Check Point Security Management Reviews

Thanks to the new Check Point management, we were able to manage our environments decentrally with a server or from the Check Point Infinity Portal. This management is handled separately and provides greater ease of implementation and backups. You can have your gateways separated from the control server. You can even lose the management server, and easily, with a previous backup, you can restore all the policies that had been generated so that you never lose the operation of the GW.

Our Check Point implementations are quite important in our environment. With them, we were able to shield our infrastructure from modern vulnerabilities.

The separate management provides greater security and peace of mind. In the face of events in which we can lose communication with the management server, the operation of the Check Point gateways continues unaffected.

We also like the ease and intuitiveness of the management server since it allows you to generate policies in a straightforward way. Its logs and monitoring provide the necessary information so that those responsible for security can make decisions and improve security even more.

The control is intuitive, it's an excellent tool.

The monitoring is excellent. It helps a lot in making decisions.

Finally, the additional tools or blades implemented in this console are great. You can go from basic security implementation to a fairly advanced one with all the blades you have available.

The separate environment of the Check Point gateways is one of the most important features. The separate management allows for the continued use of the gateways.

As for the support, it is not the best. 

The hours are different from those in America. They generally respond to us at dawn. They are not as fast or efficient, and they could improve in this area.

Every manufacturer must have enough documentation for client implementations and proof of concept. However, Check Point has many outdated manuals. These should be simpler for users and help them to manage their environments with the best practices.

They should improve the ease of licensing.

We've used the solution for more than three years. We started using Check Point Security Management and have had very good results in a manufacturer's architecture with excellent performance.

Previously, we had WatchGuard to provide security. However, it does not meet the parameters required for our organization.

It is important to value the support of a Check Point partner to validate the tools, in addition to seeing the product more closely.

We researched to find the security tool that best suits our requirements.

For us, there are more benefits than failures; it really is an exceptional tool, and I recommend it.

The security management platform monitors the performance of applications and the security demands that can secure our data. 

Check Point Security Management has helped us to set secure points across all sectors to filter out harmful content that can destroy confidential information. 

The software has given the IT team access control in setting firewalls and securing cloud-based servers efficiently. 

This product provides comprehensive security coverage services that reduce operational costs. 

This tool has educated our teams and advanced our knowledge of setting effective security.

This software has improved the security situation in the organization and guarded the most confidential information against landing in unsafe areas. 

Check Point Security Management is the leading threat prevention system that ensures the networking system is protected from external attacks. 

All the departments can easily access security situations on set programs and come up with a suitable strategic plan. 

The reporting system provides real-time insights into the security situation and measures that can be taken to protect our data.

The set threat prevention tools have advanced the security monitoring systems and set up reliable data management platforms. 

Security analysis has helped teams in the organization plan and deploy the best security systems for protecting data. 

The malware detection feature has enabled the organization to block unauthorized attacks that can destroy data and leak confidential information.

Check Point Security Management has reduced operational costs and improved overall data security performance. 

Most set features have contributed to security stability in the organization, and I highly recommend this platform to other organizations.

This security control system has efficient features that have transformed the company to help it achieve set international standards. 

Most of the features provide excellent services that cannot be extracted from other platforms. 

It can be scaled down to provide services based on the company's demands and lowers operational costs. 

Sometimes the security system slows down when it is overloaded. Poor configurations have led to data leakages and weakened security signals. 

The overall performance has impressed all the team members and provided a secure environment for better workflows.

I've been using the solution for 12 months.

This platform is highly stable and I recommend it to others.

Check Point Security Management is excellent for setting security plans.

The customer service team has performed well since we started engaging with them.

Positive

I have no experience with other similar solutions.

The setup was straightforward.

Implementation was done through the vendor.

Our ROI has increased from 45% to 65% since we deployed this application.

The setup cost is efficient.

I have not examined other related applications.

I have observed great performance since we deployed this platform.

The use of this tool is for the administration of policies, control, monitoring, and all the management of our gateway security tool. The separation of these environments has given us a robust solution in which we can apply and protect all the configurations created in our gateways without being afraid if we lose or damage the Check Point Security Management solution. Nothing bad would happen since we can create the environment again at the Microsoft Azure level and later restore the backup without being affected.

It also provides us with the required reports on perimeter security.

Thanks to this incredible tool, we have been able to generate all the control configurations in which we determine which applications or sites can be accessed on the networks that are under the supervision of the Check Point gateways. In addition to the access policies, we have allowed access to servers in a granular manner to such a level that it is allowed at the port level.

With the generation and review of logs, we have verified some vulnerabilities and attempted attacks to generate improvements in our infrastructure and policies to help avoid issues in the future.

The features that we liked the most about the solution are its audits and logs, where we can validate the problems, accesses, connection refusals, vulnerabilities, or malicious accesses that are generated in our infrastructure. All of this helps to improve our safety after being analyzed.

Another excellent feature is its granularity both in policies and access control. It helps us establish good policies.

There are some improvements that can be generated in this solution. For example, their internal environments and dashboards should all be updated to look pleasant on a visual level.

It would be helpful if the documentation and good practice guides are updated. Many are still from R77.

At the support level, they should expand the languages of attention to be able to expand support in countries where the English language is not standard.  They could improve the response time when it comes to providing customer support.

This tool has been used together with our Check Point Gateway for more than four years. It is excellent and the administration has been great.

The support at the technical level is very good. That said, sometimes it takes a long time to get a response. In general, it is good.

Neutral

Previously we did not use a management tool like this.

It is one of the best solutions that exist today. The costs are high, yet, in general, any GWs solution is. 

It is good that they support themselves with partners. Partners help clients understand the product and can request tests of the product before purchasing it to know if it is what the business is looking for.

It is always important to look for options available in the security solutions market. We really like how Check Point is managed, which is why we trust this manufacturer.

It is an excellent administration tool.

We needed a solution that would be in the cloud or on-premise, that would centralize the equipment, and that would help us comprehensively manage each of the appliances that we were going to place in the four branches that we manage. Starting from that premise, we started with Check Point Security Management being the number one solution as it was pioneering in managing multiple computers simultaneously. This tool helped us to be more efficient and better at controlling risk with our hybrid cloud.

Starting from the need for our teams to be in the cloud and on-premises data centers, we decided on centrally securing and managing all these environments, making them easier, and more user-friendly, and their policy configuration, management of blades in the appliances, and management completely remote. 

Among its value, we can say that it helps us administrators have less administrative management burden in each appliance that must be configured and managed. Another fact is that its version can be on-premise or cloud and this cloud version helps us lower costs.

Being able to install a version of Check Point Security Management helps us avoid the expense of creating a server dedicated to that function, and we save on equipment and technical personnel in installing it, which in the end accelerates the administration and management of equipment to connect to it. 

Among its advantages and features that add value is managing teams both on-premise and in the cloud, regardless of the type of cloud. It helps to have and use a solution that adapts to environments and is easy to manage and configure. 

Among the things that I would like in the future is for the solution to have its application on Android and iOS, as many of the administrators have adopted remote administration positions due to what has happened since the pandemic. This would help us to have an easier and simpler administration. I believe that these mobile solutions are part of the technological evolution and the promising future that new technologies bring us; this will help us with future innovation and management.

I've used the solution for one year. 

With Security Management solution, we can manage and distribute security policies to firewall gateways. In large environment where there are dozens of Check Point appliances from Headquarter to branches, I deployed the Security Management with thousands of rules for an enterprise. I created different security packages for each gateway/cluster pair for administration purpose while maintaining separation and ease of policy installation. With every change request, we just need to configure the relating package and install to right gateways. Besides log dashboard in smartconsole is very useful and convenient for monitoring and tracking. It provides intuitive interface to search log, operation to filter is very to understand

With Check Point Security Management, we can:

- Manage and configure cluster for Check Point Gateways. Define security zones (internal, dmz, external) on interfaces.

- Add, modify, delete security rules, objects and install to gateways.

- Activate or de-activate blades like Mobile Access, IPS, URL Filtering, Application Control, Identity Awareness, Antivirus,... to the selected gateways and configure the security settings on them.

- Track and monitor security logs.

- send commands to the Management API. Supporting Management API helps automated tasks for daily operation or integrate with third-party solution SIEM/SOAR.

The most valuable feature is Management API. It has been supported since R80 and above. Why? For firewall administrators who handle many tasks daily on not only Check Point systems. They are flooded with their boring manual tasks but always got stuck with request tickets. For security analysts who work with numerous logs from many sources and take actions to stop attacks. Can analysist and protection be highly effective if they must take much time in implementing policies? All limitations above can be solved with Check Point Management API. The administrators can automate and improve their productivity in operation by scripting. The security analysts can immediately apply security settings on the firewall while saving their time and concentrate on their research job. This feature is very useful and Check Point works great job to support many security aspects with easy-to-understand guide.

In complex environment, the Security Management system manages many firewall gateways. There are thousands of security rules in the server and there are also other security settings about Check Point blades. Database in the server becomes large. Hence installing policy takes very long time to complete. Imagine that the administrators must process their daily tickets. They make configuration changes in Smart Console of Management Server for the first ticket, and while waiting for installation completion, then they receive the second ticket, a critical case, what should they do? This is only one of the situations that the administrators are facing in operation. Hope that Check Point can improve the processing time of installation.

More than 5 years

Check Point TAC team is very professional.

Positive

Only manage Check Point gateways by using Check Point Management Server. I used other firewall vendors like Cisco, Fortinet but Check Point is much better about stability and performance. So using central management for Check Point is best choice.

Easy of setup

I always implement by myself because it's very easy to implement.

The solution is used to manage security gateways. We use the management server to manage our firewalls, one at DR and the other at HQ. 

The Management servers are also used to manage security policies to determine who or what system should connect to what. This allows us to block applications that are not needed per department. For example, Facebook is blocked for everyone except the marketing team. This helps keep people more productive. We also use the rules to prevent users from visiting dangerous and illegal sites.  

It has helped improve work in our organization. Check Point Management tracks a lot of activities on the network such as who is connecting to what sites and applications. 

It has also provided visibility into who is connecting to the corporate network via VPN and at what time which helps us keep unauthorized users away. 

The interface also makes it easy for us to configure the VPN from the GUI rather than the command line, which makes it easy even for less experienced engineers to work with. 

The management also gives visibility into licenses and device-related information to help track how long you have till licenses expire and the software and hardware health of devices. 

The smart event feature is the most valuable. The consolidated logs give full network visibility. 

The smart console has been able to provide us with good detailed information and reports ranging from bandwidth, risky applications, IPS reports, VPN reports, and infected hosts on the network. 

Reports help determine which machines may be infected with bots if they indicate that they were trying to connect to command and control servers, smart event helps determine these machines by IP address or username. 

The IPS also indicates what attacks and from where we're trying to hit our organization which helps us twerk our settings accordingly to have the most security we can get. 

It could improve by showing DNS-specific information for connections to unknown public IPs. 

Check Point could also improve management by not having applications for each version released because we have to install a new application for every version it is not very nice. They could do that by moving management to the web so that we do not have to install a client for every version. 

The fact that you have to connect to two different applications for management, does not make it the most usable. It could be great to have a system setting and policy setting done from one interface. 

I've been using the solution for four years.

It's a very stable solution and Check Point is always doing proactive support to avoid any future problems or failures. Checkpoint support fixes bugs that they discover before the implemented production systems are affected. By logging a call with the customer and helping them remediate problems before they occur. 

It is reasonably scalable as you are able to manage five gateways with one management server at entry-level.

The solution offers very good customer support. The engineers respond on time and are available to help even if it means setting up a call to help you in implementing the given instructions.

Positive

The initial setup was straightforward. The prompt to install and the setup guide will get you through the process. When you're unclear, there are plenty of online resources to help.

We did the implementation in-house.

The solution is definitely worth it as it helps put policies that help people focus more on work than play to use company resources more efficiently.

We use the solution for a distributed lean IT environment where there's a need to monitor logs, threats, and events, or requires configuring security policies within a single dashboard.

It's great for customers who are searching for an upgraded top to bottom yet simple and improved log management solution. In such cases, Check Point Management works perfectly.

Wherever we have provided such a solution, it has become very easy for IT administrators to manage not only a single location but also geographically distributed workplaces.

It works similarly to other management software in the industry, but Check Point is far beyond all others due to its management log monitoring functionality.

After integration with the R80 series, Check Point has made most organizations become relatively secure as configuration with security policies, IPS, and log management extend to the maximum ability.

Previously, we needed to monitor all logs related to network traffic and threats and had to audit logs in different dashboards which sometimes felt time and memory consuming.

With the R80 management consoles, all tasks become very easy - starting from gateway management, log monitoring, IPS configuration, global properties configuration, etc.

Some of the great aspects of the solution include:

1. Smart Event is a great feature of the Check Point management console. It gives a complete graphical view of more than a year of traffic flow including botnet traffic, malicious host present in-network, compromised hosts, and many more.

2. Object (based on IP, hostname, domain name) configuration.

3. Application and URL filtering configuration.

4. Log monitoring and alert configuration.

5. IPS configuration with improved performance.

6. Applying filters based on source, destination, port, application, etc. which is easy compared to all other vendors in the market.

7. Managing clustering for gateways - including their live health check performance - can be done on the dashboard itself.

8. The SSL VPN monitoring based on users and tunnel monitoring are great value-added features present in the management console.

The solution could be improved in these ways:

1. In order to work the management console properly we're required to have more memory and CPU on the system where we need to install a setup.

2. Due to the large size of logs generated for daily traffic, even when old logs purging is enabled, we need to delete old logs manually or else it causes errors while publishing policies which slow down the process.

3. SD-WAN functionality could be added.

4. The required license addition for every blade is a bit of a complicated task for normal IT admins to understand.

I've used the solution for more than four years.

Stability is always improving day by day with Hotfixes they are releasing.

We can scale up to a maximum limit.

The technical support is very knowledgeable.

We have good relations with Check Point. This is the main reason we have always preferred it. The technical support offered by Check Point is always a top priority.

Customer from Sophos to Check Point and ASA to Check Point has migrated to our centralized management from Check Point.

The initial setup is straightforward, however, it can get a little complex for migration from another vendor to Check Point.

We had the assistance of vendor support during the implementation.

Check Point licenses work very differently compared to other vendors. We need to purchase each blade in order to make it work, but we can easily obtain a trial (evaluation) license from Check Point to get visibility for the blade.

Check Point tries to maintain relationships with customers and they try to match their price with customer expectations.

Palo Alto is most preferred NGFW compared to Check Point, due to having a large market share.

We use it for the firewall and the filtration. The accounts are put on a server and even the SmartConsole is installed on a server environment.

In terms of most valuable features, I love the URL filtering as well as the identification capabilities which link with the Active Directory and work for me even with bandwidth regulation. These allow me to select to whom to do what, and when.

As for improvement, again, the bandwidth regulation is an issue - it is not up to my expectations. If they could improve that it would be good.

In future releases I'd like to see better integration with other applications and solutions.

Also, the cost of the license is too high, it's too expensive.

I have been using Check Point Security Management for the last five or six years.

I used to contact customer service, but nowadays, I'm authorized to handle that. We have our own internal team in the company to maintain this solution on our own. I know a few people at Check Point so we work together.

Yes, we were using Dell SonicWall.

In terms of initial setup, at the beginning when I was not an expert, it was difficult but now that I'm an expert it is no longer difficult at all.

I don't know how long the setup was the first time since it was done by a client. But nowadays, because I'm an expert, it doesn't take long. It takes about an hour or two and I've done everything.

On a scale of one to ten, I'd give Check Point Security Management a nine because it is not yet available in our country.