Check Point Security Management Reviews

Our company works in developing and delivering online gambling platforms. The Check Point Gateways are the core security solution we use to protect our DataCenter environment located in Asia (Taiwan). The environment has about ~50 physical servers as virtualization hosts, and we have two Check Point HA Clusters consist of 2x5400 hardware appliances, managed by an OpenServer Security Management server on a Virtual Machine (KVM), all running on R80.10 with the latest Jumbo Hotfix Accumulators installed (Take 275). The Security Management server has the following blades activated - Network Policy Management, Logging & Status, User Directory, Compliance, SmartEvent Server, Provisioning.

The overall security of the environment has been greatly improved by the Check Point solution. Before implementing that, we have to rely on the Cisco ACLs and Zone-Based firewall that we had configured on the switches and routers, which in fact was just a simple stateful firewall, and all the devices had to be managed locally via SSH. Now, with the Check Point Security Management server in place, we have a central endpoint to manage all the security aspects for the environment - the SmartConsole. That helped to decrease the management overhead, as well as to improve the usability and feasibility of the security.

As the security administrator, who is responsible for the day-to-day tasks (e.g. creating new firewall rules, monitoring the security alerts and incidents etc.) and the maintenance (e.g. installing the new Jumbo Hotfixes), I find the Check Point Security Management R80.10 to be the great solution. 

Now everything is configured in one place - the unified SmartConsole, which helps me in saving the working time and not jumping from one console or dashboard to another constantly. The interface is cozy and modern. I especially like built-in searching capabilities - you may not just find the objects, but also see where exactly it is used across the whole security policy. Also, now the latest logs may be seen in the security policy as well, per matched rule. 

I like that the Compliance software blade is available for free with the Security Management server purchase, but it is free for only one year - after that, you have to buy an additional license to continue using it. I think such an important feature is vital for the management server, and should not be licensed separately. 

Also, the SmartConsole application used for management is currently available only for Microsoft Windows OSes. I think many administrators use macOS and Linux, so it would be nice to have native apps for these platforms as well.

My current company has been using the Check Point Security Management for about three years, starting late 2017.

The Check Point Security Management server version R80.10 we use is stable and mature solution.

One virtual machine we use for the Security Management is enough for managing 2 clusters, and there is a huge "space" if we decide to scale the DataCenter up.

We have had several support cases opened with the Check Point, but none of them was connected with the Security Management. In. general, I think some cases took to long to be resolved by the Check Point support team - up to one month.

We used local ACLs and Zone-Based firewall on Cisco switches and routers, that's incompatible with the centralized management solution like Check Point Security Management.

The setup was straightforward, and the configuration part was easy and understandable - we didn't use any consulting services for that.

The solution has been implemented by in-house team, since we have the Check Point Certified engineer among the technical team.

The Check Point solutions in general are not cheap, so your company should have a dedicated budget for security.

We didn't evaluate other vendors.

There's a demo of the Security Management available for free - just download and install the SmartConsole application, and you could see the interface and most of the features available.

We use Check Point Security Management for firewall management.

The solution is easy to use and comes with few vulnerabilities. You don't have to worry about release upgrades. Life cycle management is very easy. 

Check Point Security Management lacks some of the competitor features. 

I have been using the solution for six years. 

Check Point Security Management is stable. 

We have around 4,500 users for the product.  

Check Point Security Management doesn't have good support since it is difficult to get the right person. 

Neutral

The solution is expensive. 

Throughout my professional career I have operated, implemented, and designed solutions with Checkpoint's NGFW for clients of all kinds - public and private, small and large.

For all scenarios, there is a suitable solution with this manufacturer. Its decades of experience make it one of the undisputed leaders in the industry.

In recent times, the platform has evolved significantly to meet the latest threats. I would recommend at least valuing it as an option whenever an opportunity arises to cover cybersecurity needs.

Having a central point to manage all its capabilities makes it much easier to react quickly and accurately to a threat, which is essential in this day and age where attacks can be lethal to our network if not dealt with quickly.

I have actively participated in the defense of very important customers who were able to overcome the challenge thanks to the great visibility that the console offered them. The other additional capabilities that we can integrate into the platform are also a very important added value.

One of the features that attract me the most is being able to activate different functionalities through its blades, having centralized point access to all of them, and being able to activate and deactivate them as needed.

In addition, the fact that everything starts from the same unified management console makes it very easy to integrate new equipment or functionalities once the operator has become familiar with it, as everything will follow similar management or operation mechanisms.

This is one of the aspects I value the most.

In my experience, the place they can improve the most is in the technical support where I have had some serious problems that could not be solved in time due to a lack of knowledge of the assigned engineer.

It would be a good policy to try to assign senior engineers when it has been verified that an incident is critical and urgent for a client and not to resort to less-experienced technicians that can put at risk the recovery of the attacked assets.

Apart from that, at the architectural level, it is a very competent and versatile solution.

I've used the solution for more than 15 years.

Overall, it is a very mature and stable solution.

With the arrival of Quantum Maestro, the platform's expansion capabilities have increased tremendously. Its new architecture is promising.

In general, they work very well, however, it should be prioritized and they need to assign senior technicians when the issue has been verified that it is very critical for the customer.

Due to working in an international MSSP, I have worked and continue to work with all manufacturers.

We always try to do the implementation work with our own SOC of experts.

It depends a lot on each case and on the customer's needs and capabilities.

It's not the cheapest solution, but one of the most advanced and competent.

We always evaluate alternatives and try to see what fits the client best. Fortinet, PaloAlto, Checkpoint, Cisco, et cetera.

We use the solution for VPN with multifactor authentication, IPS protection, and threat emulation. We have deployed the product in the cloud data center.

It's very easy for management to understand workflow and everything.

Check Point Tech Support will not assist with new configurations if we encounter any issues during the configuration process. They only provide support if there are issues with existing configurations.

I have been using Check Point Security Management for four years.

The solution is stable.

It is 100% scalable. Behind the firewalls, around 25 web applications are accessed daily. Each application can be accessed by up to one lakh people every day.

Support is good.

Positive

Previously, I worked with FortiGate, and integrating that product with cloud platforms was very difficult. The workflows were overly complex, and the documentation was inadequate.

Check Point is superior to other security vendors. Their signature database, which includes antivirus, IPS, and anti-malware, is highly advanced. The system is easy to understand, and deployment via the web interface is also straightforward.

For example, during the COVID-19 pandemic, a new vulnerability known as Log4j emerged. While many vendors were unaware of this vulnerability, Check Point promptly emailed all its customers to inform them. They reassured customers that their gateways already had predefined prevention signatures to protect against this threat, requiring no additional action. 

The initial setup is straightforward. Fresh deployment and creating the gateways will take approximately three to four hours.

With Fortinet, managing the product through cloud formation can be difficult to implement in a cloud environment because it's not straightforward. First, we need to spin up some VMs and configure everything manually. In contrast, Check Point provides a more seamless cloud formation process. With Check Point, you click on the cloud formation option, and the VMs and necessary configurations are automatically set up. You will get GUI access quickly.

Only two resources are required. One knows Check Point, and another guy knows the cloud platform where they want to deploy the gateway.

The integration process is straightforward. If you have some knowledge of your cloud service provider, you can easily integrate with it.

It has improved over the past four years. Previously, pushing any policy from the management server to the security gateway could take around ten to fifteen minutes. However, this task is now completed in about one minute with the new firmware version. This improvement demonstrates the substantial advancements made in the Management of Check Point products. It continuously updates its products to align with security standards and market awareness. They implement these updates in their own unique way. It is a strong player in the security market and has a long-standing presence. Their solutions are reliable and trusted for real security needs.

Maintenance is very easy.

First, we will thoroughly understand their requirements. Once we understand clearly, we will design tailored solutions for them. Next, we will present these solutions to the customer for review and discussion. Following their approval, we will run POC, collect evidence as required, and submit the comprehensive report.

Overall, I rate the solution a ten out of ten.

One of our company's priorities was to have centralization of all the equipment in a single firewall. With the tools provided by Check Point, we were able to achieve it, and in this way we were able to centralize all the records.

With this implementation, we were able to make more centralized management and of all the rules. It was very comfortable to be able to configure them and manage them and thus be able to make the whole implementation more orderly and be able to carry out our organization along a good path of security administration

Check Point Security Management came to help us a lot. With this implementation, we were able to generate a firewall rule centralization and management. This helped our IT department to have an order in security and thus be able to centralize it.

By having this implemented, our facilities' security has improved a lot since both employees and external users are audited before entering the network through Check Point Security Management and the rules that make these security filters possible.

Check Point Security Management has a great feature that allows you to automate the request of the automated server. This helps us reduce the administrative effort of the IT department and thus give priority to other things like the security of the company or with the characteristic It provides us with centralization, which helps us with management.

The SmartConsole has provided us with excellent help with the application. It communicates with the administrator and allows us to create policies and also look at the traffic log.

The web administration tool that allows administration in the browser must be developed even more. When one tries to enter the panel, the loading delays us. 

They can also implement version updating. 

Another feature that could be improved is the export of configurations to .CSV. This would further simplify the management and compliance with rules.

This solution has been used for approximately two year in the company.

The solution has excellent stability.

It is quite a scalable product.

The support experience has not been very good. We have had some problems with cases and meetings coordination.

Positive

There was no type of tool that would supply these qualities in the company previously.

The installation is easy. It is plug-and-play. However, the configuration must be done carefully.

The implementation was handled with the help of an engineer who had prior knowledge of the product. 

The ROI is there. Making an investment in security is always a very good idea.

Check Point offers a good price for its products. It is worth making the investment since this can prevent vulnerabilities.

Check Point was always our first option in terms of product choice. 

It is an excellent tool to implement in the organization.

I use it for managing ten clusters in our on-premise environment. With this kind of management, it's possible to question its policy and change many configurations in the files. With its management, we got all the logs from the environment. With Check Point Security Management, we get the benefits of deploying the configuration.

Owing to the availability of many kinds of incidents, I can say that the solution has served to improve my organization.

Regarding the tool's valuable features, I would say that Check Point is a very accessible and fast tool, especially when dealing with logs for the first time. It is a perfect solution for me.

From the Check Point Security Management solution, it's possible to get the situation of my clusters. I guess it lacks in providing visibility of the many incidents. Hence, the visibility of incidents is an area where I want the solution to improve.

I have been using Check Point Security Management since 2005, so I have used it for maybe twenty years. Also, I am using Check Point Security Management E84.20.

Stability-wise, I rate the solution a ten out of ten.

Scalability-wise, I rate the solution a ten out of ten.

The solution's technical support is very good. Hence, I rate the technical support a ten out of ten.

Positive

The solution's initial setup was easy.

It took a year to see a return on investment. I did experience a return on investment using the solution.

Price-wise, it is an expensive solution.

I recommend the solution to those planning to use it.

I rate the overall product between nine to ten out of ten.

In recent years, management was to have an additional server in our data center or virtual machine that demanded resources locally. Today we have the possibility to have virtual teams in the cloud or on-premise and do not have the need to create that machine. We take that server to the Check Point cloud as a management cloud where we can have each subscription and be able to manage everything with the same account. It allows you to manage from anywhere and makes it easier for you to manage additional teams.

Check Point management is one of the most complete solutions for managing Check Point Firewall appliances. 

Since it is so powerful, we can manage more than one appliance with this same tool and create policies per appliance, and integrate different branches. 

One of the great benefits is being able to centralize all our branches under a single management server, thus being able to manage each of the created policy layers from a single place.

Among the most valuable features is the ability to manage everything simultaneously. It can integrate with the Check Point Infinity Cloud. 

The costs of acquiring a server for this task is of value. Each of us who are administrators can continuously manage the security of companies. This management manages not only Firewall-type appliances but also Cloudguard IaaS-type appliances.

I would like this solution to be integrated directly into the Cluster XL equipment. We'd like something that is all in one. The implementation becomes quite complex due to the extensive and not very graphic guides that we can find on their portal. 

I've used the solution for two years. 

It is very stable. You can have it in high availability services.

The scalability is fast and easy.

We previously used Fortinet as a firewall and management solution.

The cost of having cloud management lowers the monthly bill. That must be considered when acquiring these solutions.

Security Management Server is easy to configure. We have more than six security gateways in different locations. It is easy to manage security gateways separately from Security Management Server. 

Also, we use a security management server as a log collector. Security Management Server is easy to configure. 

We can separately manage and install policies for all gateways. It has separated by blades. It is so flexible. Jumping from one blade to another is really simple. R80.x versions are better than R77.x versions. 

The log section is really good to understand and is really fast. 

The layered architecture is really understandable and easy to use. 

Event correlation function is really brilliant. 

Check Point provides one application with all your needs with the management system.

I do not need to log in to another application or website to see inputs and outputs. 

The monitoring is the best.

The solution offers:

• Strong user community
• Product functionality and performance
• Financial/organizational viability
• Strong services expertise

Policy installation time can be reduced. Proof of concept really matters on this subject. Every organization's needs are different and unique. Therefore, before you purchase the product, use proof of concept as much as you can. 

I have been using Check Point Security Management for more than seven years.

The pricing is not bad.