Check Point Remote Access VPN Reviews

We have always worked within the office. However, the COVID pandemic changed the course of our work in terms of where we had to implement new solutions so that we could all work from home. That was when I encountered Check Point; we had years with this solution in the facilities, yet, only during the pandemic did we have to innovate for a home environment. Today we have more than 6000 users working from home thanks to Check Point. This is possible due to the fact that, with a certificate and the client for this connection, every person can connect to our environment as if they were at the office.

We still have many areas of opportunity in which we must work, however, this has required us to improve our infrastructure in order to accommodate remote work. Since the beginning of the pandemic, we have had this solution and we have had many challenges since there are more than 6000 people who work from home. For security, we have an expiration time of the .p12 certificates and that requires updating passwords. Today, we are integrating this solution with a 2MFA system to give much more security to corporate.

The IPSec VPN, Mobile Access, and Identity Awareness are three of the blades with which we have been working with since the pandemic. This has given us great mobility, making our network more dynamic for connection to corporate due to the integration we have of Check Point via our AC or LDAP. 

We are creating rules by user and not by IP (which could be done both ways). We stick more to mobility inside and outside the corporate environment. Since then, corporate has been increasing security and keeping our workers happier.

The authentication that we handle is through a .p12 certificate, however, we have integrated it with a 2MFA service through another provider. Something that could improve Check Point is if it had its own 2MFA service through a blade or some sort of application. We'd be able to give a better experience to companies that already have a contract or Check Point services that deal with a work-from-home environment, giving greater scope and coverage from a single centralized dashboard.

I've used the solution for more than two years

The stability is the best.

The scalability is great.

 We have witnessed a fast response from the support team.

We did not use a different solution.

The initial setup was not overly complex.

We handled the installation in-house.

We've witnessed a 40% ROI.

The price is a little high, however, the solution is something that we recommend often.

We did evaluate other options.

We are hosting environments for our customers and ourselves. With Check Point Client, VPN users that aren't in their internal networks can connect via a secure connection into the internal network.

Remote users use different clients (Windows, Linux, and Mac OS) so depending on the customer, there is either a client connection or a clientless approach (using a web portal).

Users can also be identified if they use the Client VPN solution. If you want to identify them inside the network you have to use an IA agent.

Once set up, it simply works without issues.

The main advantage is that if you already have a Check Point Gateway in place you don't have to buy additional hardware. You only need to check if there are enough resources on the gateway for the additional load and decide how many concurrent users you need.

The installation was fairly straightforward thanks to the Admin Guide and the User Center.

Adding a Radius or similar to use for the user authentication can also easily be done so you don't have to create local users. Depending on the size of the user base I would also recommend MFA.

A normal Check Point Gateway has, with the base license, 5 concurrent users included. This means that in emergency situations you don't have to buy additional licenses.

During Covid, the license was increased and therefore it was easily possible to have several users working from home.

It's possible to either have a client installed on the user's machine, or have a clientless approach using the web portal. 

There is MEP functionality, so, based on the user's location, it minimizes the latency by connecting to the nearest entry point. 

The non-standard setup is quite complex as you have to do changes via GUI and CLI. Luckily, Check Point knowledgebase articles help you, however, there are so many resources you have to go through.

The Client VPN licenses are for concurrent users and there is currently no way to prioritize certain users over others.

There is no possibility to increase the number of concurrent users for a short time (except if you have unlimited concurrent users licensed). This could help during emergency situations where there are more client VPN users than anticipated.

I've used the product for over 7 years.

For a basic setup, implementation is quite easy.

Check Point Endpoint Remote Access VPN is without a doubt, really fantastic software. It allows me remote and secure access to my most important data, to the company's networks, and to corporate resources from anywhere in the world.

Regardless of where I am, it guarantees the complete privacy of all our confidential information through multifactor authentication and compliance analysis of the endpoint system.

All of this is very easy to configure using step-by-step wizards, and there are many guides to explain it.

Check Point Remote Access VPN has improved my Organization with:

• It has a built-in, centrally-managed Firewall blade, which allows us to filter traffic on the client-side.
• The built-in, centrally-managed Compliance blade is helpful. Using it, we check the client OS for the presence of the latest security updates and that the corporate antivirus software is up and running. It doesn't allow the client to connect to the office in cases where these rules are not satisfied. That prevents infected computers from connecting to the company's location and spreading threats.
• It is easy to install the Endpoint Remote Access VPN client on different platforms.
• It provides a stable VPN connection.

One of the features that I like most about this software is that it has a very intuitive, simple, and versatile interface that makes it easy to use and configure. It is compatible with several operating systems, and it has great protection against malware and any other cyber threat that wants to penetrate our endpoints.

It is fully integrated and centralized, which allows me to configure the security policy and view VPN events from a console.

Despite being very intuitive, the interface needs improvements. When you need to create something, you have to follow many steps and I think that should be simplified.

We've been using Check Point Remote Access VPN for more than two years.

I know that if there were any problems, the technical support team would solve them almost immediately. The team is highly qualified.

So far, I have not found any negative characteristics to complain about, since in general, the software works in an excellent way and it has never failed us.

We use the solution for our customers. Whenever the users work from home, they connect to the solution and are redirected to their network. It is very simple. They install the client, and the client makes a tunnel to the product. Once they are connected, they can enter into the network.

The policies are easy to use. Once we are connected, the entire infrastructure is safe, irrespective of the device we are using. There is no need to worry about safety. It's a secure tunnel that helps us access the network. It is a very useful feature. We can access the internal resources once we are connected to a VPN. We need not be in the office. The solution performs well.

The product’s architecture is a bit distributed. It should consolidate the architecture to make everything available on a single dashboard.

I have been using the solution for two and a half years.

The tool is stable.

The tool is scalable. We may need to opt for higher boxes. We work with enterprise customers.

The technical support is hardly good. The support team must improve its response time. It should also improve follow-ups through email.

Neutral

I have worked with Sophos and Array Networks. Check Point’s stability is better compared to other tools. I have frequently faced disconnection and other issues with other products.

The initial setup is not easy. We need to be skilled in Check Point to install the solution. The time taken for deployment depends upon the number of boxes we install. If we install one or two boxes, one or two weeks is sufficient.

Our customer needed to install more than 100 boxes in every region. It takes months to deploy the product at that scale. We need a team of 20 people to implement the tool for an enterprise. Once the installation is done, maintenance is easy. The product runs smoothly.

I recommend the solution to every vendor with Check Point as a firewall because it has great stability and security. We can terminate our VPN services to the same box if we're already using Check Point VPN. Overall, I rate the product a nine out of ten.

Our company works in the area of developing and delivering online gambling platforms. The Check Point Next-Generation Firewalls are the core security solution we use for the protection of our DataCenter environment, located in Asia (Taiwan).

In addition, there are about 30 Google Cloud projects of different sizes ranging from 10 to 250 virtual machines, and they are used for development, staging, production, etc. For every project, there is one dedicated scalable instance group of the Check Point CloudGuard IaaS gateways.

We user the Check Point Remote Access VPN to provide access for our employees to connect to the specified environments.

We use the Check Point Endpoint Remote Access VPN client to allow our remote employees to connect to our company's offices in a secure and reliable way.

We use the clients for Windows and macOS, with the current software version E82.30. The Endpoint Remote Access VPN clients are fully compatible with the Check Point NGFWs Mobile Access VPN blade, and there are no problems connecting to it.

The clients have additional functions, like Firewall and Compliance blades, which we consider as a strong benefit for using the pure clients.

Several remote sites are supported in the client configuration, which allows us to have the redundancy for the case when one of the Offices becomes unavailable due to ISP problems.

1. It is easy to install the Endpoint Remote Access VPN client to different platforms. Within the company, we use it for Windows and macOS.
   
2. Built-in, centrally-managed Firewall blade, which allows filtering traffic on the client-side.
3. Built-in, centrally-managed Compliance blade. We check the client OS on the presence of the latest security updates and that the corporate antivirus software is up and running, and do not allow the client to connect to the office site in the case where these rules are not satisfied. That prevents the infected computers from connecting to the company's location and spreading the threats.
4. Stable VPN connection.

1. The Compliance software blade is available only for the Windows operating systems family, so no macOS security checks are implemented and performed. This is valid for at least software version E82.30, which we currently use.
2. In addition, there is no full client of the Check Point Remote Access VPN available for the Linux operating systems families. That is important since some of our administrators prefer to use this OS even on their home PCs. We hope that Check Point would develop a client for Linux in the future.

I have been using the Check Point Remote Access VPN for about two years.

The Check Point Remote Access VPN clients are stable on both Windows and macOS.

The Gateway side part of the software scales well.

We have had several support cases opened, but none of them were connected with the Check Point Remote Access VPN. Some of the issues were resolved by installing the latest recommended JumoHotfix, whereas some required additional configuration at the OS kernel level.

Prior to this product, we didn't use any centralized VPN software before.

The setup was straightforward and simple.

Our deployment was completed by our in-house team. We have a Check Point Certified engineer working in the engineering team.

We did not evaluate other options because we already use the products from the CheckPoint ecosystem.

The Check Point Endpoint Remote Access VPN for MacOs and Windows are reliable solutions for remote access VPN, and fully compatible with the Check Point security ecosystem.

The primary use case of this solution is to connect to our internal network for accessing servers and clusters using Check Point VPN. End-users are, for example, students accessing computer labs and licensed software that can check academic licenses only within the campus network; further, our ERP folks could make good use of the VPN solution by remotely working on the Institute Management System infrastructure and can work efficiently without any hindrance. We also use its capsule app on smartphones to connect further.

Using Check Point Remote Access VPN has increased the overall productivity for users staying outside the campus and working remotely during this Covid-19 period. Faculty, students, staff, and research fellows as well as a lot of other eligible users have been benefited by securing the VPN license in order to run login remotely and access the project workstations, clusters, run simulations and submit their research work for the final thesis defense. It also allows for publishing in high-impact factor journals.

Once we install and connect the VPN service, it keeps on running until we disconnect. Moreover, the best outcome is when the end-users are able to check out software licenses through the tunnel and keep on working remotely from their home without any interruption. 

The VPN service works seamlessly in Windows and Mac. Only in the case of Linux or Ubuntu have we had to struggle a bit by understanding the SNX Batch file to get installed and run it. Moreover, in Windows and Apple systems the app is running on the system tray whereas in Linux we have to keep the Terminal Window Open.

The Linux version may have an app (similar to Windows) instead of a shell script. We have seen that in Windows and Apple systems the app is running on the system tray whereas in Linux we have to keep the Linux Terminal Window open otherwise the connection drops. Sometimes, we have noticed that the owing to installation of various antivirus and running of inbuilt firewalls (applicable to all operating systems); the connection for VPN sporadically drops and tries to reconnect. When this happens, we have to manually either disable the firewall/antivirus or reconnect the VPN again.

We've used the solution since 2015 or 2016.

We were using Cyberoam.

Users must pursue Proof of Concept as the functional requirements can vary.

We also looked into Palo Alto and Fortinet.

We are able to allow users to easily gain access to internal systems from outside the organization. No longer is coming into the office a necessary requirement for our users. They can seamlessly transition from home/remote work to going into the office while still having the same level of access. We also have many users that need to manage servers who are able to connect to the internal servers from anywhere - allowing them to still do their jobs from anywhere. Connecting to VPN doesn't require a ton of technical skill for those not in the technical field.

Users who need to work remotely for any reason can still do their jobs despite their location. The solution is also incredibly easy to manage. It's pretty much set and forget once the blade is turned out and configured. No day-to-day maintenance or configuration is required from the security operations team to keep it running which is welcome considering actual user help tickets are abundant throughout most organizations. Many times our service desk needs to enter the connection settings for our end-users, but that's about it.

Our number of users working remotely vastly increased during the COVID 19 pandemic. Check Point Remote Access VPN allowed us to quickly make the transition from in-office to remote work. There was no need to make any changes at the firewall level once we saw a large number of users go to work from home for safety reasons. If the VPN client was installed on their laptop they were good to go. The client also supports MFA, which is important, especially considering all of the remote work happening these days. 

There needs to be a way to create a VPN client specific to our environment so that we can easily lock down who can connect. The VPN client install should be specific to our environment. Our service desk does get some complaints about users not being able to connect. Sometimes it's because the VPN client has updated and they've lost their connection settings and don't have a record of the connection settings themselves. Other times, the VPN client needs to be reinstalled or upgraded to allow them to connect.

I've worked with the solution for more than 5 years.

The solution is very stable and requires virtually no maintenance.

The solution is easily scalable.

Diamond support is typically fantastic. However, lately, they make us wait for our diamond support person instead of giving us a different tech to work with.

There was no previous solution that was used prior to this product.

The initial setup was straightforward.

We handled the entire process in-house.

After implementing our GW and management security appliance in our public cloud infrastructure, we needed to establish P2S VPNs so that some users could connect to our offices safely to be able to access information and internal applications from anywhere.

This need begins when the sales department requires access to internal resources to be able to show solutions that we sell to clients. However, these connections were mostly from public places without security, which was clearly a huge vulnerability of the company.

Thanks to this tool, we managed to solve this need.

Check Point Remote Access VPN has given us the ability to provide access from a client to our network. It offers a simple and integrated installation with security measures such as MFA in addition to being able to enter our infrastructure in a controlled and secure manner. The solution not only provides access. It also generates monitoring and event logs and maintains connections correctly,

Thanks to all these security processes, our users can access our infrastructure with the certainty that we will not be compromised.

It is also essential to know that the users who can use the solution are under granular policies from the security application. Policies that can be applied to different user profiles guarantee correct and effective access for the different departments of the company.

Its implementation is very simple through the VPN blade in our Check Point gateway which is located and implemented within our public cloud architecture.

Its different monitoring and records generate the required tools to be able to provide good control of everything that happens during the connection time of the users.

Also, the policies can be generated as granularly as desired, and the portal is extremely intuitive. All this is a great help for administrators to manage VPNs.

The VPN remote Access blade could be improved. Licensing is extremely expensive per user and more so for large companies where the number of users directly impacts the cost.

The documentation for good practices and specific configurations is somewhat old, generally for versions before R80, which is why it is sometimes more challenging to understand them or be able to implement them,

Also, at the support level, response times can be improved, as the technical level for this type of tool is very good.

This is a very good tool and we have used it for a long time from our Check Point gateway. It's security management is providing the perfect and secure solution to connect from any location.

This solution is scalable in cluster and VSS architectures.

Previously we have used FortiClient to solve VPN problems. At some point, we also used the Azure P2S VPN. However, it does not provide security.

It is very necessary for a company to have the support of a partner so that they can provide you with cost estimates, documentation, and access to tests that are not publicly available.

We always seek to validate the documentation of each security tool seeking the most significant benefit for our interests and each of the company's needs.

It's a very good tool for VPN security. It is somewhat expensive, but they should evaluate it so they can have a more personal concept.