Check Point Remote Access VPN Reviews

In our environment, we have many users working remotely. It's important to control the flow of traffic coming and going to these remote employees, and isolate traffic when used for business purposes. We have to allow our remote users to access services from home as though they were in the office. However, at the same time, we need to control that traffic and make sure it conforms to our policy. Our environment is complex and requires advanced policies to look at traffic in very unique ways from different users. Check Point's policy management has allowed us to do that.

At the beginning of the pandemic, everyone rushed to get their employees working from home. Luckily for us, we already had a strong structure around how remote access would work and had it set up for many employees. 

With the groundwork in place, the transition to remote work was made easy by simply adjusting the policy (configuration). In part, this is because we were already prepared for a remote workforce, and that preparation came from within our organization, however, if it weren't for Check Point enabling us to adjust rapidly, then it would not have been an easy transition.

The unified platform view is great. Being able to manage NGFW alongside our Remote Access Policies allows us to control traffic in one way. Be it if our users are at home or in the office the same policy applies to them allowing us to have one corporate view on the traffic within our organization.

Being able to integrate the policy with things like Active Directory groups, Azure cloud objects, RADIUS integration, and load balancing capabilities is wonderful. All of these things are built into their NGFW policy which we leverage to implement on our Remote Access policy.

The ability to allow split-tunneling while still following our corporate policy needs to be on the table. Right now, in order to allow the same policy to apply, the users' traffic must be routed up to our NGFW before going out to the internet. Having a method to apply the same policy to the client for outbound traffic while connected to the VPN would be huge.

Some things like the compliance aspect of the VPN Client can be updated to bring it a little more modern. It's very useful for checking things like Windows Updates levels before connecting, however, it could use a facelift since it's still quite old-looking.

I've been managing Check Point's Remote Access VPN for five years at my current employment, and had used it before at a previous employer.

The solution has been solid for me for over five years.

I get the impression this could scale up to whatever you need. Scaling issues might only be moving to clustered resources and setting up load balancing on gateways. Once you get big enough you should be able to scale up to your needs.

Support has been great 98% of the time. There's always one bad experience, yet, overall I wouldn't rate them based on that. If they need to get their experts online to help solve a problem, they have plenty and are willing to work through really deep subjects. I never worry with their support.

Positive

At our organization, we did not use another solution before this. That said, I have used other products in the past. It's been many years, so I'm sure those other vendors have had time to update their products too, however, since I've been managing Remote Access with Check Point, I've always been really impressed.

Setting up the VPN Clients is simple once you've already got the gateway in place. If you have to setup the Gateway, it will take a bit of knowledge and expertise.

Our in-house team set it up. That said, I have been working with network devices for a long time.

ROI on the VPN User license itself returns within a couple of months of you using it. However, if you have to make the investment into buying gateways for the product, then the ROI could be one year (if your whole organization is working from home), or up to three years if you barely use it.

You need to be an NGFW customer already. Otherwise, you'll need to purchase the gateways in order to terminate the VPN. That much should be obvious to anyone. Once you have the gateway in place, there is a VPN User license you need to purchase, however, it is very minimal in cost compared to other infrastructure.

We inherited the Check Point when we took over. Then, when the topic of remote access came up, it made sense to use what we had and just buy additional licensing rather than buy a whole new product.

Check Point products are typically not cheap, however, I've found it's often due to the fact that you can do a lot with it. 

I recommend Check Point products to anyone who is going to have the time and expertise to administer them. You're going to be able to do what you want to do, engineer a design that works for you. If you want to just plug it in and forget about it, then this might not be the product for you. That said, for those who do just want to plug something in and forget about it, I warn you to be cautious. When it comes to Remote Access, you don't want to ignore this. You want to be looking at it and you want to monitor it, otherwise attackers will take advantage of that weakness. This is where Check Point allows you to monitor the edge, while granularly controlling it.

I use Remote Access VPN for clientless applications, setting up WireGuard tunnels, and WireGuard VPN as a service. It provides remote access for SIP setups, allowing users to connect securely through a VPN.

The most valuable features include application access, clientless application access, and WireGuard. These features make it easy to deploy and offer a user-friendly interface. The complexity is hidden within a full mesh network, allowing seamless user-to-application connectivity with minimal delay.

Automations for cloud integrations need to be expanded, and currently, developers have to manually configure APIs, which is not developer-centric. Improving this process could enhance the solution's scalability and efficiency.

I have used Check Point Remote Access VPN for two and a half years.

Some connectivity issues arise occasionally, especially when accessing the internet or using other applications. The installed client sometimes reconnects, possibly due to conflicts with existing VPN solutions.

The solution is extremely scalable, with an eight out of ten rating due to its mesh network and ability to build WireGuard tunnels. However, additional automation is required to enhance its enterprise features.

Customer service is excellent. Support is integrated into the product, making it easy to access without needing to search for contact information. There is an icon in the portal for online support, and Check Point local support promptly replies to queries.

Positive

On a scale of one to ten, I would rate the initial setup of Check Point Remote Access VPN as ten because it is super easy to set up.

The pricing is rated eight to 8.5 out of ten. The costs increase with the purchase of advanced features. Licensing issues need to be sorted as different features require separate licenses.

The best solution for small to medium businesses. Licensing issues need to be sorted out. For example, features like CASB and browser security should be bundled. Having automations will help scale to other scenarios.

I'd rate the solution ten out of ten.

Remote Access VPN (Remote Access VPN) allows users in our organization to connect to a private network to access services and resources remotely. This connection is secure and is made through the Internet. It came to support us so that users, whenever they were outside the organization and were supporting customers from any region, could have secure access to the corporation's data. 

Another important point is when our executives travel to regions where certain access to services is blocked. The VPN helps us bypass that block. Since a VPN can hide your real IP address, it can help you bypass geo-blocks, as the platform the one you want to access will think it is from the “correct” geographic region.

The solution is giving us security when it comes to sharing our data safely through the private and secure tunnel that is created when creating the VPN. The VPN hides your IP address and encrypts your online traffic and it essentially ensures that your fingerprints cannot be traced on the Internet. Online hackers won't be able to use your real IP address to discover your personal data, and government surveillance agencies and ISPs won't be able to monitor what you do online by snooping on your traffic.

In addition to helping you avoid government surveillance, it also helps keep your privacy safe from advertisers.

In terms of the way they ensure traffic, an example is when we use Wi-Fi in public areas.

WiFi is everywhere nowadays and it is extremely convenient to use, especially if you have a tight mobile data plan. The only problem with free WiFi is that it's often unsecured, which means you're putting your personal data at risk every time you use it. After all, cybercriminals can find out a lot about you, which can lead to them stealing your:

• Credit card details
• Bank account details
• Email login credentials

However, if you use a VPN, you won't have to worry about those dangers. A VPN uses encryption to protect your online communications, making sure no one can monitor it. Basically, if a hacker tried to see your connection traffic, they would just see nonsense.

That the level of Remote access VPN was higher by default as other brands do it that way. In the case of Check Point, they are not like that. The maximum it is giving us is only 5 licenses and if you need more, they must be purchased separately. From my perspective, it should be added to the same cost as the general license, and that well explained makes the product more attractive. Many organizations would have this need, as many are moving off-premise. We have great executives and entire corporate teams that perform work tasks from home.

I've used the solution for about 2 years.

Since SARS-COV2, most users went to work from their home office, so we needed to have an robust, secure, and stable VPN connection. We implemented Check Point VPN and we have had no problems with it. We are almost 50 users working from home securely. Also, the access rules based on VLANs have helped many users get access depending on which connection they have. For example, some users with VPN connections can only access some specific servers and ports, however, when they are on an internal LAN, they have access to the entire network.

We have more control over the activity that users have on the internal network, thanks to the monitoring offered by Check Point and the security provided by the gateway. 

I'm the IT manager for the company, and my work has been improved due to the fact that, in conjunction with VPN, we implemented the Endpoint Security client so we can manage our client's computers even if they are not physically in the office. When we need to remove some users from a VPN connection we just need to lock the account and use the assets console to disable the feature from the client's computer.

The combination of the user accounts for the VPN with the access rules provided by the security gateway gives you more control and specificity about who has access to what. For external users, we can offer a solution based on the internet needs and we are able to share information on a secure channel. We can specifically point to the desired resources in the organization without the need to install any additional software on external client machines.

It needs to improve the capability of the Secure browser VPN connections. Some in-house applications didn't work due to the use of JScript and the backend and front end technology for the applications. In the case of URL translation of the VPN Web portal, the requests made from the front end to the back end weren't valid (due to the use of dynamic subdomains). In the case of host translations, the request was made to the same host, however, we cannot specify the ports, which, in our case, are used to redirect to different servers.

I've used the solution for over two years.

It's very stable, however, I recommend some scheduled restarts for cleaning connections and processes.

It is very easy to manage the solution and also the integration.

I have had a good experience with the support tickets that I have dealt with.

Positive

Previous to Check Point, we didn't have any gateway security.

The initial setup was a little complex as it was the first time working with Check Point.

The implementation was handled by an in-house team.

We expect that investments is recovered in two years.

The pricing is fair and the support team is good.

We were evaluating Fortinet as well.

Check Point is very reliable and secure.

We use Check Point Remote Access VPN to provide access to employees, vendors, and advisors. They access the company resources - especially now that most people are working from home over the course of the last year. We also use it for specific companies that give us remote support to some applications, such as our parent company. Our admins access our company servers and resources. We're using Remote Access VPN with specific profiles for them that only give access to some resources.

We have three distinct environments. Server, DMZ, and User/SHOP. The firewall connects to the internet and those firewalls are the ones that the people connect to for the Remote VPN. We have the Blade enabled and they access the company resources as if they were working at the office.

The headache of connecting has been removed. It's very stable and we don't have any issues with it connecting. We have a large majority of people that were using nothing and always coming to the office. However, since the last year, we have a whopping 75% of users that have switched to using Check Point Remote Access VPN. The biggest advantage of Check Point Remote Access VPN is that we already use the Check Point firewall. We only needed to enable the feature and do the configuration in order to enable the VPN feature. We didn't need to buy or manage new hardware. This was a big advantage.

The biggest advantage of Check Point Remote Access VPN is that we already use the Check Point firewall. We only needed to enable the feature and do the configuration in order to enable the VPN feature. We didn't need to buy or manage new hardware. This was a big advantage. 

The integration with two-factor authentication for remote access users is another valuable feature. In our case we use RSA.

Those two are the most valuable aspects that we have on the solution. It also gives us the possibility to securely connect to the company resources, without Check Point security measures.

Another great thing is that we already have all the logs from the firewall on the SmartPortal as the remote VPN also integrates into the firewall. We can see all the logs on the same tool because we also have a fully secure solution for Remote Access VPN. For full operational security, we need to manage the different hardware from the firewalls and the logs that are not in the same place. This is another valuable aspect of this solution.

Having access to those logs affects our security operations because if a user calls the support but does not have access to the VPN, we can see on the same tool on the SmartPortal and troublshoot. 

We don't have any specific complaints. We are very happy with the Windows client. You log in with the VPN for the full client, you do the log in right from the software itself. For Linux machines, they don't have a full client to install. For the users that utilize Linux, there needs to be an equivalent. The documentation of the software needs to be more accessible. If an end-user wants to have access to customized training from the company, that should be able to be built-in. I would add that feature. 

I've been using the solution for around 1.5 years.

The stability is good. It's a never-fail.

The scalability is great. We deploy to 5000+ users.

It's second to none but we haven't needed it a lot. 

We used to use Fortinet. We switched because it was hard to deploy. 

Just pull the trigger on a 3rd party. Not complex at all. 

We used both a vendor and in-house talent. 

The ROI was instant and around 54%.

Go with a third party and get it set up correctly. It may be costly but it's worth it. 

We didn't evaluate anything else. I knew a vendor and had used the software before. 

Get this software installed as soon as possible. It's a smart move. 

Our primary use case is to provide a remote access VPN to organization users so that they can access the organization servers or resources easily from anywhere.

With the help of Remote Access VPN, our organization's users can connect to our network easily and access servers. This has increased employee productivity.

The most valuable point is that it provides multi-factor authentication (MFA), which increases security by requiring an add-on verification method and ensures that only authorized users have access to the network.

The knowledge base can be improved for advanced troubleshooting. For new users, configurations might be complex. This can be also improved. 

We have been using this solution for the last year.

The stability is excellent.

The scalability is very good.

Our experience with customer service and support is excellent.

Positive

We are using the same solution.

The initial setup was very easy and straightforward.

We implemented it through an in-house team.

As per the market, everything looks good.

No, we haven't evaluated other option

We use Check Point Remote Access VPN for security features.

We encounter challenges for the product’s installation and troubleshooting processes compared to other VPN products. It is difficult to restore settings in cases of connection failure. This particular area needs improvement.

We have been using Check Point Remote Access VPN for five years.

The product is stable.

We have 3000 Check Point Remote Access VPNs in our organization. It is a scalable product. We can increase and downgrade the access as much as possible. The usage depends on the licensing model.

The technical support team only responds to the problems where the device stops working. Apart from that, they don’t reply to normal issues.

Neutral

We used ForcePoint before. In comparison, Check Point Remote Access VPN is stable and easy to connect.

The product is easy to maintain. It takes a few days to install and troubleshoot.

The product has average pricing. We purchase its yearly pricing.

I advise others to use the product instead of multiple SD solutions and hardware products. I rate Check Point Remote Access VPN a seven out of ten.

Check Point Remote Access VPN provides strong security features, including encryption, authentication, endpoint security, access control, and centralized management. These ensure data protection and access control for remote users, making it a reliable solution for maintaining security in remote access scenarios.

Improvements for Check Point Remote Access VPN could include enhancing mobile connectivity for a smoother user experience, bringing it closer to the level of Cisco AnyConnect, which is considered more user-friendly.

I have been working with Check Point Remote Access VPN for almost four years.

My experience with tech support for Check Point Remote Access VPN was okay, but I find Cisco's support to be better. Overall, I would rate Check Point's support around six out of ten.

Neutral

Installation of Check Point Remote Access VPN is straightforward and it involves agent deployment to user laptops, enabling easy connectivity. Maintenance is low-cost and manageable, even for small teams, as configurations are straightforward. Network security engineers need to specify network segments for traffic segregation, but overall, deployment is automated, minimizing manual intervention and complexity.

The pricing for Check Point Remote Access VPN is average. Firewalls, whether physical or cloud-based, tend to be expensive, and Check Point's offering is no exception. While cloud options may offer more flexibility, physical devices have significant licensing costs, often totaling thousands of dollars.

Remote Access VPN, like Check Point's solution, is user-friendly, requiring only client installation for connectivity. It is useful for employees accessing corporate networks remotely and for granting controlled access to contractors or vendors. Competitors like Cisco's AnyConnect exist but Check Point Remote Access VPN is highly regarded for its functionality and reliability.

Check Point's Remote Access VPN is user-friendly and efficient for connecting via laptops, offering a straightforward setup without complex configurations. It simplifies access to specific divisions within a corporate network, making it suitable for end-users without extensive security knowledge. Although challenges may arise with mobile connectivity, the overall experience is smooth and accessible.

MFA adds an extra layer of security to Remote Access VPN. For example, users might need to enter a code from an authenticator app on their phone in addition to their regular login credentials. This ensures enhanced verification of user identity and helps protect against unauthorized access.

Overall, I would rate Check Point Remote Access VPN as an eight out of ten.