We performed a comparison between Check Point NGFW and KerioControl based on real PeerSpot user reviews.
Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Its performance in fulfilling our requirements has been satisfactory."
"The pricing is excellent. It's much less expensive than Cisco."
"FortiGate firewalls are user-friendly, and I like the security profiling features."
"The performance is good."
"A strong point of FortiGate is that the graphical interface is complete and easy to use, especially if we think there is a list of operations that we are able to perform inside."
"The customization potential is quite impressive."
"Consolidated our network environment at all locations, but mainly at our datacenter."
"Unified Threat Management (UTM) features."
"I like the GUI."
"The Check Point architecture and packet are very good."
"It is giving us a greater reach for greater prevention and is proactively protecting our employees."
"The solution provides better stability and some interesting features such as the ease of throughput expansion."
"The centrally managed firewalls are great."
"I like the dashboard, redundancy, log analysis, threat prevention and ISP, and VPN."
"It secures my organization. With the application blade, I can make security as application based and the custom application is also very useful. With identity awareness blades we get insights on our local users who are accessing/passing through the respective rule as users. We also use the DLP, IPS, and VPN features."
"The most valuable feature of Check Point NGFW is it is a complete solution for protecting not only the network but the applications. Additionally, it provides a hybrid cloud solution."
"It has saved a lot of time and it was a secure way of doing it too. We had a whole contact center that worked from home for a period of time and that's a 21 hour a day contact center that we moved, that was spread out across the greater Brisbane region and working on home internet connections. Surprisingly, we didn't have a lot of stability issues anyway on those connections, but Kerio didn't blink, so that was good."
"I did not face any issues with stability while using the tool's trial version."
"The statistic feature enables us to better use bandwidth management. We monitored the use by mobile, type of application, department, and by users. The bandwidth was solid. Our internet speed is optimized for our research."
"The stability of Kerio Control is good."
"I like intrusion detection and prevention and bandwidth management. The routing part is also awesome. It is a good firewall. We never had a major breach from outside. We've never been impacted by ransomware, and our systems have never been infiltrated."
"Instead of using a cloud-based product for accessing information, and putting my data at risk in the cloud and in someone else's hands, it has allowed me to use a VPN and access my data directly from a laptop when I am out in the field. That has made my life a lot easier, where I'm able to access any information I need to be able access, basically on demand, with an Internet connection. That alone has been great."
"The initial setup is a breeze."
"I want to have access to my computer from the outside and Kerio Control plays a role because it has a VPN... It is more reliable because it's a smaller group of computers to target for hackers and the like. The VPN works very well. I use it to work remotely very easily and exchange information, both to and from the location where it's deployed, and there have been no problems there."
"Fortinet FortiGate can improve by integrating the web application firewall and the DDoS protection part of the solution. Having a WAF feature, web application firewall, and proxy together would be a good benefit."
"The solution could be more user friendly."
"It is stable, but its stability can be improved."
"They need faster serviceability and more security features."
"With FortiGate, the main complaint that I have heard is about the technical support."
"They should make the rule sets more understandable for the end user. When you're trying to explain to somebody how a computer network is secured, sometimes it's difficult for an end user or customer to understand. If there was a way to make the terminology more accessible to the end user, the set up could be easier. They should translate the technical jargon to an easily relatable and understandable conversation for the end user, the customer, that would be brilliant. Particularly in an environment where the IT structure is audited regularly, there's always pressure from the auditor to up the standards and up the security and you get your USCERT's that come out and there's a warning about this and the customer will want to lock out so much and when you apply it they run into issue where they can't search the internet or print to their remote office. Of course they can't print to your remote office, they just locked it up. They should make the language more understandable for the customer. If there's a product out there that made the jargon understandable to John Q. Public, I would buy that."
"It needs more available central management."
"Compared to some other products, the DLP is not at par for the moment."
"Needs to upgrade the IPSec VPN port"
"There is a huge amount of revenue lost in the financial/banking sector due to cyber attacks, so we need to have something that can highly concentrate on future cyber attacks."
"The only thing which I think should be improved is that training should be increased. In my position I also interview potential employees and I haven't found many people in the market, nowadays, who are familiar with the Check Point firewall. They are more familiar with Palo Alto and Cisco ASA and they are more comfortable with them."
"The software licensing model is too complicated with all the various tiers of SKUs (i.e. per software blade). They need to simplify this for easier purchasing and renewing."
"Internet load balancing provides either active/passive or active/active load balancing, however, I would like to see more options that provide SD-WAN capabilities while also allowing for more than two links."
"The client for the central tools is very big - maybe using web access in future releases, similar to other vendors should be possible."
"It would be beneficial if Check Point included more licenses bundled with the base model, reducing the need for additional subscription charges for essential functionalities."
"The current reporting capability needs to be parsed and edited to be appreciated by leadership."
"If I would suggest anything, it would be to expand on its multifactor authentication to be a little bit more user-friendly. They should do multifactor authentications for the client itself perhaps, rather than served on a webpage, in a page hijack, that might be more user-friendly, but I don't have a lot of complaints about it. It's doing its job. You have to have a certain amount of skills to configure these things anyway, the ones that we use on-site doing point-to-point, and we've been tricked up a few times with their interfaces."
"The product's technical support is not good as it used to be."
"They should improve the remote connectivity feature for users."
"The upgrades make the network slower."
"The denial of service could also be improved. There recently was a big issue with denial of service attacks and it was a bit laborious."
"The Kerio hardware devices look cheap and could be improved. Some of our clients are switching to Sophos because their hardware has a more sleek design."
"There were certain things I didn't know about it, but I've always been able to just contact our IT company. They've been able to walk me through certain things. It was quite a monumental task to set up a public site. Support really had to help me with setting up the VLANs and walk me through it. It was not possible for me to figure that out on my own, but that's what they're here for. That could have been a little bit easier laid out."
"Filtering of pages and greater personalization in services need improvement."
Check Point NGFW is ranked 7th in Firewalls with 279 reviews while KerioControl is ranked 29th in Firewalls with 54 reviews. Check Point NGFW is rated 8.8, while KerioControl is rated 8.0. The top reviewer of Check Point NGFW writes "Good antivirus protection and URL filtering with very good user identification capabilities". On the other hand, the top reviewer of KerioControl writes "With VPN, any of our guys can log in to the system and effectively be on board; helps with our customers all over the world". Check Point NGFW is most compared with Palo Alto Networks NG Firewalls, Sophos XG, Cisco Secure Firewall and Netgate pfSense, whereas KerioControl is most compared with Netgate pfSense, OPNsense, Sophos UTM, Sophos XG and Splunk User Behavior Analytics. See our Check Point NGFW vs. KerioControl report.
See our list of best Firewalls vendors and best Unified Threat Management (UTM) vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.