Check Point Remote Access VPN Reviews

The solution is primarily used for secure access for remote users. It's deployed as a SaaS over the cloud. 

The solution offers great security features, including zero-day protection, malware protection, anti-phishing, et cetera.

If you are new to deploying the solution, the initial setup might be difficult the first time around. I had trouble setting the policies and then resetting the device. 

I joined my company eight or nine months ago and have been dealing with the solution since then.

I don't have much information on the stability aspect of the product. I haven't spoken to customers about their experience. 

I haven't discussed scalability with customers to get their take on how easy it is. 

We haven't referred to the technical support of Check Point just yet. We did have a replacement engineer assist us in deployment, and they handled it quite well. 

Positive

There was complexity in the initial setup. With one client, once we installed it and then tried to set the policies, the firewall was not responding very well. I was doing it for the first time, so we were unable to do it. The customer was not pleased with that, so we had to send another engineer to deploy that device. That's not to say it's overly hard - it was just my first attempt at an installation.

We had three engineers handling the initial setup. We deployed it over two days. 

I'm hoping that the next time I'm deploying it, it should be done perfectly, without any support from any other engineer.

We do the implementation for our clients. 

I'm not aware of the exact licensing costs associated with the product. 

We are in the business of selling firewalls. We're resellers and Check Point partners. 

I personally have sold just the Check Point solution to only one customer. We are also selling data storage solutions, data backup, and cyber security solutions.

We are dealing with the latest version of the solution.

The solution is available both on-premises and in the cloud. 

I'd rate the solution nine out of ten. I'd recommend it to other users and companies. 

We use Check Point Remote Access VPN to provide access to employees, vendors, and advisors. They access the company resources - especially now that most people are working from home over the course of the last year. We also use it for specific companies that give us remote support to some applications, such as our parent company. Our admins access our company servers and resources. We're using Remote Access VPN with specific profiles for them that only give access to some resources.

We have three distinct environments. Server, DMZ, and User/SHOP. The firewall connects to the internet and those firewalls are the ones that the people connect to for the Remote VPN. We have the Blade enabled and they access the company resources as if they were working at the office.

The headache of connecting has been removed. It's very stable and we don't have any issues with it connecting. We have a large majority of people that were using nothing and always coming to the office. However, since the last year, we have a whopping 75% of users that have switched to using Check Point Remote Access VPN. The biggest advantage of Check Point Remote Access VPN is that we already use the Check Point firewall. We only needed to enable the feature and do the configuration in order to enable the VPN feature. We didn't need to buy or manage new hardware. This was a big advantage.

The biggest advantage of Check Point Remote Access VPN is that we already use the Check Point firewall. We only needed to enable the feature and do the configuration in order to enable the VPN feature. We didn't need to buy or manage new hardware. This was a big advantage. 

The integration with two-factor authentication for remote access users is another valuable feature. In our case we use RSA.

Those two are the most valuable aspects that we have on the solution. It also gives us the possibility to securely connect to the company resources, without Check Point security measures.

Another great thing is that we already have all the logs from the firewall on the SmartPortal as the remote VPN also integrates into the firewall. We can see all the logs on the same tool because we also have a fully secure solution for Remote Access VPN. For full operational security, we need to manage the different hardware from the firewalls and the logs that are not in the same place. This is another valuable aspect of this solution.

Having access to those logs affects our security operations because if a user calls the support but does not have access to the VPN, we can see on the same tool on the SmartPortal and troublshoot. 

We don't have any specific complaints. We are very happy with the Windows client. You log in with the VPN for the full client, you do the log in right from the software itself. For Linux machines, they don't have a full client to install. For the users that utilize Linux, there needs to be an equivalent. The documentation of the software needs to be more accessible. If an end-user wants to have access to customized training from the company, that should be able to be built-in. I would add that feature. 

I've been using the solution for around 1.5 years.

The stability is good. It's a never-fail.

The scalability is great. We deploy to 5000+ users.

It's second to none but we haven't needed it a lot. 

We used to use Fortinet. We switched because it was hard to deploy. 

Just pull the trigger on a 3rd party. Not complex at all. 

We used both a vendor and in-house talent. 

The ROI was instant and around 54%.

Go with a third party and get it set up correctly. It may be costly but it's worth it. 

We didn't evaluate anything else. I knew a vendor and had used the software before. 

Get this software installed as soon as possible. It's a smart move. 

The tool is easy to configure and use. We integrated it with Active Directory to manage user authentication. It's intuitive and transparent, making it simple for users to use. It connects automatically to the VPN whenever users turn on the laptop. The product is efficient and offers centralized control. 

The main area for improvement is pricing. Another area could be integrating MFA authentication directly into the solution instead of using separate benchmark tools for implementation.

Nearly all of the company's 700 users used the solution during the COVID-19 emergency.

I rate the tool's ease of deployment an eight out of ten. Integrating the solution with the firewall is easy. Implementing a new user typically takes only five to ten minutes. You create the user in the firewall, install the client, and configure the username, making it ready to use.

Maintaining the solution is my responsibility. However, managing the firewall and VPN involves only two or three people. If you consider the entire security area, there are more people involved.

The product is expensive. I rate its pricing a ten out of ten. For the cost of one product, we could purchase two or three Fortinet solutions with the same amount of money.

Our previous company used this product because it's an excellent solution in the cybersecurity community. It was particularly important in Peru, where we had a strong presence in major companies. We selected the solution and used it for approximately ten years. Even after I left the company, they continued using it because of its importance in Peru and its presence in significant companies.

Fortinet may have gained more presence in recent years than Check Point Remote Access VPN, likely due to its lower cost. However, during my time at the company, we continued to use it. The company may consider migrating to other solutions primarily for cost reasons, as Fortinet is cheaper. However, this decision might not be based on technical superiority but on price considerations.

I rate the product a ten out of ten. You can use it if you can afford the pricing. 

We use the solution for our customers. Whenever the users work from home, they connect to the solution and are redirected to their network. It is very simple. They install the client, and the client makes a tunnel to the product. Once they are connected, they can enter into the network.

The policies are easy to use. Once we are connected, the entire infrastructure is safe, irrespective of the device we are using. There is no need to worry about safety. It's a secure tunnel that helps us access the network. It is a very useful feature. We can access the internal resources once we are connected to a VPN. We need not be in the office. The solution performs well.

The product’s architecture is a bit distributed. It should consolidate the architecture to make everything available on a single dashboard.

I have been using the solution for two and a half years.

The tool is stable.

The tool is scalable. We may need to opt for higher boxes. We work with enterprise customers.

The technical support is hardly good. The support team must improve its response time. It should also improve follow-ups through email.

Neutral

I have worked with Sophos and Array Networks. Check Point’s stability is better compared to other tools. I have frequently faced disconnection and other issues with other products.

The initial setup is not easy. We need to be skilled in Check Point to install the solution. The time taken for deployment depends upon the number of boxes we install. If we install one or two boxes, one or two weeks is sufficient.

Our customer needed to install more than 100 boxes in every region. It takes months to deploy the product at that scale. We need a team of 20 people to implement the tool for an enterprise. Once the installation is done, maintenance is easy. The product runs smoothly.

I recommend the solution to every vendor with Check Point as a firewall because it has great stability and security. We can terminate our VPN services to the same box if we're already using Check Point VPN. Overall, I rate the product a nine out of ten.

I like the fact that Remote Access allows the administrator to control and manage things. It makes things smoother, and it has been an excellent experience. 

We started with 50 users, but our numbers are increasing. Now it's difficult for us to maintain a steady internet connection and remote access, so we want to upgrade. We are considering a switch to FortiGate. I think they may have better service than Check Point offers. 

Scalability is where we're having problems now. Generally, Check Point has been working fine, but we need something that can accommodate many users and provide a steadier internet connection. Our remote users need to access the VPN without any issues. Of course, this could also have something to do with our internet connection at the organization.

We've been using Check Point to manage sites we need to block. It gives us the option to totally disable things, but it does not let the administrator create exceptions to allow specific users to access certain websites. Check Point could enable the administrator to permit users to access particular sites. I think the VPN we're using may have exceeded its lifespan. For example, if you check Instagram on Check Point, you might not even see it showing up, and it's difficult to restrict access to specific applications. 

We started using Remote Access VPN sometime in the past five years.

The connection has gotten less smooth as the number of users increases. The issue is that the logs fill up quickly. Too many users are connecting remotely. It worked great when we only had a few remote connections. Now, it is disconnecting people and dropping the internet connection.

It fills the logs and cuts off our connection when it gets full. It stops working. It's time-consuming to reset the device and reload the backups. It takes us about two hours because we would need to reconfigure those routes and integrate them with the IP addresses we have set up.

The setup was straightforward. Everything was populated on Check Point, so it was easy to select what we wouldn't allow. We deployed on-premise because we have the space and infrastructure to support it. 

The deployment didn't take long. Two IT people are responsible for the deployment and maintenance. The online documentation will walk you through the process. When you do a manual reset by pressing the button, it guides you through the setup process. You only need to follow the steps. 

After that, we import our backup file, and it populates. Next, we run the updates and check we forgot to configure anything else. Some backups are older and might not align with what we have running on the ground. 

I haven't seen an ROI.

The cost varies. I believe the price ranges roughly from about 3000 to 4,000 ZWD. I don't think it gets any lower than that. The initial cost is high because you need to buy the hardware, and you incur some setup costs, but the expense drops in the long run.

So far, I have not tried any other solutions. I'm doing the research now. I'm still shopping around, trying to understand what's on the market before deciding.

I rate Check Point Remote Access VPN eight out of 10. Aside from our current performance issues, it was smooth and flawless. I'm still shopping around. I was content with Check Point, but I want to see what's out there. I'm interested in knowing more about other available solutions. My primary goal is to avoid going through this process again two years from now. I'm hoping the next product will be a long-term solution, and it will be a while before we consider upgrading to something different.

This functionality is very practical to be able to connect to the business network from anywhere; the monitoring that can be provided and the granularity in the VPN to provide control to users is really good.

It offers excellent performance to be able to connect our users to business applications outside the company perimeter.           

It is easy to use and has an easy-to-use connectivity agent, and can be integrated with MFA to provide an additional layer.

In these times when the priority is telecommuting or working from home, it is essential to provide accessibility to the company safely. Through Check Point it was possible to provide this essential comfort to users who work in this modern format.

One of the features that draws a lot of attention is the integration of the remote VPN application in our Check Point gateway and management server, where it is easy to use.

The granular control and access under the Check Point policies made applying a zero trust policy much easier, providing greater security.

The integration with MFA through a configuration and integration with Azure is quite good, providing security to the user's identity. It is a very important feature where everything is tried to shield against modern vulnerabilities.

The license is included with gw licensing, however, in terms of the number of users that can be activated for use.                                                                                       

In our case, we quote additional licensing and it is quite expensive for remote VPN, other manufacturers are not so expensive.

The support provided is slow, in addition to the fact that the service hours are contrary to ours, which generates slower problem solving, I think it is important to improve this area.

This is a not-so-new tool that can be used in our gateways and management products. We have used these VPNs since we started using our environments with this manufacturer.

On a personal level, I had previously used Cisco and Azure VPN, among others, however, the control generated with Check Point is not the same. It is much better.

It is essential to validate how many remote VPNs are required, check costs, and see if they are within the scope of the company.

We validated the scope against other manufacturers and were satisfied with the security features provided by Check Point.

On a technical level, the tool is very good, and safe, in addition to providing a lot of control.

Remote Access VPN is one of those essential items for every organization in order to maintain seamless and highly secured connectivity between the end-user and the organization's local area network to access resources - including Jump server Databases, et cetera.

No matter from which device or from which location users are accessing an organization's local resources, with the help of the Check Point VPN client they can make sure they have connected securely.

Check Point offers a best-in-class encryption algorithm to ensure confidentiality and maintain integrity between the end-user and the Gateway. 

In disaster situations like Covid-19, most users were working from home or in remote locations. In such cases, Check Point Remote Access VPN provides feasibility to everyone to work from home and access an organization's resources remotely.

With a client-less configuration known as SSL VPN users can directly access resources via a browser-like database, share folders, et cetera.

To maintain the authorization of the connected user, Check Point provides multi-factor authentication for an RA VPN client to make sure legitimate users have access to resources.

• Secure connectivity: Guaranteed authentication, confidentiality, and data integrity for every connection and user.
• Straightforward Configuration: Easy to enable blades and define policies.
• Authentication: SAML authentication makes sure the user is legitimate.
• Compliance check: It scans the endpoint machine to detect suspicious/malicious content before connecting to an office network.
• MEP: Multi entry points to make sure there's availability to the LAN network even if the primary gateway goes down.
• A single client can work as sandblast agent.

Check Point RA VPN requires companies to take separate licenses initially so that only 5 connected users licenses are given as subscriptions. Most other competitors, like Palo Alto, provide 1000 connected user licenses for free.

Some configurations, like idle timeout (the requirement came from multiple users), are not possible to configure directly from the Check Point management server. We have to make changes in the local directory of the respective devices.

I've used the solution for more than three years.

The solution is highly stable.

Check Point has an Unlimited License Package for the RA VPN and therefore we can scale it easily.

Customer service has a dedicated team that handles RA VPN cases which ultimately leads to an early resolution.

Migration has taken place such as from Cisco to Check Point and Sophos to Check Point. During that phase, the customer needed to change the VPN client as well.

Browser-based functionality is one of the best things that Check Point provides.

The initial setup is straightforward during the initial configuration.

The setup is very straightforward but subscription-based. It isn't cost-effective.

We did look at Cisco Anyconnect and Palo Alto Global Protect.

Check Point Remote Access VPN allows organization users to work remotely. Especially in the pandemic period, work-from-home demand has been higher than ever. 

I have a remarkable case about the solution. That is for a bank. They want to have remote access VPNs that can provide connections for internal users who work remotely, partners who have restricted connections to the bank environment and ATM machines that connect to core banking applications. All VPNs acted in the same internet connections but still ensure these three VPNs were separated from each other. For the requirements, deploying the VPN in VSX appliances helped to solve issues. I created three virtual instances: one for corporate users, one for partners and one for ATM machines. 

Applying security policies for three instances is different. Corporate users must pass two-factor authentication layers and then have access to common corporate services (like email, and chat) and the right business applications depending on their working role, and their department. Partners after authenticating successfully only have limited access to the right place that they are allowed while being unable to connect to other places. 

ATM machines that act 24/7 need to have continuous connections, thus, they must authenticate using a certificate and their VPN clients must be configured to re-authenticate automatically after a timeout.

Check Point Remote Access VPN supports almost all common devices, from Windows to macOS, and from Android to iOS. Connection methods are flexible, including browsers and VPN clients. 

With such an approach, the solution can solve every remote working problem from anywhere, on any device while maintaining security features. The solution allows us to integrate with external systems like directory servers, email servers, and RADIUS servers for using directory users (a unified user instead must remember many usernames and passwords), adding multi-factor authentication via an OTP certificate. VPN users will have controlled access based on who they are and where they are by security policies. 

The solution offers flexible authentication methods to control access by policies and compliance. 

Check Point can integrate with external systems and third-party solutions to provide multi-layer authentications. This helps secure the user accounts from leakage of passwords and also protects corporate from unauthorized access damage risks. 

Security policies help to convert access regulations to policy rule configurations after authenticating. Setting policies allow, block, and limit users' access. 

With the compliance feature, Check Point can define what conditions user machines should have to authenticate the VPN. This feature helps to add more security to the network.

Endpoint Security on Demand, or Compliance Check is a good feature. It allows the creation of compliance policies and adds more security to the network. Machines will be scanned once they connect to VPN to make sure all of them are compliant. Conditions to configure compliance checks are Windows security (hotfixes, patches), Anti-Spyware, Anti-Virus software, personal firewall, or Custom (application, files, registry). These are not enough in a complicated environment. Almost of them are supported for Windows machines, however, are just limited conditions for non-Windows. In fact, using mobile devices on Android, iOS, macOS, and Linux is very popular. Compliance Check on Check Point should be improved by having more configurable conditions to support multi-platforms and adding more granularity. 

Besides compliance scanning sometimes causes consumes machine resources. 

I also suggest scanning operations will consume fewer resources and increase speed time.

I've been using the solution for more than five years.

As mentioned in my use case, the solution is running for thousands of corporate users, partner users, and ATM machines. The performance is very impressive. 

With Check Point VSX, the virtual instance extension is just an additional license, thus, it's very easy to add VS for other purposes. Besides Check Point also developed Maestro technology to allow hyperscale, increase throughput, and maximize capacity.

The Check Point Support Team is very professional and has technical expertise. The team is online 24/7 to make sure their customers always be supported. Response time to the customer is quick enough when they provide a solution to fix the issues or when they need some time to investigate or when they need some time to investigate they stay up to date.

Positive

I had used Fortinet Remote Access VPN before. At that time, other security features like Firewall, IPS, Application Control, and URL Filtering had been added to the same box running Remote Access VPN. The Fortinet appliance was overloaded all the time - although specifications in the datasheet could be OK. After changing to Check Point (using Remote Access VPN with other security features), the performance was amazing. CPU and memory usages were always at an average level.