We primarily use Check Point IPS for cybersecurity, specifically when there is a need for internal and external connections. We use it to monitor performance and take necessary actions when events occur. We also use it for firewall solutions.
Student at a university with 5,001-10,000 employees
Real User
Top 5
2024-09-06T20:29:00Z
Sep 6, 2024
Initially, the requirement was just to have a stateful inspection firewall to control traffic entering our network. Later, we needed deep packet inspection to look into packets deeply to identify any kind of malicious content. This led us to start using Check Point IPS to have visibility across all the seven layers of traffic entering the network.
Check Point IPS is a signature-based protection tool. As such, it is better than a cloud database. Check Point IPS is useful for anomaly detection and user behavior monitoring. In our company, we check our daily logs in Check Point IPS. My company has customized the settings of Check Point IPS as per our requirements.
Security Operations Manager at Network International
Real User
Top 10
2024-04-26T08:10:06Z
Apr 26, 2024
I use it on a perimeter with the internet-facing services, so the traffic will pass through Check Point IPS, which will secure connectivity and communication.
I have been using the product as an antivirus. It acts like a security guard, stopping bad things from getting in and ensuring only the right stuff gets through.
We use the Check Point IPS for intrusion prevention. It was installed inline. This solution enabled us to stop all threats and intrusion activities across the data center. The IPS uses a signature-based approach to control traffic, allowing only authorized traffic to flow outside. However, it can also identify the traffic behavior and enforce the policy based on that behavior, protecting against even new and unknown threats.
ICT at a manufacturing company with 501-1,000 employees
Real User
2023-10-12T13:20:00Z
Oct 12, 2023
We use this product to control incoming and outgoing traffic to the company and to control the internal traffic between the various company subnets. We have many departments and have segregated the traffic via subnets controlled by the Check Point firewall. We also have some services exposed on the internet for which it is necessary to have control over intrusions. Our reality is made up of a series of Check Point firewalls in which we have activated the intrusion prevention system functionality.
In my company, we use Check Point IPS for its intrusion protection functionalities. The product is the core of our security infrastructure that we use to filter and block attempts for connection into resources, which usually you want to happen only for specific administrative roles.
IT security and network analyst at Québec Government
Real User
Top 20
2023-03-31T13:18:00Z
Mar 31, 2023
Our primary use case is to protect the workstation. The IPS blade is integrated into our Check Point environment. We have many blades in Check Point IPS representation, each with a specific function.
We first saw that this blade was available to use in our Check Point gateway. Later, we understood that there are advanced threats that are in charge of exposing weaknesses. We did not have our perimeter completely covered, which is why we decided to use this technology. This technology helps us to detect and prevent attempts at exploiting vulnerabilities. It also helps a lot as the tool poses very few false positives, giving the tool good credibility.
This solution allows us to achieve a healthy network and good security within our organization given its functions, management, and control. The level of detection and intelligent algorithms that protect against distributed attacks have helped us to secure ourselves and provide protection in real time. These capacities and needs complement our security based on a scheme that our fund or financial distribution can achieve under annual or quarterly protection measures (or every three years).
Most of our clients have the majority of their critical resources on prem to protect their DMZ, so we use IPS for that. We are resellers, implementing and providing support to our clients. I'm a system engineer IT support.
One of the needs that we had within our organization was the need to solve and support the prevention of zero-day attacks or vulnerability attacks within the network. We needed to be as proactive as possible to focus on solving any incident or gap that could be opened in the future within our organization. With this product, we were able to implement IPS solutions. IPS gives us the ability to detect and be proactive against many attacks - even if they are very new. The solution can detect old and new signatures.
They are one of the blades that we get to try or use more when we start using Check Point Firewall products. They give us the power of protection and security accompanied by other characteristics and solutions that together become the best in the market. It's uniting all that computing power with the cloud and thus giving organizations greater peace of mind and closing our security gaps in applications or services. Something that we love is that it can be enabled in any gateway, and therefore that saves us implementation time.
We needed a security tool with features like: * Exploit detection * Vulnerable Protocol Validations * Malware communication blocking * Easy administration We found these features in the Check Point Intrusion Prevention System. It's the exact protection required for our infrastructure. We managed to increase the level of business security thanks to this blade provisioned within our Check Point gateways. Thanks to the use of this tool, we could avoid malware that might be installed in our infrastructure. It offers prompt detection. We also needed to be able to have protection against emerging threats during Microsoft updates on our Windows servers.
The company needed to improve its compliance with traffic risk management before all the company employees went full WFH. This has turned into a more efficient operational control of internal traffic, where numerous threats had been identified while working in the office as most malware is somehow admitted by someone with access to the company network, either unintentionally or not. This actually drove revenue growth as fewer resources had to be spent from the IT department to fight cyber threats.
The main use of this security tool of the Check Point brand was acquired to be able to solve the exploitation of cyber attackers for violating our perimeter security and finding holes to be able to violate us. At a business level, the absence of an application that could help us with both old and modern threats was seen. We now currently manage Check Point. The opportunity to use this tool was provided due to its ease of implementation within our NGFW security environment. The solution has been very good and the tool has a low rate of false positives, which makes it safer and more accurate.
We deployed the Check Point 6300 series firewall for protection of our internal and external servers, and various in-out traffic as well. We have Windows-based servers, Linux-based servers, and other appliances which are connected through a Check Point firewall. These devices have many vulnerabilities. To secure our infrastructure we activated the IPS Blade on the Check Point firewall. The IPS has helped us to block many known and zero-day attacks on our network. IPS is one of the best solutions from Check Point firewall
We use the Check Point IPS module on various firewall gateways. Specifically, we use the IPS on our DMZ firewall gateway to protect our DMZ servers from the inbound Internet traffic. For our user outbound Internet traffic, we use the IPS and the anti-virus anti-bot modules, in addition to the base IPS module to protect the network traffic. We also apply the product to our guest firewall gateway to monitor outbound internet traffic, with a focus to avoid any malicious guest users using our guest internet services to launch attacks.
Cloud Support at a tech company with 51-200 employees
User
2022-05-04T03:03:00Z
May 4, 2022
Our objective was to carry out an evaluation first with the activation of IPS in detection mode to evaluate possible vulnerabilities before making possible blockades or changes that could affect users. After a while, the decision was made to use security templates that came by de facto to be able to solve some vulnerabilities and evaluate the impact, and later some custom ones were added.
Information Technology Operations Manager at a computer software company with 51-200 employees
User
2022-01-31T14:44:00Z
Jan 31, 2022
We wanted a more robust solution for controlling access to our cloud environments (AWS and Azure). In addition, we wanted our control to be cloud-based. Our thought was to find a solution to aid us in being proactive as well as reactive. We have multiple environments in multiple clouds with some areas having delegated administration. The solution we needed was one to reduce the need for administrative headcount to continuously review any misconfiguration. Beyond that we were looking to find a solution for SASE.
The product protects our environment from specific threats; we 'approve' signatures manually (or automatically) based on the applications/appliances in use in our company. We are a logistics company hosting several websites/order management. The company is about 1000 FTE across several locations (in the Netherlands & Belgium). We have been using this for the last 10 years at least (since I have worked at the company). It's easy to use. The reporting is good. Usually, when threats emerge on the internet, there are signatures for this within a few hours.
Firewall Engineer at a logistics company with 1,001-5,000 employees
User
2021-09-30T07:31:00Z
Sep 30, 2021
We have a hybrid infrastructure with an on-premise data center, cloud data center, and multiple branch offices. All of these firewalls are managed via Check Point Multi Domain Management as well as Smart Event to see security events across our environment. IPS is set primarily to prevent and only some signatures are set to detect (only after some false positives) so we still see them and get notifications via the Smart Event reports. IPS is updated automatically and pushed to all gateways every two hours.
Intrusion prevention and detection are the most valuable pillars in the security system, which detects and prevents exploits or weaknesses in vulnerable systems or in applications and protect against threats not only based on signatures but also based on anomalies, behavioral analysis, etc. IPS is already integrated and comes as a security license in Check Point NG Firewalls and NGTX Firewalls. Every defense system must have a feature set that provides complete security for Network IPS and Check Point has very powerful high throughput - almost at terabyte speed - with the help of a hyper-scale approach.
System and Network Administrator at Auriga - The banking e-volution
Real User
2021-05-08T14:17:00Z
May 8, 2021
The Check Point IPS module is applied to both internal and external traffic. Many times, we only think about protecting ourselves from what comes from the Internet but it is also good to analyze what passes inside between one network and another and what goes out to the Internet. I'll never forget the first backdoor report. We immediately activated email alerts for the most important reports and it was an email that indicated the compromised server. There were three of us and it took two hours to discover that through the image upload form, there had been an attempt to upload a backdoor. This IPS module had blocked this attempt.
CTO at a computer software company with 11-50 employees
Real User
2021-05-06T20:08:00Z
May 6, 2021
We make use of Check Point IPS to protect our corporate network against incoming threats of all varieties. We have a very minimal intranet/network and this is installed and configured on our firewall that monitors all incoming/outgoing traffic. We felt it was necessary to have this in place as part of our security hardening in preparation for a third-party penetration test of our corporate network. Their goal was to access our network undetected and exfiltrate information. They were unsuccessful.
Senior Manager at a financial services firm with 10,001+ employees
Real User
2021-03-30T14:29:00Z
Mar 30, 2021
We use this solution to secure the organization against any attack coming into the network via the internet, a third party, or any other connected network. It is used to detect and prevent identified threats at the perimeter level so attacks do not penetrate the network. With so many access points present on a typical business network, it is essential that we have a way to monitor for signs of potential violations, incidents, and imminent threats. We also use it to provide flexibility for the SOC admin to identify any suspicious activity and either detect and allow (IDS) or prevent (IPS) the threat. It logs and reports any such incident to the centralized logger so the required action can be taken by the SOC team.
We use Check Point IPS to protect our infrastructure against threats. It internalizes different attack buttons. We started by deploying it only on the on-prem firewalls, but now we are also rolling out to the internal firewalls, the ones that segregate environments, the production, and the corporate environment.
I work in MNC company and we have 6 GEO locations in India and all of our locations are using Check Point as a perimeter firewall. I sit in our HO Office and I am maintaining all the location firewalls with my team, except for 1 location. We regularly monitor the security alerts on our perimeter and based on that we will align our location IT to check and update us. IPS is our core blade for network security, it is provide the details that some suspicious activities happen on our network as per the IPS signature database, and based on that we will work on that. As our primary use case with IPS blade we are daily receiving non-compliant IKE alert, and we know if we prevented it then what impact will happen, our all site to site tunnel will stop working which is running with noncompliant IKE and we are not forcing our client to update that noncompliant IKE protocol.
Senior Network and Security Engineer at a computer software company with 201-500 employees
Real User
2020-07-23T18:41:00Z
Jul 23, 2020
Our company works in developing and delivering online gambling platforms. The Check Point NGFWs are the core security solution we use to protect our DataCenter environment located in Asia (Taiwan). The environment has about ~50 physical servers as virtualization hosts, and we have two HA Clusters consist of 2x5400 hardware appliances, managed by an OpenServer Security Management Server on a Virtual Machine (KVM), all running on R80.10 with the latest JumboHotfix. The Clusters serve as the firewalls for both inter-VLAN and external traffic. We have the Intrusion Prevention System (IPS) blade activated on both Check Point HA Clusters as the counter-measure against advanced threats and malware. The IPS blade mostly used for ingress traffic from the Internet to the DMZ VLAN.
Head of IT Department at AS Attīstības finanšu institūcija Altum
Real User
Top 5
2020-03-04T08:49:35Z
Mar 4, 2020
We are using Check Point IPS for securing our internal networks and our website, as well as all of the traffic that goes through us. The traffic is analyzed by the IPS, which checks for things like malicious files and different attack patterns. We are using the virtualized version.
Check Point IPS is an intrusion prevention system that aims to detect and prevent attempts to exploit weaknesses in vulnerable systems or applications. The solution provides complete, integrated, next-generation firewall intrusion prevention capabilities at multi-gigabit speeds with a low false positive rate and high security. It helps organizations secure their enterprise network, and protect servers and critical data against known and unknown automated malware, blended threats, and other...
We primarily use Check Point IPS for cybersecurity, specifically when there is a need for internal and external connections. We use it to monitor performance and take necessary actions when events occur. We also use it for firewall solutions.
Initially, the requirement was just to have a stateful inspection firewall to control traffic entering our network. Later, we needed deep packet inspection to look into packets deeply to identify any kind of malicious content. This led us to start using Check Point IPS to have visibility across all the seven layers of traffic entering the network.
Check Point IPS is a signature-based protection tool. As such, it is better than a cloud database. Check Point IPS is useful for anomaly detection and user behavior monitoring. In our company, we check our daily logs in Check Point IPS. My company has customized the settings of Check Point IPS as per our requirements.
I use it on a perimeter with the internet-facing services, so the traffic will pass through Check Point IPS, which will secure connectivity and communication.
I have been using the product as an antivirus. It acts like a security guard, stopping bad things from getting in and ensuring only the right stuff gets through.
We use the Check Point IPS for intrusion prevention. It was installed inline. This solution enabled us to stop all threats and intrusion activities across the data center. The IPS uses a signature-based approach to control traffic, allowing only authorized traffic to flow outside. However, it can also identify the traffic behavior and enforce the policy based on that behavior, protecting against even new and unknown threats.
We use this product to control incoming and outgoing traffic to the company and to control the internal traffic between the various company subnets. We have many departments and have segregated the traffic via subnets controlled by the Check Point firewall. We also have some services exposed on the internet for which it is necessary to have control over intrusions. Our reality is made up of a series of Check Point firewalls in which we have activated the intrusion prevention system functionality.
In my company, we use Check Point IPS for its intrusion protection functionalities. The product is the core of our security infrastructure that we use to filter and block attempts for connection into resources, which usually you want to happen only for specific administrative roles.
Our primary use case is to protect the workstation. The IPS blade is integrated into our Check Point environment. We have many blades in Check Point IPS representation, each with a specific function.
We first saw that this blade was available to use in our Check Point gateway. Later, we understood that there are advanced threats that are in charge of exposing weaknesses. We did not have our perimeter completely covered, which is why we decided to use this technology. This technology helps us to detect and prevent attempts at exploiting vulnerabilities. It also helps a lot as the tool poses very few false positives, giving the tool good credibility.
This solution allows us to achieve a healthy network and good security within our organization given its functions, management, and control. The level of detection and intelligent algorithms that protect against distributed attacks have helped us to secure ourselves and provide protection in real time. These capacities and needs complement our security based on a scheme that our fund or financial distribution can achieve under annual or quarterly protection measures (or every three years).
Check Point IPS is focused on prevention rather than strictly detection capabilities.
Most of our clients have the majority of their critical resources on prem to protect their DMZ, so we use IPS for that. We are resellers, implementing and providing support to our clients. I'm a system engineer IT support.
One of the needs that we had within our organization was the need to solve and support the prevention of zero-day attacks or vulnerability attacks within the network. We needed to be as proactive as possible to focus on solving any incident or gap that could be opened in the future within our organization. With this product, we were able to implement IPS solutions. IPS gives us the ability to detect and be proactive against many attacks - even if they are very new. The solution can detect old and new signatures.
They are one of the blades that we get to try or use more when we start using Check Point Firewall products. They give us the power of protection and security accompanied by other characteristics and solutions that together become the best in the market. It's uniting all that computing power with the cloud and thus giving organizations greater peace of mind and closing our security gaps in applications or services. Something that we love is that it can be enabled in any gateway, and therefore that saves us implementation time.
We needed a security tool with features like: * Exploit detection * Vulnerable Protocol Validations * Malware communication blocking * Easy administration We found these features in the Check Point Intrusion Prevention System. It's the exact protection required for our infrastructure. We managed to increase the level of business security thanks to this blade provisioned within our Check Point gateways. Thanks to the use of this tool, we could avoid malware that might be installed in our infrastructure. It offers prompt detection. We also needed to be able to have protection against emerging threats during Microsoft updates on our Windows servers.
The company needed to improve its compliance with traffic risk management before all the company employees went full WFH. This has turned into a more efficient operational control of internal traffic, where numerous threats had been identified while working in the office as most malware is somehow admitted by someone with access to the company network, either unintentionally or not. This actually drove revenue growth as fewer resources had to be spent from the IT department to fight cyber threats.
The main use of this security tool of the Check Point brand was acquired to be able to solve the exploitation of cyber attackers for violating our perimeter security and finding holes to be able to violate us. At a business level, the absence of an application that could help us with both old and modern threats was seen. We now currently manage Check Point. The opportunity to use this tool was provided due to its ease of implementation within our NGFW security environment. The solution has been very good and the tool has a low rate of false positives, which makes it safer and more accurate.
We deployed the Check Point 6300 series firewall for protection of our internal and external servers, and various in-out traffic as well. We have Windows-based servers, Linux-based servers, and other appliances which are connected through a Check Point firewall. These devices have many vulnerabilities. To secure our infrastructure we activated the IPS Blade on the Check Point firewall. The IPS has helped us to block many known and zero-day attacks on our network. IPS is one of the best solutions from Check Point firewall
We use the Check Point IPS module on various firewall gateways. Specifically, we use the IPS on our DMZ firewall gateway to protect our DMZ servers from the inbound Internet traffic. For our user outbound Internet traffic, we use the IPS and the anti-virus anti-bot modules, in addition to the base IPS module to protect the network traffic. We also apply the product to our guest firewall gateway to monitor outbound internet traffic, with a focus to avoid any malicious guest users using our guest internet services to launch attacks.
Our objective was to carry out an evaluation first with the activation of IPS in detection mode to evaluate possible vulnerabilities before making possible blockades or changes that could affect users. After a while, the decision was made to use security templates that came by de facto to be able to solve some vulnerabilities and evaluate the impact, and later some custom ones were added.
We wanted a more robust solution for controlling access to our cloud environments (AWS and Azure). In addition, we wanted our control to be cloud-based. Our thought was to find a solution to aid us in being proactive as well as reactive. We have multiple environments in multiple clouds with some areas having delegated administration. The solution we needed was one to reduce the need for administrative headcount to continuously review any misconfiguration. Beyond that we were looking to find a solution for SASE.
The product protects our environment from specific threats; we 'approve' signatures manually (or automatically) based on the applications/appliances in use in our company. We are a logistics company hosting several websites/order management. The company is about 1000 FTE across several locations (in the Netherlands & Belgium). We have been using this for the last 10 years at least (since I have worked at the company). It's easy to use. The reporting is good. Usually, when threats emerge on the internet, there are signatures for this within a few hours.
We have a hybrid infrastructure with an on-premise data center, cloud data center, and multiple branch offices. All of these firewalls are managed via Check Point Multi Domain Management as well as Smart Event to see security events across our environment. IPS is set primarily to prevent and only some signatures are set to detect (only after some false positives) so we still see them and get notifications via the Smart Event reports. IPS is updated automatically and pushed to all gateways every two hours.
Intrusion prevention and detection are the most valuable pillars in the security system, which detects and prevents exploits or weaknesses in vulnerable systems or in applications and protect against threats not only based on signatures but also based on anomalies, behavioral analysis, etc. IPS is already integrated and comes as a security license in Check Point NG Firewalls and NGTX Firewalls. Every defense system must have a feature set that provides complete security for Network IPS and Check Point has very powerful high throughput - almost at terabyte speed - with the help of a hyper-scale approach.
The Check Point IPS module is applied to both internal and external traffic. Many times, we only think about protecting ourselves from what comes from the Internet but it is also good to analyze what passes inside between one network and another and what goes out to the Internet. I'll never forget the first backdoor report. We immediately activated email alerts for the most important reports and it was an email that indicated the compromised server. There were three of us and it took two hours to discover that through the image upload form, there had been an attempt to upload a backdoor. This IPS module had blocked this attempt.
We make use of Check Point IPS to protect our corporate network against incoming threats of all varieties. We have a very minimal intranet/network and this is installed and configured on our firewall that monitors all incoming/outgoing traffic. We felt it was necessary to have this in place as part of our security hardening in preparation for a third-party penetration test of our corporate network. Their goal was to access our network undetected and exfiltrate information. They were unsuccessful.
We use this solution to secure the organization against any attack coming into the network via the internet, a third party, or any other connected network. It is used to detect and prevent identified threats at the perimeter level so attacks do not penetrate the network. With so many access points present on a typical business network, it is essential that we have a way to monitor for signs of potential violations, incidents, and imminent threats. We also use it to provide flexibility for the SOC admin to identify any suspicious activity and either detect and allow (IDS) or prevent (IPS) the threat. It logs and reports any such incident to the centralized logger so the required action can be taken by the SOC team.
We use Check Point IPS to protect our infrastructure against threats. It internalizes different attack buttons. We started by deploying it only on the on-prem firewalls, but now we are also rolling out to the internal firewalls, the ones that segregate environments, the production, and the corporate environment.
I work in MNC company and we have 6 GEO locations in India and all of our locations are using Check Point as a perimeter firewall. I sit in our HO Office and I am maintaining all the location firewalls with my team, except for 1 location. We regularly monitor the security alerts on our perimeter and based on that we will align our location IT to check and update us. IPS is our core blade for network security, it is provide the details that some suspicious activities happen on our network as per the IPS signature database, and based on that we will work on that. As our primary use case with IPS blade we are daily receiving non-compliant IKE alert, and we know if we prevented it then what impact will happen, our all site to site tunnel will stop working which is running with noncompliant IKE and we are not forcing our client to update that noncompliant IKE protocol.
Our company works in developing and delivering online gambling platforms. The Check Point NGFWs are the core security solution we use to protect our DataCenter environment located in Asia (Taiwan). The environment has about ~50 physical servers as virtualization hosts, and we have two HA Clusters consist of 2x5400 hardware appliances, managed by an OpenServer Security Management Server on a Virtual Machine (KVM), all running on R80.10 with the latest JumboHotfix. The Clusters serve as the firewalls for both inter-VLAN and external traffic. We have the Intrusion Prevention System (IPS) blade activated on both Check Point HA Clusters as the counter-measure against advanced threats and malware. The IPS blade mostly used for ingress traffic from the Internet to the DMZ VLAN.
We are using Check Point IPS for securing our internal networks and our website, as well as all of the traffic that goes through us. The traffic is analyzed by the IPS, which checks for things like malicious files and different attack patterns. We are using the virtualized version.