Check Point Security Management Reviews

We use the solution mostly for policy pushing to other gateways.

We deployed the tool for a customer. They faced an attack, but Check Point did not allow it. Check Point does not allow unauthorized access to the network. It just sends a message to the person saying they are not authorized to access the network. The exceptions work very well. Most of the attacks go through the web path. The tool does a good job of securing the web path.

We can easily push the policies to any of our gateways. The solution manages the gateways. It works well with other products. It integrates well with Cisco products, too.

The tool is expensive.

I have been using the solution for the last two years.

The tool is very stable. The equipment is never down.

We have more than ten customers.

The support is very good. We get a response immediately whenever we enter a support request on the website. We do not have to wait for one or two hours. The team also offers remote support. The support provided by Check Point is one of the best in the market.

We have most of the products on-premise. We have only one client on a VM. Check Point offers training for their products. They usually send us a link every time they launch a new feature. Unless we go through the tutorials, it will be difficult for us to deploy the solution. However, it is easy to deploy when you know how to do it. It is easy to navigate if we have read about the gadget.

The tool is expensive. However, if we buy Check Point Security Management, we do not have to buy anything else. We get all the features we need in a single solution. We get value for our money.

If we want to troubleshoot, we just have to log in to the SMS. Everything is listed there. We just have to log in to the gateway we have an issue with. We need not go to the server rooms. I see no improvements needed in the product. The other gateways and SD-WAN could be improved. If someone wishes to use the product, they have chosen the best option. It provides security, reliability, and support. Though it is expensive, it is the best. It has all the features we need. The product is absolutely excellent. Overall, I rate the tool a ten out of ten.

We are managing Check Point firewalls worldwide, and establishing VPNs between the main data centers in geographic regions and the other agencies worldwide.

We also establish VPNs between agencies and customers depending on the need. Several different VPN communities are used. We also establish VPNs with customers and partners with different firewall brands (Cisco, Fortinet, Juniper, etc.).

We manage security policies for more than 300 hundred Check Point firewalls by using security policy templates and models.

Check Point Security Management has improved the way to manage several VPN communities depending on the needs.

We now have the ability to centralize the management and administration of about 300 Check Point firewalls all over the world. We are now able to interconnect easily those firewalls by establishing VPN communities.

We are now also able to monitor the different VPN communities in real-time.

We can use a security policies template to apply to our 300 firewalls and this is really time-saving.

The ability to easily mount VPN between firewalls, depending on the needs (star, meshed, or combined architecture) and depending on the type of firewall has been helpful.

We appreciate the fact that we can monitor the version of the managed firewalls in order to plan the firewall upgrades over time.

I like that I have the ability to apply a security policy model and template to many firewalls, depending on the firewall usage and architecture (DMZ firewall, LAN firewall, etc.).

We also like the way we can monitor the firewall traffic and we use this feature very often to troubleshoot user traffic.

We would like to improve the upgrade process in order to do mass upgrades to firewalls and to be able to upgrade target firewalls at the same time.

I would like to be able to use Check Point Security Management in a way where it is hosted on the cloud. I'd like secured Security Management directly reachable from wherever you are with no need to install the Check Point client software on the laptop.

I would also like to have the ability to easily export the Check Point security policies in order to exploit the data in other applications and have more compatibility with other applications.

I've used the solution for 12 years.

The solution is highly stable.

The solution is quite scalable.

They have good support that is reactive.

Positive

I also use Fortinet due to Check Point legal restrictions. Check Point is banned in some countries.

The initial setup was straightforward.

We implemented it through a vendor team with a very good level of expertise.

We have a good ROI.

We also looked into Palo Alto, Fortinet, and Cisco.

The Check Point Security Management is designed with a strong focus on cybersecurity, providing customers with detailed information on attacks and high-visibility threats. This is a major benefit, as it allows customers to stay informed on a daily basis. 

The most valuable feature of Check Point Security Management is the high level of visibility

Check Point could improve by enhancing the networking in their solution in order to align it with the existing network architecture.  

To perform a service cutover, such as migrating from one firewall to another or bringing up a new firewall, it is essential to thoroughly study and understand the customer's network architecture. This is a complex and challenging process that requires careful deployment and configuration. However, once the firewall is successfully connected to the environment, it becomes very robust and provides comprehensive cybersecurity that meets the needs of the customer.

I have been using Check Point Security Management for approximately 10 years.

The solution is stable.

Due to its complexity and the distributed nature of its solution, Check Point Security Management still faces significant challenges in terms of scalability. The networking port weakness previously mentioned also has an impact in this area. In order to address these gaps, enhancements need to be made to the product's scalability. For example, when performing software upgrades, the distributed solution can make even minor upgrades challenging due to the many components involved, such as servers, gateways, and management servers. It is crucial to make improvements in scalability to ensure that Check Point Security Management can meet the needs of customers who may require a larger or more complex solution.

They are selling multiple solutions that need to have their software maintained and their scalability at the same time with the advantage of the centralized consolidated unit, reflects poorly on the scalability. It's not only one solution. There are a lot of factors to consider in order to upgrade or add a new firewall to the lineup.

Their support could improve.

I rate the support from Check Point Security Management a six out of ten.

I have used Fortinet and other competitors.

The solution can be somewhat complex. It can be challenging to use, particularly during deployment. This is due to its use of distributed deployment, which requires the purchase of several components including security gateways, SMS servers, and a management server. While this may seem complex, the benefit is greater visibility.

The solution is expensive and there is an annual license.

Top companies in the firewall and software market include Check Point, which recently entered the hardware manufacturing sector. However, this move did not significantly impact its market share as other competitors were already offering more powerful hardware. As a result, the product became more complex, requiring separate handling of hardware and firewall components within the product. This adds additional layers, including network settings, connectivity, and firewall, which can make deployment and configuration more challenging for network engineers. Despite these challenges, Check Point is known for its stability and advanced threat prevention techniques, making it a valuable choice for cybersecurity.

We recommend smaller businesses explore alternative security partners, such as Fortineteen. Fortinet offers an affordable solution with all the necessary security features that customers need, making it a cost-effective option. For larger-sized companies we recommend Check Point Security Management to have visibility of their infrastructure.

I rate Check Point Security Management a seven out of ten.

The Security Management server provides centralized management to manage all the security gateways.

Many organizations will have more than one firewall. This may be in the same location or in a different location. Users can manage all the firewalls from a single location.                                    

It provides centralized logging for all incoming and outgoing traffic.

The solution centralizes licensing and auto-licensing with smart updating. 

In organizations where there are many firewalls, one firewall license may expire. We can easily update licenses from the smart console from the same location or from different locations.                                               

It also provides centralized logging that helps during troubleshooting - which provides detailed logging of access rules, NAT rules, application filters, VPNs, etc.                                                                                                              

The centralized logs and management are helpful. All of the logs are stored in an external server or within the Management Server. All of the logs are very easy to understand and provide detailed information about the instance. 

Through the Management Server we can easily enable all the features and easily disable them as well. 

Check Point offers PS services in India. As per personal experience and based on many organizations, Check Point needs to improve PS services. 

For the past one and a half years, I have been using a Check Point Firewall and Check Point Management Server.

The stability is the best.

I am satisfied with the scalability.

So far, there is no point reach out to technical support.

Positive

No, we have not selected any other solution.

As a Check Point implementation engineer, I found the setup process easy. 

The vendor expertise is very good.

The licensing price is a bit expensive. However, it provides very good security at the perimeter level.

No, we have not evaluated other options.

They just need to improve PS service in India.

As a consultant for a security infrastructure consulting firm, I install and integrate this solution at client premises. There are many types of client domains, such as financials, government, healthcare, etc. 

It's a stable and complete product that is easy to use and capable of managing their next-gen firewall infra around the globe without compromises. 

Once the Check Point infra is up and running, clients really appreciate its capabilities of centrally managing security rules, making traffic flows visible, and quick detection and response capabilities in case of issues.

It allows clients to quickly learn about the product and its capabilities and thus focus quickly on what really matters, security. 

The concepts are easy to understand but powerful. As the management is easy and fast, the workload is less compared to other products. Access can be restricted granularly so different types of profiles can access the management solution without the risk of breaking anything. The helpdesk people can investigate the first line and provide findings to other teams for solution implementation. 

The rulebase management and the shared layers concept are implemented well. It avoids double work and reduces the risk of human errors. It makes the management solution very scalable.

Working with multiple administrators is possible. Changes are visible to others once you publish changes.

Investigating logs is easy and fast. The search results are provided with all details, so an in-depth analysis of problematic flows is easier.

Installation of policies is fast. For R81.10+ releases, it's a matter of seconds (compared to many minutes in the past).

The upgrade procedure already made huge improvements, yet it remains more challenging compared to other products. However, everything is well documented and the Check Point support is very skilled, so risks are rather limited. 

As this is probably the most complete product within its segment, no huge improvements are required from my point of view. Another problematic point, the policy installation duration time is solved since version R8x, so that's good. Clients always tell me: "Check Point is the Rolls Royce within this segment, it is outstanding". 

I've been using the Check Point Management solution for more than 15 years.

It's very stable with no remarks. Fixes are provided on a regular basis and are easy to install. 

Scalability is very good. Hardware appliances are available and virtual instances can be installed. It is possible to install, for huge deployments, the multi-domain Server. Multiple instances can be installed for redundancy purposes. 

They have excellent support which has improved a lot during the last years.

Positive

We implement other solutions, such as the Fortigate (Fortinet), PAN, and Cisco Secure Firewall (Firepower) with FMC.

The initial setup and installation are easy.

We use the solution for cybersecurity.  

We use a Check Point internet security appliance and have recently purchased their endpoint security solution.  

We have found the systems easy to manage and monitor. These systems are providing critical security to our computing systems. Past systems have required multiple products from multiple vendors. The Check Point solution provides multiple products under a single interface, greatly simplifying my job.  

We have yet to implement all of the blades/features of the Check Point solution, however, we are very happy with those we have used.

The product has done a great job in protecting our business network and SCADA systems.  

The single management interface has simplified our procedures. Training has been easier since there is only one interface to learn, not multiple interfaces from multiple vendors.  

As we implement more features of the security appliance, we find more value in it. Our cybersecurity posture is stronger than it has ever been with the addition of the Check Point appliance. 

We look forward to implementing additional features of the system.

The single interface to manage multiple cybersecurity platforms is great. In the past, we had multiple security appliances from multiple vendors. Each of these had their own interfaces and their own peculiarities. Staff had to learn multiple interfaces to provide our systems with cybersecurity. Additionally, when there was an issue, multiple systems needed to be checked to clarify and remedy the situation. If something was getting blocked incorrectly, we had to search for which systems was blocking it and then determine whether the block was legitimate. With the Check Point appliance, all of the blades are accessible through a single interface. We can easily track the reason for a block.

Some of the configuration elements could be improved. 

More automation of the tasks that now need to be performed at the level of the operating system could be made more streamlined. For example, we've often had issues where the log space has filled up. It would really be nice to have a feature in the GUI that addresses the cleanup of old files/logs. This is very much a manual process now. I have to get a putty or WinSCP session to the device and dig through the directory structure to find old files that are safe to delete. Luckily, I haven't accidentally deleted any critical files (so far).

I've used the solution for more than five years.

We have found the Check Point device to be very stable.  We rarely have to restart the device and have never experienced a hardware issue.  

The scalability is seamless.  

Customer service and support have always been very responsive.

Positive

We previously used a Netscreen firewall.   

The Netscreen firewall was limited and we had to rely on other appliances from other vendors to augment its capabilities.

It was a straightforward implementation. We did have a consultant help us in the initial setup of the systems.

The level of expertise of our vendor team was very high.

Our ROI is the peace of mind that our systems are well protected.

The Check Point solution is pricy, however, for what you get for your money, it is well worth it.  

The setup is pretty easy and licensing is straightforward.

We asked for a recommendation from a security consultant. They indicated that Check Point was the premier vendor of security appliances.

I'm glad we made the decision to use a Check Point appliance and am sure that we will stick with Check Point when we replace our current system.

We wanted a centralized administration console to allow us to manage more than one team inside or outside our organization. As a result of this need, we were looking for solutions that could complement us and provide effective and functional management of more than one team inside or outside the organization. 

It was then that we came across and used Check Point, a solution that allows us to integrate and manage all these teams from one place. Check Point offered us not only a centralized administration, but it also offered us and gave us added value in different services and features that can be integrated into the centralized administration platform.

Check Point came to give additional value to us as administrators and our organization. It allowed us to integrate more than one characteristic service under the same administration platform, such as antivirus services, real-time emulation services, and real-time detection, characteristics that really give additional value in a centralized management console being a console and also a strategic ally in our organization. These characteristics tell us that it is not only a service to centralize the administration - it is also a service designed to implement and add value to the security of any company.

One of the most outstanding characteristics of its centralized administration is its great computing power. The ease of being able to integrate more than one computer and manage and orchestrate them simultaneously and individually creates security layers for each one of them or different approaches based on the needs of the branches. We have an installation that is fast with an execution that is simple. It is easy to manage what each organization needs. 

I would like it to be the administrator of equipment or Next Generation firewalls (which have to be managed on this platform) and to be able to manage other services (like Harmony) that also belong to Check Point. We'd like to be able to manage them from the same platform. Although they are within the same portal right now, they are not managed in the same way nor are they from the same teams. It could be a very innovative future integration and will help to centralize this section while having the characteristics under the same management.

I've used the solution for about a year.

It is very stable lately. We've seen that the updates have made the solution apply changes faster and find it is more complete.

The platform has somewhat complex scalability. That said, it is still efficient - mainly when we have management or administration in what is known as HA or cluster.

We primarily use the solution for the management of thousands of rules. partially automated via the well-documented API.

Managing the rules is a day-to-day business that takes a lot of time. It is really good that we can do the management through the dashboard. It is so comfortable, and, in contrast to other manufacturers, is structured much better. The integration of the logs allows a quick jump by mouse click between rules and log entry.

The API reduces the administrative effort so that we can concentrate on the essential things. in addition, it is an enormous advantage for our customers that rules are created automatically and are available immediately.

The transparency of the rules and the integrated logs makes daily troubleshooting easy and saves a lot of time. 

Managing the rules is a day-to-day business that takes a lot of time. The dashboard is great and much better in contrast to other manufacturers. 

The integration of the logs allows for a quick click between rules and log entry. 

The immediately visible audit logs are also a great advantage. This allows changes to a rule to be tracked quickly and any errors to be corrected.

The management API is the best new feature for me. It allows us to further automate our customers' automated server ordering.

The API reduces the administrative effort so that we can concentrate on essential things. It is an enormous advantage for our customers that rules are created automatically and are available immediately. 

For our private cloud, we have to stay competitive with the public clouds and the speed on offer is what counts here. It's good.

The new web management tool allows the management in the browser, which is a great feature.

The management API can be further developed so that all functions offered by the dashboard are also available via the API (for example,  Network Topology).

The new web management tool which allows the management in the browser has to be developed further so that all functions from the dashboard are available. Many of our administrators work with a Mac OS. Until now, the management of rules is only possible on  Windows as the Smart Dashboard is only available for Windows. Now, with the first release of the web interface, it is possible in the browser. All functions from the dashboard must still be possible via the web interface.

I've used the R77.30 version since 2013.

We've upgraded to R80.10 in 2019. The update was a bit complicated, however, with the pre-check and some cleanup, it went without a problem

We upgraded the R80.10 to R 80.30 in 2020. The update management with the migration of export/import was a remote update and was easy.

We upgraded R80.30 to R80.81 in 2021. The management update was very easy and through the wizard, everything was very clear in terms of the individual steps. The update of the gateways took place at night.

We do not have any stability problems.

Check Point Maestro offers the industry a new way to leverage current hardware investments and maximizes appliance capacity. It's in an easy-to-manage hyper-scale network security solution in order to bring our networks and data centers into the world of hybrid clouds.

The case handling is good. If you have experience and know what information the support needs, then the processing time can be minimized.

Neutral

In the past, we have used a Cisco ASA. Our management of the rules was not so good there.  We also use FortiGate. This already offers a nice web interface, however, managing a large set of rules is almost impossible there.

The initial setup was very simple. However, the migration of rules from other vendors was challenging.

For large migrations, we always use a service provider or the manufacturer's team (Check Point Professional Services). Here we can fall back on well-trained SE's with a lot of experience.

No exact ROI has been calculated.

All of our administrators have previously been on CCSA/CCSE training which provides good insights into the products. After various tests, we were able to carry out most of the setup ourselves in a developer environment. We were able to keep the costs for the migration low by using a lot of our own initiative. However, I would recommend the support of a Check Point certified partner.

Together with a Check Point partner (service provider), the requirements should be evaluated. Here, we were able to draw on the experience of our service provider and develop our environment according to our requirements.

We did not evaluate any other options.

I can recommend the Check Point solution.