployment right now. So it all depends on what kind of environment the customer has. If he's already a Check Point user, it is easy for them, but if it is migrating from one platform to another, it is a little complex. One more thing is that the skillset availability required for Check Point is, in terms of implementation, a little less compared to others. The resources and the technical stuff are there for implementation. You find fewer people on Check Point compared to Sophos or Fortinet or any other platform.

The installation process, if it is a greenfield opportunity, is easy. If it is a migration from one platform to another, you need to have expertise on both the technologies. Let's say for example you're migrating from Fortinet to Check Point, or from Sophos to Check Point or Check Point to any other, you need to have expertise on the platform, even though you should have good experience in terms of migrating and technologies.

In my experience, Check Point provides both in-depth experience and cost-effectiveness compared to Palo Alto. So, Check Point is good for customers already using Check Point and Palo Alto is for anybody who wants to have the latest and most advanced features and has a good budget.

On a scale of one to ten, I would rate Check Point NGFW an 8.

We are a system integrator and the Check Point Next-Generation Firewall is one of the solutions that we implement for our clients. It is primarily used for data protection, VPNs, and sandboxing. We also use it in our own data center.

The most valuable features are application control, regulation, and threat prevention.

Compliance and centralized management can be improved.

I have been using the Check Point NGFW for perhaps ten years.

This firewall runs 24 hours a day and it is stable.

It scales okay because they are SCADA compliant and follow the industry standards. It is best suited to enterprise-level organizations.

Technical support is located in Prague, Israel, and America. The support is good and they are quick.

We have also worked with Fortinet a little bit. We switched to Check Point because our team is a perfect fit for it. We know the solution well.

The length of time required for deployment depends on the size of the environment. Our largest solution took us between 10 and 20 days.

We have a contract with the vendor to implement and deploy this solution for customers. There are three engineers on the staff who are responsible for maintenance and support, including dealing with tickets.

In total, working with this solution, we have four engineers and two junior administrators.

It is quite an expensive product, although security is a top priority. For people who want security, the price is not a problem, and everything is included in the price of the license.

This is the number one, best firewall on the market. My biggest complaint is that the centralized management has to be improved.

I would rate this solution a ten out of ten.

We primarily use this solution for routing and the protection of our internal corporate network.

The most valuable feature is the management using the Single Pane of Glass.

The user interface for management could be improved.

In the future, I would like to see support for SD-WAN capabilities.

I have been working with the Check Point Next-Generation firewall for four years.

I would like to see better stability in newly-released versions.

The scalability is very good.

Dealing with the support team in Israel can be a struggle because of the difference in working hours, holidays, and priorities.

I would with firewall solutions from several vendors including Palo Alto, Fortinet, and Meraki.

My advice for anybody who is implementing this solution is to ensure that they have good support from local experts. The biggest lesson that I have learned from using this product has to do with the capabilities of the smallest models. Care should be taken to select the appropriate one for your environment.

I would rate this solution an eight out of ten.

We use this product as firewall protection.

We are a utility company, so we need efficient antivirus protocols. The firewall support is extremely important to our organization. Checkpoint helps us protect our company from outside threats.

It is easy to configure and it is a valuable antivirus protection. I especially like the IPS feature of this product.

The presentation of the reports need to be more user-friendly. 

Sometimes we have problems. In those cases, we just need to reboot the system.

The scalability of the solution is not great for us because we have old equipment. With newer equipment, I think the scalability would be much better. It is no fault of the solution itself. 

The Checkpoint tech support takes a long time to resolve problems. 

Prior to Checkpoint, we considered Cisco. 

It was a complex setup. We had a partner configure the equipment. 

The price is high in comparison to other solutions. 

We are currently considering Fortinet as another possible option. 

After much evaluation, we have decided to change our firewall.

We are using Check Point NGFW as a firewall for our organization. All the internet traffic goes through it.

The separate management feature of Check Point NGFW is very convenient.

I have been Check Point NGFW for approximately five years.

The solution is stable when it is running incapacity, if it goes beyond it can be not stable. There could be more stability by having more ports or CPU power.

The solution is scalable.

The technical support is really poor. We have to wait for approximately 48 hours sometimes for a simple solution.

The installation is not straightforward.

We needed help from the Check Point expert experts because we deployed it in the HA. It's a bit different from the other firewall vendors. You need a Check Point expert to deploy it initially.

We have a five-person technical team for the maintenance of the solution. We use managers, admins, engineers, and developers.

I rate Check Point NGFW an eight out of ten.

Primarily, we implement the solution at a couple of sites around the world and have created five site VPNs across it. We are running a pretty decent policy to make sure internally our infrastructure is secure.

The product offers excellent security. How open they are with new risks and new vulnerabilities is very helpful in the task of keeping our company safe from malicious attacks.

Newer versions are much more stable.

The UI could use some improvement. It's not as clean or seamless as it could be. 

It's my understanding that the initial setup is a bit complex. There's a bit of a learning curve if you're trying to set it up for the first time and you aren't familiar with the product.

Older versions were a bit unstable. 

We've been using the solution for six or seven years so far. It's been a while. 

While this version seems to be quite stable, Check Point, in previous versions, had a lot of issues when we used to do firmware updates.

We have 200 people on the solution currently. 

I also have experience with Fortinet. I don't have too much, however. It's still very new to me, and therefore it's hard to compare the two solutions. 

While I didn't directly participate in the implementation, from the people that participated, I've heard that it's complicated if you don't know the product very well.

We hired a company to do the implementation. I don't remember the dynamics of the team. The last time it was set up, there were two people on the implementation team. 

While we don't have a direct relationship with the company, we do have business relationships with both Fortinet and Checkpoint partners.

I'd rate the solution at a seven out of ten.

We use this solution for perimeter security and data center security.

On the firewall side, the security efficacy is good. The interface for application filtering and application-based policies is also good. They have good roadmap on the cloud as well.

This solution requires management software that is sold separately; it's actually a different appliance altogether. For smaller customers or smaller environments, this becomes an added entity in the environment. Not to mention, they'll also have to invest a lot in the necessary management stations. If that came built-in, it would really benefit smaller businesses. 

The performance when you enable decryption could be improved. That's a CPU-intensive task. Many customers struggle if they try to implement decryption — it can really hamper the performance. It's probably something to do with the appliance or the hardware design. This needs to be examined further.

I have been using Check Point NGFW for roughly five years. 

This solution is quite stable. Performance-wise, I have seen customers using this solution for years without issue. 

There are different models available. Sizing can be done accordingly. They have a good range of versions available for small to large data centers. So, scalability is definitely there. 

As I am not an end-user, I haven't really had any contact with support. Still, none of my customers have had any complaints regarding support.

The initial setup was fairly easy. Still, compared to other vendors, the learning curve is a bit complex. 

Compared with Palo Alto and Cisco, the price of this solution is quite fair. Compared to Fortinet and other vendors, it's probably a little bit on the higher side. Really, it all depends on what you get at the end of the day.

Overall, on a scale from one to ten, I would give this solution a rating of eight. 

I would definitely recommend this solution. It's a good platform for perimeter security. In an enterprise, you need good security. There's endpoint security, network security, and cloud security. Check Point's strongest point is network security; they still need to catch up on endpoint and cloud security. If you're interested in integrating all of these tools, then there are better products available. However, as far as network security is concerned, Check Point is really good.