Check Point Remote Access VPN Reviews

We use Check PointVPN to securely connect to our main office systems, which are behind a firewall. This ensures that all incoming and outgoing traffic is encrypted and secure.

The security of the solution is a good feature, the stability is a valuable feature, and the customization is also a nice feature.

The provisioning of VPN users has room for improvement.

The solution can improve by providing an option to centrally manage and upgrade client applications on a PC.

I have been using the solution for five years.

We found the previous checkpoint version to be quite unstable, as it would occasionally cause issues with the VPN caching every two months. However, we have since updated the solution and the stability has improved significantly, with no further occurrences of this issue.

The solution is licensed-based, so to scale up we only need to add more licenses.

The tech support isn't great. They take a long time to get to our ticket. Their initial response was fast, but after we provided the information they asked for, there was a month of silence before we updated the ticket again. Ultimately, the problem was resolved with newer versions without any response from tech support.

Neutral

I previously used Mikro Tik VPN which is cheap and includes enterprise features but is hard to configure.

The initial setup is straightforward if we are knowledgeable about the task at hand. However, it is recommended to consider a few things and to have a reliable technical support team to assist with the initial deployment. For a small company, the first step is relatively straightforward. However, if we are looking to scale up, we may need to enlist the help of a consultant to properly configure the necessary parameters, as there are many of them to consider.

Once we have configured users, access lists, written firewall rules, and deployed clients to endpoints, the next step is to educate employees on how to use the solution.

On average the deployment took around two weeks to configure all the certificates. This included preparing laptops and PCs. For just the VPN with central management deployment, it would take one week.

Our deployment was completed by two people.

I give the price of the solution a five out of ten. 

We have a subscription-based license.

I give the solution a seven out of ten.

We have 250 people using the solution in our organization.

Managing updates to endpoints can be a bit of a hassle, but there isn't much maintenance required.

I like the fact that Remote Access allows the administrator to control and manage things. It makes things smoother, and it has been an excellent experience. 

We started with 50 users, but our numbers are increasing. Now it's difficult for us to maintain a steady internet connection and remote access, so we want to upgrade. We are considering a switch to FortiGate. I think they may have better service than Check Point offers. 

Scalability is where we're having problems now. Generally, Check Point has been working fine, but we need something that can accommodate many users and provide a steadier internet connection. Our remote users need to access the VPN without any issues. Of course, this could also have something to do with our internet connection at the organization.

We've been using Check Point to manage sites we need to block. It gives us the option to totally disable things, but it does not let the administrator create exceptions to allow specific users to access certain websites. Check Point could enable the administrator to permit users to access particular sites. I think the VPN we're using may have exceeded its lifespan. For example, if you check Instagram on Check Point, you might not even see it showing up, and it's difficult to restrict access to specific applications. 

We started using Remote Access VPN sometime in the past five years.

The connection has gotten less smooth as the number of users increases. The issue is that the logs fill up quickly. Too many users are connecting remotely. It worked great when we only had a few remote connections. Now, it is disconnecting people and dropping the internet connection.

It fills the logs and cuts off our connection when it gets full. It stops working. It's time-consuming to reset the device and reload the backups. It takes us about two hours because we would need to reconfigure those routes and integrate them with the IP addresses we have set up.

The setup was straightforward. Everything was populated on Check Point, so it was easy to select what we wouldn't allow. We deployed on-premise because we have the space and infrastructure to support it. 

The deployment didn't take long. Two IT people are responsible for the deployment and maintenance. The online documentation will walk you through the process. When you do a manual reset by pressing the button, it guides you through the setup process. You only need to follow the steps. 

After that, we import our backup file, and it populates. Next, we run the updates and check we forgot to configure anything else. Some backups are older and might not align with what we have running on the ground. 

I haven't seen an ROI.

The cost varies. I believe the price ranges roughly from about 3000 to 4,000 ZWD. I don't think it gets any lower than that. The initial cost is high because you need to buy the hardware, and you incur some setup costs, but the expense drops in the long run.

So far, I have not tried any other solutions. I'm doing the research now. I'm still shopping around, trying to understand what's on the market before deciding.

I rate Check Point Remote Access VPN eight out of 10. Aside from our current performance issues, it was smooth and flawless. I'm still shopping around. I was content with Check Point, but I want to see what's out there. I'm interested in knowing more about other available solutions. My primary goal is to avoid going through this process again two years from now. I'm hoping the next product will be a long-term solution, and it will be a while before we consider upgrading to something different.

Check Point Remote Access VPN is used to allow our employees to use the corporate resources or remote access to the corporation and lightweight on resources.

The most important feature of Check Point Remote Access VPN is the multiple factor authentication.

Sometimes we have some small problems with Check Point Remote Access VPN. For example, problems with authentication.

I have been using Check Point Remote Access VPN for approximately three years.

We have approximately 1,000 users using this solution. We do not have plans to increase usage at this time.

The initial setup of Check Point Remote Access VPN is simple. The deployment took us approximately two weeks.

Check Point Remote Access VPN is not expensive and the cost is annual.

I rate Check Point Remote Access VPN a nine out of ten.

This functionality is very practical to be able to connect to the business network from anywhere; the monitoring that can be provided and the granularity in the VPN to provide control to users is really good.

It offers excellent performance to be able to connect our users to business applications outside the company perimeter.           

It is easy to use and has an easy-to-use connectivity agent, and can be integrated with MFA to provide an additional layer.

In these times when the priority is telecommuting or working from home, it is essential to provide accessibility to the company safely. Through Check Point it was possible to provide this essential comfort to users who work in this modern format.

One of the features that draws a lot of attention is the integration of the remote VPN application in our Check Point gateway and management server, where it is easy to use.

The granular control and access under the Check Point policies made applying a zero trust policy much easier, providing greater security.

The integration with MFA through a configuration and integration with Azure is quite good, providing security to the user's identity. It is a very important feature where everything is tried to shield against modern vulnerabilities.

The license is included with gw licensing, however, in terms of the number of users that can be activated for use.                                                                                       

In our case, we quote additional licensing and it is quite expensive for remote VPN, other manufacturers are not so expensive.

The support provided is slow, in addition to the fact that the service hours are contrary to ours, which generates slower problem solving, I think it is important to improve this area.

This is a not-so-new tool that can be used in our gateways and management products. We have used these VPNs since we started using our environments with this manufacturer.

On a personal level, I had previously used Cisco and Azure VPN, among others, however, the control generated with Check Point is not the same. It is much better.

It is essential to validate how many remote VPNs are required, check costs, and see if they are within the scope of the company.

We validated the scope against other manufacturers and were satisfied with the security features provided by Check Point.

On a technical level, the tool is very good, and safe, in addition to providing a lot of control.

We came to need a solution that would allow us to connect quickly and easily from our homes or from anywhere, and it was at this point that we integrated and enabled the Check Point Remote Access VPN. With it, our employees could log in from anywhere at any time. 

This solution allowed them to have the same experience that they had in the office, and they could access all the resources that were necessary for their work. 

This solution helped us mainly with the shift to remote work. Before the pandemic, everyone worked from the office. Today, more employees have become digital nomads. 

In terms of infrastructure, we can say that we have benefited since employees are happier being able to work from home. They make better use of their time and have become more productive. 

In the case of the organization, the impact is in being able to have to rent fewer square meters. This helps with annual returns since those operating costs have been reduced.

Everyone has told me that it is simple and easy to use. 

One of the most outstanding features is the ability to deliver third-party services and achieve double authenticity with integrated identities. We have SSO (Single Sign-On). It is a 'unified' or 'single authentication' which can be integrated to improve security in startup services. This is an advantage due to the fact that you can use the integrated services or the third-party services that you already have, and you will not incur more costs. 

I would like this service to be easier to manage when you integrate it with third parties. 

Although it is complex to configure, I cannot complain that it is complete and it is worth being able to use and integrate it. However, any administrator would welcome any changes that made configuration simpler. 

We would like the ability to perform remote access with the VPN in the future with any type of device. Lately, Android applications tend to have more errors. I hope that this will be solved in the future. 

I've used the solution for one year.

We've used Check Point VPN to move from an on-premise VPN Cisco product to a VPN built on the cloud. We decided to use Check Point as it was fully integrated with Microsoft Azure and present on the Azure marketplace. We deployed this solution on different subscriptions and used the MEP function to reduce users' latency on the VPN. The implementation has not been very easy, and the implementation of MEP has taken months. There were a lot of hotfixes to install, and the CLI configuration on the files had to be done. The configuration, in fact, can't be implemented using a GUI.

The solution has allowed us to remove the on-premise VPN solution and to remove firewalls from the data center. The solution implemented on the cloud allows us to easily scale in cases of increased users - such as during the pandemic, where all users had been moved to Smart working and to a VPN. In fact, in February of 2020, when we closed all of our offices and gave all users the possibility to work from home, we had licenses and CPU problems on-prem. The Check Point solution offered us an unlimited number of users and that made the solution very scalable.

I found the MEP feature the most valuable. This has improved users' latency allowing the users to connect to the nearest Azure Check Point VM. 

The Multiple Entry Point (MEP) is a feature that provides high availability and load sharing solution for VPN connections. A security gateway on which the VPN module is installed provides a single point of entry to the internal network. It is the security gateway that makes the internal network "available" to remote machines. If a security gateway should become unavailable, the internal network is no longer available as well. An MEP environment has two or more security gateways to both protect and enable access to the same VPN domain, providing peer security gateways with uninterrupted access.

The main problem with Check Point is that some configuration can be done with the smart console in GUI, however, some others need to connect to the firewall via the CLI on SSH and therefore you will need to modify the local file on the firewall with VI. 

ASA is so easy to reserve some static IPs based on users, however, in Check Point, it is really difficult to do so. In addition, you can't reserve as static some IP that you are assigned dynamically to a local pool. 

You have no ability to reserve a total number of licenses. The VPN user licenses are assigned per gateway, and if you enable the MEP function is not so easy to size the gateway licenses. 

The configurations that you do to modify local files are not reflected in the GUI via the smart console. 

We have been using this solution since 2020.

The solution isn't really stable. Maybe the last versions of R80.40 and R81 were more stable, however, the upgrade (if you have another old version) is really difficult and you have to rebuild the solution (if you are on Azure cloud).

The solution is really scalable. You have to know that if you want to scale the solution you will have to configure and rebuild an SMS server with high CPU/memory resources, however.

Unluckily the experience with support, especially in India, is really poor. It's best if you open a case using the Israeli team as that one is better.

Yes, we were using CIsco ASA on-premises. We switched because we were moving our data center infrastructure onto the cloud.

At first, the implementation was not easy to set up. We found many bugs and we had to install different hotfixes and upgrade the version more than one time.

We implemented the solution via a hybrid approach. Check Point professional service is really good, however, our third-party implementation team was not very good.

At the moment, we have not reached the ROI point.

I'd advise users to pay attention to the sizing of the solution. There is not an intermediate number of licenses. It's very easy to go to unlimited users licenses.

We have gone with the Check Point solution due to its cheap price. Other options we considered were Palo Alto with Global Protect, Zscaler with ZPA, and Cisco Firepower implemented on Cloud.

I suggest that if you want to implement this Check Point solution you should have good knowledge of the system as well as a system integrator or direct contacts in Check Point. In case of any issue, the support is poor and it's not easy to solve issues using technical support. 

We use this solution to permit the connection to on-premises resources to internal and external users.

We use rules specific to external users based on the real access needs of the specific company, whereas, for internal users, other rules are used.

Users connect to our headquarters and then through private connections, they reach the resources distributed in the various locations. Using dual-factor authentication, we improve the identity security of the users and also protect our company.

Check Point has been our strategic partner for approximately 15 years. 

Check Point Remote Access VPN has improved our organization because it has allowed remote access to various users. This includes external consultants who use their devices to access our resources, as well as internal users who use corporate devices for remote access.

With the current pandemic, the use of Smart Working has increased considerably and this solution is essential to meet the needs of users.

With the latest version, we have introduced dual-factor authentication and in this way, we have greatly increased security on the identity of the people who connect. It also allows clientless connection with major operating systems.

There are many features that make this solution interesting.

For us, it was essential to integrate with Active Directory, which is our credentials repository. 

The option of using SSL VPN, which is clientless and does not require the installation and configuration of a specific client, is a very important feature. Especially given that the latest cyberattacks are against dual-factor authentication, it allows you to significantly increase the security of the identity of the people who connect.

I would like to have the ability to specify different policies in a simple and quick way, depending on whether I am using the secure remote client or the SSL VPN.

It would be very useful to be able to apply different policies depending on the authentication method. For example, an 801x authentication can have different native permissions from those who enter the username and password.

In an environment with multiple cluster checkpoints, the global properties common to all clusters in some cases give problems.

I have been using Check Point Remote Access VPN for about 15 years.

Stability-wise, this solution is good.

For me, the scalability is very good.

We did not use another solution prior to this one.

The price of this product is good.

We did not evaluate other options.

We are hosting environments for our customers and ourselves. With Check Point Client, VPN users that aren't in their internal networks can connect via a secure connection into the internal network.

Remote users use different clients (Windows, Linux, and Mac OS) so depending on the customer, there is either a client connection or a clientless approach (using a web portal).

Users can also be identified if they use the Client VPN solution. If you want to identify them inside the network you have to use an IA agent.

Once set up, it simply works without issues.

The main advantage is that if you already have a Check Point Gateway in place you don't have to buy additional hardware. You only need to check if there are enough resources on the gateway for the additional load and decide how many concurrent users you need.

The installation was fairly straightforward thanks to the Admin Guide and the User Center.

Adding a Radius or similar to use for the user authentication can also easily be done so you don't have to create local users. Depending on the size of the user base I would also recommend MFA.

A normal Check Point Gateway has, with the base license, 5 concurrent users included. This means that in emergency situations you don't have to buy additional licenses.

During Covid, the license was increased and therefore it was easily possible to have several users working from home.

It's possible to either have a client installed on the user's machine, or have a clientless approach using the web portal. 

There is MEP functionality, so, based on the user's location, it minimizes the latency by connecting to the nearest entry point. 

The non-standard setup is quite complex as you have to do changes via GUI and CLI. Luckily, Check Point knowledgebase articles help you, however, there are so many resources you have to go through.

The Client VPN licenses are for concurrent users and there is currently no way to prioritize certain users over others.

There is no possibility to increase the number of concurrent users for a short time (except if you have unlimited concurrent users licensed). This could help during emergency situations where there are more client VPN users than anticipated.

I've used the product for over 7 years.

For a basic setup, implementation is quite easy.