Check Point Security Management Reviews

We have a Check Point firewall to secure our perimeter as well as on the internal network. We also have our Security Management server on VM. Both perimeter & internal sets are managed via the same Security Management system.

Two separate packages are created for both perimeter & internal sets.

We are also managing a SandBlast device via Security Management.

Even though all of the work is performed by the gateway, Security Management plays a vital role in a three-tier architecture. Here, our primary use case is to push security policies & manage logs.

Check Point Security Management is one-stop for all operation-related activity on the Check Point Security Gateway (firewalls).

We have completed one-time implementation configurations, like clustering, using this tool.

Check Point has a very sophisticated log monitor, where troubleshooting is very simple. We just have to put the desired filter, and Check Point generates the reports that help us to understand the overall picture in our network.

We have created multiple users, and they each have a smart dashboard install on their machine.

The Check Point Management server is isolated from security gateways, which means that in case there is an issue, we have our configuration ready and we can directly replace the device and push the configuration. Logs are collected at the management server, hence we can preserve those as well. 

We can keep on adding new devices that can all be managed from a single security management server.

After the upgrade to R80, we have a single interface for all activities. Previously, we needed to configure using different applications.   

It is very difficult to recover policies from the gateway in case if you lose your security management server, and don't have a backup.

The backup functionality (Migrate export command), which covers policies, can not be operated from the GUI. Instead, we have to log into the CLI and generate a file then take it out. For those not familiar with the Command Line interface, there should be an option in the GUI for operating backups. There should also be an option to automatically schedule the backup. 

The smart dashboard is a very heavy application. If we could directly connect & manage firewalls from the Management server itself then it would make it very easy.

I have been working with Check Point Security Management for more than three years.

The stability needs to be improved.

Scalability-wise, it is very good, as it was deployed on VM.

TAC is very supportive but we face many issues with this product.

Previously, we had only firewalls & not a management device. 

The initial setup is not very complex & can be done easily.

We are the ones who implemented it.

This product can be used for 25 security gateways on a basic license. I think that this is good value for the money.

We wanted to implement Check Point and hence, we did not evaluate others.

We are primarily using the solution as a firewall, and for some IPS features as well.

The firewall's blades are the solution's most valuable feature.

We had a lot of problems with the VPN blade on the solution.

We sometimes have trouble with the performance of the solution. Maybe some performance tuning options could be added in a future release. There should be more visibility about which blade in your firewall is causing the latency. That would be nice as well.

The stability of the file blade is good. However, there are a lot of blades, and some of the blades have bugs. For example, the VPN is not so stable. Aso, sometimes when we have high loads on our firewall because we have 20,000 users, the Firewall blade also has trouble.

The scalability of the solution is good. However, we have four or five firewalls and that's more than enough, so we don't need to increase the usage. We have about 20,000 users that go through the firewall at this time.

We don't go through technical support if we need assistance. We instead go to our consultants which assist us if we run into any issues. The consultants may sometimes open cases, but we have no direct contact with Check Point.

We didn't previously use a different solution.

In general, the initial setup was straightforward. Deployment for us took quite long because we migrated in small steps. That was our choice and had nothing to do with Check Point. We have five people managing the solution, and we have two consultants that sometimes help us with some troubleshooting and features.

We used a consultant to assist with the implementation.

Before choosing Check Point, we evaluated FortiGate from FortiNet, Sonicwall from Dell and Cisco FW products.

We're using the on-premises deployment model.

I'd rate the solution seven out of ten.

I mainly use this solution for endpoint security, to capture data with a secure approach.

Our data is the most important thing, therefore, it's essential that it be secured. Checkpoint has been very effective in terms of threat management and comprehensive protection against vulnerabilities, and it has given us confidence that our data is not going anywhere. 

The tracking of new threats could be improved.

I've been working with this solution for a couple of years.

Check Point's stability is good.

My experience with technical support has been good.

The initial setup is straightforward.

The return on investment is that our data is safe, Check Point offer upgrades, and we get the best possible cost-effective price.

I looked at Sophos, but Check Point's security coverage is better.

I would definitely recommend this solution to anybody thinking of implementing it. I would give it a rating of nine out of ten.

One of the most valuable features is the console application.

It's a great solution for management. We can manage a lot at the same time with one security management system. Also, each gateway depends on the other, which is helpful.

The client of the management needs to be improved. 

The solution is a bit slow. The speed should be improved. 

If there is a possibility to use the URL instead of client management in a future release, that would be ideal.

In the last version from 80.20, there are some issues around SSNA Diction. I would like this to be improved.

The solution is scalable.

I haven't contacted technical support a lot. I have a colleague that's had issues with a certain version of the solution, and they have made contact. They've had issues, but for me, technical support has always been fine.

The initial setup is not too complex, but those setting it up should have knowledge of Unix as well as some knowledge in Linux command lines. 

We're a partner. We help clients implement the solution.

We are using the on-premises deployment model.

I would rate the solution eight out of ten.

We use this solution to manage and configure all of our firewalls distributed across multiple remote locations. We can do it with a single interface where policies are created, managed, and distributed across all locations.

Check Point Security Management has improved our organization because all corporate firewalls can be managed with a single interface. Many objects are common in the policies of the various sites, thus saving time when it is necessary to create or modify access policies.

Check Point Security Management has a beautiful interface for viewing logs and access reports. You can create many filters and run queries from a modern graphical interface without resorting to shell commands.

The graphical interface is nice but it is a bit heavy. Even installing the policies is often a very slow activity. Sometimes it happens that the rules are scattered in several points such as global properties, security policy, and/or application policy and it is difficult to find the point where to intervene

I've been using Check Pont for 15 years.

This solution is used to validate the firewalls, and it performs this function very well.

It helps us control what people are accessing, inside the company.

URL filtering is a very important feature.

The usability of the solution could be improved.

I think stability is good. We haven't had any trouble.

The scalability looks fine.

My company has used technical support, but I have not.

In the past, we had a type of proxy for our URL filtering. The idea was to have everything packaged in the same solution. We removed the proxy and started to use just the firewall to control URL filtering and normal firewall rules in the same solution.

When selecting a vendor, we always check the industry reviews. Then, we analyze the features and, after that, the price-feature combination is the most important factor: which one has the best price and has the features we need.

Pay attention to the stability of the solution because it's very critical.

I would rate this solution a nine out of 10. They need to improve the usability. It's good but it can always be better.