Check Point Security Management Reviews

We use the solution mostly for policy pushing to other gateways.

We deployed the tool for a customer. They faced an attack, but Check Point did not allow it. Check Point does not allow unauthorized access to the network. It just sends a message to the person saying they are not authorized to access the network. The exceptions work very well. Most of the attacks go through the web path. The tool does a good job of securing the web path.

We can easily push the policies to any of our gateways. The solution manages the gateways. It works well with other products. It integrates well with Cisco products, too.

The tool is expensive.

I have been using the solution for the last two years.

The tool is very stable. The equipment is never down.

We have more than ten customers.

The support is very good. We get a response immediately whenever we enter a support request on the website. We do not have to wait for one or two hours. The team also offers remote support. The support provided by Check Point is one of the best in the market.

We have most of the products on-premise. We have only one client on a VM. Check Point offers training for their products. They usually send us a link every time they launch a new feature. Unless we go through the tutorials, it will be difficult for us to deploy the solution. However, it is easy to deploy when you know how to do it. It is easy to navigate if we have read about the gadget.

The tool is expensive. However, if we buy Check Point Security Management, we do not have to buy anything else. We get all the features we need in a single solution. We get value for our money.

If we want to troubleshoot, we just have to log in to the SMS. Everything is listed there. We just have to log in to the gateway we have an issue with. We need not go to the server rooms. I see no improvements needed in the product. The other gateways and SD-WAN could be improved. If someone wishes to use the product, they have chosen the best option. It provides security, reliability, and support. Though it is expensive, it is the best. It has all the features we need. The product is absolutely excellent. Overall, I rate the tool a ten out of ten.

We are managing Check Point firewalls worldwide, and establishing VPNs between the main data centers in geographic regions and the other agencies worldwide.

We also establish VPNs between agencies and customers depending on the need. Several different VPN communities are used. We also establish VPNs with customers and partners with different firewall brands (Cisco, Fortinet, Juniper, etc.).

We manage security policies for more than 300 hundred Check Point firewalls by using security policy templates and models.

Check Point Security Management has improved the way to manage several VPN communities depending on the needs.

We now have the ability to centralize the management and administration of about 300 Check Point firewalls all over the world. We are now able to interconnect easily those firewalls by establishing VPN communities.

We are now also able to monitor the different VPN communities in real-time.

We can use a security policies template to apply to our 300 firewalls and this is really time-saving.

The ability to easily mount VPN between firewalls, depending on the needs (star, meshed, or combined architecture) and depending on the type of firewall has been helpful.

We appreciate the fact that we can monitor the version of the managed firewalls in order to plan the firewall upgrades over time.

I like that I have the ability to apply a security policy model and template to many firewalls, depending on the firewall usage and architecture (DMZ firewall, LAN firewall, etc.).

We also like the way we can monitor the firewall traffic and we use this feature very often to troubleshoot user traffic.

We would like to improve the upgrade process in order to do mass upgrades to firewalls and to be able to upgrade target firewalls at the same time.

I would like to be able to use Check Point Security Management in a way where it is hosted on the cloud. I'd like secured Security Management directly reachable from wherever you are with no need to install the Check Point client software on the laptop.

I would also like to have the ability to easily export the Check Point security policies in order to exploit the data in other applications and have more compatibility with other applications.

I've used the solution for 12 years.

The solution is highly stable.

The solution is quite scalable.

They have good support that is reactive.

Positive

I also use Fortinet due to Check Point legal restrictions. Check Point is banned in some countries.

The initial setup was straightforward.

We implemented it through a vendor team with a very good level of expertise.

We have a good ROI.

We also looked into Palo Alto, Fortinet, and Cisco.

The Check Point Security Management is designed with a strong focus on cybersecurity, providing customers with detailed information on attacks and high-visibility threats. This is a major benefit, as it allows customers to stay informed on a daily basis. 

The most valuable feature of Check Point Security Management is the high level of visibility

Check Point could improve by enhancing the networking in their solution in order to align it with the existing network architecture.  

To perform a service cutover, such as migrating from one firewall to another or bringing up a new firewall, it is essential to thoroughly study and understand the customer's network architecture. This is a complex and challenging process that requires careful deployment and configuration. However, once the firewall is successfully connected to the environment, it becomes very robust and provides comprehensive cybersecurity that meets the needs of the customer.

I have been using Check Point Security Management for approximately 10 years.

The solution is stable.

Due to its complexity and the distributed nature of its solution, Check Point Security Management still faces significant challenges in terms of scalability. The networking port weakness previously mentioned also has an impact in this area. In order to address these gaps, enhancements need to be made to the product's scalability. For example, when performing software upgrades, the distributed solution can make even minor upgrades challenging due to the many components involved, such as servers, gateways, and management servers. It is crucial to make improvements in scalability to ensure that Check Point Security Management can meet the needs of customers who may require a larger or more complex solution.

They are selling multiple solutions that need to have their software maintained and their scalability at the same time with the advantage of the centralized consolidated unit, reflects poorly on the scalability. It's not only one solution. There are a lot of factors to consider in order to upgrade or add a new firewall to the lineup.

Their support could improve.

I rate the support from Check Point Security Management a six out of ten.

I have used Fortinet and other competitors.

The solution can be somewhat complex. It can be challenging to use, particularly during deployment. This is due to its use of distributed deployment, which requires the purchase of several components including security gateways, SMS servers, and a management server. While this may seem complex, the benefit is greater visibility.

The solution is expensive and there is an annual license.

Top companies in the firewall and software market include Check Point, which recently entered the hardware manufacturing sector. However, this move did not significantly impact its market share as other competitors were already offering more powerful hardware. As a result, the product became more complex, requiring separate handling of hardware and firewall components within the product. This adds additional layers, including network settings, connectivity, and firewall, which can make deployment and configuration more challenging for network engineers. Despite these challenges, Check Point is known for its stability and advanced threat prevention techniques, making it a valuable choice for cybersecurity.

We recommend smaller businesses explore alternative security partners, such as Fortineteen. Fortinet offers an affordable solution with all the necessary security features that customers need, making it a cost-effective option. For larger-sized companies we recommend Check Point Security Management to have visibility of their infrastructure.

I rate Check Point Security Management a seven out of ten.

The Security Management server provides centralized management to manage all the security gateways.

Many organizations will have more than one firewall. This may be in the same location or in a different location. Users can manage all the firewalls from a single location.                                    

It provides centralized logging for all incoming and outgoing traffic.

The solution centralizes licensing and auto-licensing with smart updating. 

In organizations where there are many firewalls, one firewall license may expire. We can easily update licenses from the smart console from the same location or from different locations.                                               

It also provides centralized logging that helps during troubleshooting - which provides detailed logging of access rules, NAT rules, application filters, VPNs, etc.                                                                                                              

The centralized logs and management are helpful. All of the logs are stored in an external server or within the Management Server. All of the logs are very easy to understand and provide detailed information about the instance. 

Through the Management Server we can easily enable all the features and easily disable them as well. 

Check Point offers PS services in India. As per personal experience and based on many organizations, Check Point needs to improve PS services. 

For the past one and a half years, I have been using a Check Point Firewall and Check Point Management Server.

The stability is the best.

I am satisfied with the scalability.

So far, there is no point reach out to technical support.

Positive

No, we have not selected any other solution.

As a Check Point implementation engineer, I found the setup process easy. 

The vendor expertise is very good.

The licensing price is a bit expensive. However, it provides very good security at the perimeter level.

No, we have not evaluated other options.

They just need to improve PS service in India.

One of the recent use cases for this solution has been related to a power company, which was facing issues but was able to get its infrastructure secured and get back its business continuity and growth. In addition, its management was able to get back its confidence with solutions or services provided by Check Point.

The client was able to quantify its security elements. As a result, a strong defensive framework was developed. Deployment of Check Point's solution resulted in the evasion of any existing and potential threats.

Check Point is not just a firewall. They deliver everything including IPS, application control, threat emulation and extraction, identity awareness, and more. In line with the quantum security gateways, other elements and services as provided by Check Point have also proven to be very helpful and reliable in keeping the company environment secured. The organization has also gone a great mile to tag itself as a proactive threat elimination expert in the industry viz a viz its competitors.

Harmony Endpoint is one of the great solutions by Check Point; it ensures compliance with policies and minimizes the risk of threats entering through endpoints. 

It's a great complete endpoint security solution that prevents the most imminent threats to the endpoint such as ransomware, phishing, or malware. 

It has proved to be very successful in identifying ransomware behaviors such as file encryption or attempts to compromise operating system backups and safely restore ransomware-encrypted files automatically. 

While the console and administration work well, they have to work on performance since it consumes a lot of CPU and memory. There is also latency in the administrative panel when entering. There has been a problem with updating licenses as well. There is ground-level feedback based on interaction with the relevant stakeholders that states implementing it would make a major difference in the overall experience.

I've used the solution for two years.

The solution has not caused major deviations and the historical experience has been quite good. The stability and reliability of the solution is pretty much appreciated

The overall impression of the scalability is good and impressive.

Technical support has been pretty good.

Positive

I have been involved with a lot of other partners in parallel, depending on the requirements of the customers.

I am not directly involved in the setup and deployment of the product.

The implementation was handled by an in-house team.

I've witnessed an ROI of 25% to 30%.

Users should actively evaluate the existing options available in the market and finalize the one that matches their requirements, budget, and priorities. Check Point can definitely be considered based on my personal experience.

The choice to evaluate would not be my personal decision but the requirement raised by the customers.

When having multiple branches, there is the need to be able to manage several branches centrally to meet internal and external regulatory standards that become part of important criteria to manage security. 

Due to the number of branches that we must protect and safeguard, we were looking for a solution that would allow us to centralize simple and fast management that is as scalable as possible.

The Check Point R80 service has allowed us to unify and centralize the security policy. This makes us faster and more flexible when making a change in any of our branches. It's one of the friendliest services that can be managed and remains important in nature to our bottom line. It allows all administrators to understand and manage the communication between different sites, for example. Additionally, we have integrated these features with others that could also be used as security measures or MFA services.

One of the most important features, and one that I see as having organizational value, is the ability to enable services or communications that can be integrated with third parties. We can add additional layers of security to logins or configuration startups that we did not have before. 

It provides for capabilities and has allowed us to be more scalable. We now have greater management flexibility and the possibility to configure and connect to different branches. It has given us better centralization with greater features and security benefits.

In the future, I would like the platform to be able to integrate or manage appliances or third-party equipment. That would give us a management solution that is able to adapt to the technological changes that we have today. 

Maybe we could see if the brand or the services become commercial allies of other brands. I know that it is something that is requested a lot, however, better integration could be beneficial for the market and for users when purchasing a service in the market.

I've used the solution for three years.

As a consultant for a security infrastructure consulting firm, I install and integrate this solution at client premises. There are many types of client domains, such as financials, government, healthcare, etc. 

It's a stable and complete product that is easy to use and capable of managing their next-gen firewall infra around the globe without compromises. 

Once the Check Point infra is up and running, clients really appreciate its capabilities of centrally managing security rules, making traffic flows visible, and quick detection and response capabilities in case of issues.

It allows clients to quickly learn about the product and its capabilities and thus focus quickly on what really matters, security. 

The concepts are easy to understand but powerful. As the management is easy and fast, the workload is less compared to other products. Access can be restricted granularly so different types of profiles can access the management solution without the risk of breaking anything. The helpdesk people can investigate the first line and provide findings to other teams for solution implementation. 

The rulebase management and the shared layers concept are implemented well. It avoids double work and reduces the risk of human errors. It makes the management solution very scalable.

Working with multiple administrators is possible. Changes are visible to others once you publish changes.

Investigating logs is easy and fast. The search results are provided with all details, so an in-depth analysis of problematic flows is easier.

Installation of policies is fast. For R81.10+ releases, it's a matter of seconds (compared to many minutes in the past).

The upgrade procedure already made huge improvements, yet it remains more challenging compared to other products. However, everything is well documented and the Check Point support is very skilled, so risks are rather limited. 

As this is probably the most complete product within its segment, no huge improvements are required from my point of view. Another problematic point, the policy installation duration time is solved since version R8x, so that's good. Clients always tell me: "Check Point is the Rolls Royce within this segment, it is outstanding". 

I've been using the Check Point Management solution for more than 15 years.

It's very stable with no remarks. Fixes are provided on a regular basis and are easy to install. 

Scalability is very good. Hardware appliances are available and virtual instances can be installed. It is possible to install, for huge deployments, the multi-domain Server. Multiple instances can be installed for redundancy purposes. 

They have excellent support which has improved a lot during the last years.

Positive

We implement other solutions, such as the Fortigate (Fortinet), PAN, and Cisco Secure Firewall (Firepower) with FMC.

The initial setup and installation are easy.

We use the solution for cybersecurity.  

We use a Check Point internet security appliance and have recently purchased their endpoint security solution.  

We have found the systems easy to manage and monitor. These systems are providing critical security to our computing systems. Past systems have required multiple products from multiple vendors. The Check Point solution provides multiple products under a single interface, greatly simplifying my job.  

We have yet to implement all of the blades/features of the Check Point solution, however, we are very happy with those we have used.

The product has done a great job in protecting our business network and SCADA systems.  

The single management interface has simplified our procedures. Training has been easier since there is only one interface to learn, not multiple interfaces from multiple vendors.  

As we implement more features of the security appliance, we find more value in it. Our cybersecurity posture is stronger than it has ever been with the addition of the Check Point appliance. 

We look forward to implementing additional features of the system.

The single interface to manage multiple cybersecurity platforms is great. In the past, we had multiple security appliances from multiple vendors. Each of these had their own interfaces and their own peculiarities. Staff had to learn multiple interfaces to provide our systems with cybersecurity. Additionally, when there was an issue, multiple systems needed to be checked to clarify and remedy the situation. If something was getting blocked incorrectly, we had to search for which systems was blocking it and then determine whether the block was legitimate. With the Check Point appliance, all of the blades are accessible through a single interface. We can easily track the reason for a block.

Some of the configuration elements could be improved. 

More automation of the tasks that now need to be performed at the level of the operating system could be made more streamlined. For example, we've often had issues where the log space has filled up. It would really be nice to have a feature in the GUI that addresses the cleanup of old files/logs. This is very much a manual process now. I have to get a putty or WinSCP session to the device and dig through the directory structure to find old files that are safe to delete. Luckily, I haven't accidentally deleted any critical files (so far).

I've used the solution for more than five years.

We have found the Check Point device to be very stable.  We rarely have to restart the device and have never experienced a hardware issue.  

The scalability is seamless.  

Customer service and support have always been very responsive.

Positive

We previously used a Netscreen firewall.   

The Netscreen firewall was limited and we had to rely on other appliances from other vendors to augment its capabilities.

It was a straightforward implementation. We did have a consultant help us in the initial setup of the systems.

The level of expertise of our vendor team was very high.

Our ROI is the peace of mind that our systems are well protected.

The Check Point solution is pricy, however, for what you get for your money, it is well worth it.  

The setup is pretty easy and licensing is straightforward.

We asked for a recommendation from a security consultant. They indicated that Check Point was the premier vendor of security appliances.

I'm glad we made the decision to use a Check Point appliance and am sure that we will stick with Check Point when we replace our current system.