• Home
  • Check Point NGFW vs. Zscaler Internet Access

Check Point NGFW vs Zscaler Internet Access comparison

Cancel
You must select at least 2 products to compare!
Fortinet Logo
Fortinet FortiGate
Read 306 Fortinet FortiGate reviews
120,425 views|88,209 comparisons
90% willing to recommend
Check Point Software Technologies Logo
Check Point NGFW
Read 275 Check Point NGFW reviews
27,173 views|16,714 comparisons
96% willing to recommend
Zscaler Logo
Zscaler Internet Access
Read 46 Zscaler Internet Access reviews
15,581 views|10,198 comparisons
97% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Check Point NGFW vs. Zscaler Internet Access
July 2019
Executive Summary

We performed a comparison between Check Point NGFW and Zscaler Internet Access based on real PeerSpot user reviews.

Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Check Point NGFW vs. Zscaler Internet Access Report (Updated: July 2019).
Download the complete report
770,141 professionals have used our research since 2012.
Featured Review
EhabAli
Researched Check Point NGFW but chose Fortinet FortiGate: Efficient, user-friendly, and affordable
For our customers, Secure SD-WAN is very useful for giving the right priority to the applications and controlling the proper use of the... Read more →
Ozan Durmus
Smart, simple, and user-friendly
Back when we had a different brand of firewalls, we were having trouble managing all of them separately. With Check Point's HA capability, we... Read more →
TejasJain
Configuring policies is user-friendly but challenges with stability
It's primarily meant for perimeter security and the ability to securely access the internet and SaaS applications. So that has definitely helped us... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The CLI is robust and powerful, enabling rapid, consistent changes via SSH.""User-friendly and affordable security solution that's recommended for SMB customers. This solution has good technical support.""It has improved our security capabilities.""The most valuable features of the solution are SD-WAN, filtering testing applications, web filtering, and the new VPN.""It's very easy to configure.""FortiGate is very simple to manage and easy to use.""The ability to set up remote systems is the most valuable feature.""The security fabric is excellent."

More Fortinet FortiGate Pros →

"The performance has been very good.""It is easy to use, and its management is the best. Check Point has a great unified management solution for firewalls and security products.""With the new SmartTask offered in R80.40, we will be happy to configure some automatic control-functions.""The most valuable feature is the centralized management, which gives us control over all of the Check Point gateways.""They utilize various gateway features, including Identity as a Service (IDaaS), anti-spam, antivirus, and other security measures, effectively creating a robust defense against a wide range of potential risks.""Check Point's Quantum helps our clients in their overall cybersecurity practice.""The packet inspections have been a strong point.""I like the SmartEvent feature. When we see a threat, SmartEvent can create a rule for that. SmartEvent works with the SmartCenter to block a threat attack with a block monitor. The SmartCenter has the management for all the firewalls and data centers in a single dashboard."

More Check Point NGFW Pros →

"The most valuable feature of Zscaler Internet Access is that it is a consolidated solution, it comes with many features, such as DLP.""Zscaler covers all the features needed to replace a VPN or proxy solution. They are good. They've been on the market for 15 years now, so they are mature enough.""The solution replaces multiple vendor technologies with one which makes it worth the cost.""The most valuable features I found in Zscaler Internet Access are the restriction of users for a particular URL, the security feature related to stopping DDoS, and the VPN.""One feature that is valuable to me from an implementation point of view is that it's very easy to implement.""The URL filtering has been the most valuable feature.""The solution is scalable and stable.""The VPN is valuable, as the whole technology is very different from a traditional VPN."

More Zscaler Internet Access Pros →

Cons
"It would be nice if FortiGate incorporated some built-in endpoint protection features. I would also like a built-in SOC dashboard for managing multiple Fortinet firewalls.""One area for improvement is the performance on the bandwidth demands for smaller devices, as well as better web filtering.""Fortinet FortiGate should improve the VPN tokens.""The solution lacks sufficient filtering.""It is very expensive, and their support is not very good. I hope that their technical support will be better in the future.""As far as wanting more scalability or things in the network diagram, it's going to cost you.""Security is a continuous process. In every product, there is a requirement for improvement. Its pricing should also be improved according to Indian market requirements. They must also improve on the reporting part. Its reporting can be more precise. If we can get a real-time report in a specific format, it will be helpful for customers to know about the current status of their security.""I don't like that anything more than very basic reporting is not included."

More Fortinet FortiGate Cons →

"SmartEvent Settings and Policy GUI, and the rest of external apps should be improved.""The only thing which I think should be improved is that training should be increased. In my position I also interview potential employees and I haven't found many people in the market, nowadays, who are familiar with the Check Point firewall. They are more familiar with Palo Alto and Cisco ASA and they are more comfortable with them.""For R80.10 and above, if you want to install a hotfix, then you can't install it through the GUI. I don't know why. In the earlier days, I was able to do the installation of hotfixes through the GUI. Now, Check Point said that you have to install hotfixes through the CLI. If that issue could be resolved, then it would be great because the GUI is more handy than the CLI.""There have been a few requests/issues about the Identity Awareness feature.""It would be best if the security management server console access is simpler for ease of management.""I would like there to be a way to run packet captures more easily in the GUI environment. Right now, if we want to read packet captures, we have to do so from the command line.""Check Point could improve the time for delivering requested features from customers.""Of the areas of improvement that I want to see in this product, without a doubt, one is the technical support. In this time of globalization, with so many cyberattacks and risks, the Check Point support staff take a long time to attend to incidents due to the high demand."

More Check Point NGFW Cons →

"It needs better integration with other applications. It takes a fair amount of regular activity to apply the by-passes because it is very strict in its restrictions and frequently you have to go in and open things up to allow the workforce to work.""There are a few features that are not compatible with the Azure cloud.""The reporting functionality could be a bit easier to use. There is a reporting function, but it's quite hard to do any good reporting, from a user-management perspective. For example, if a department manager wants to know how his department is using the web, there is a way to get the data, but it's quite cumbersome to get it and show it well. And that's true for comparing between departments.""If they can also integrate with the multi-factor authentication to prompt users to do another, second-factor authentication, that would be ideal.""One thing that needs to be improved is their presence in China. I'm not sure if that's a Zscaler thing or if it's a problem with all vendors in this space, but it would be nice to have better coverage in China. This concern is a common one for vendors across the board when dealing with the Chinese market.""The interface for administration could be better. They should upgrade the management portal.""Zscaler Internet Access needs to integrate more ISPs. It is good to have more than three ISPs.""Zscaler should provide adjacent services, which would be complementary to their current offering that could to be more pragmatic for a customer. For example, if you take Akamai, you get multiple sets of services, all depending on the customer and the strategy and the complexity and the problems. In some areas, they are more varied in terms of coverage."

More Zscaler Internet Access Cons →

Pricing and Cost Advice
  • "Fortinet has one or two license types, and the VPN numbers are only limited by the hardware chassis make."
  • "These boxes are not that expensive compared to what they can do, their functionality, and the reporting you receive. Fortinet licensing is straightforward and less confusing compared to Cisco."
  • "Go for long term pricing negotiated at the time of purchase."
  • "Work through partners for the best pricing."
  • "The value is the capability of having multiple services with one unique license, not having the limitation per user licensing schema, like other vendors."
  • "Easy to understand licensing requirements."
  • "​We saved a bundle by not needing all the past appliances from an NGFW.​"
  • "The cost is too high... They have to focus on more features with less cost for the customer. If you see the market, where it's going, there are a lot of players offering more features for less cost."

    • More Fortinet FortiGate Pricing and Cost Advice →

  • "I don't think the product's pricing is a good value. I feel it's very overpriced. I feel a lot of the features for a next gen firewall are there. But I feel it's overpriced, because of the stability issues. As far as support goes, I really can't speak to direct Check Point support, but the third-party was pretty terrible... As far as the licensing goes, it's pretty complex. If anybody was to purchase the Check Point product, definitely make sure they have an account rep come on site, and explain it line by line, what each thing is. It's not straightforward. It's very convoluted. There's no way you could just figure it out by looking at it."
  • "Check Point solutions are very expensive here. They're good, but they're expensive... Check Point is only useful for customers that have a big IT budget."
  • "The price is high in comparison to other solutions."
  • "We pay $5,000-$6,000 a year."
  • "Maybe the pricing is a bit high but you get the durability and the duration."
  • "Licensing issues may be confusing at times."
  • "It is quite an expensive product, although security is a top priority."
  • "This product is not cheap and there are additional costs that depend on what model or package that you buy."

    • More Check Point NGFW Pricing and Cost Advice →

  • "​Be aware that you will need to invest some time and money to adapt your environment for Zscaler (traffic redirection, software deployment, authentication, etc).​"
  • "The pricing is an issue. It is expensive compared to other firewalls on the market."
  • "Roughly, we might spend $70,000 a month on the solution. We don't pay for anything beyond the standard licensing fee."
  • "Our monthly fee is around R3000."
  • "The pricing is fair based on its competitive market."
  • "The price is competitive. It's not cheap and it's not expensive."
  • "The pricing for Zscaler Internet Access could be made cheaper."
  • "The price of Zscaler Internet Access should improve, it is expensive."

    • More Zscaler Internet Access Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
    See Recommendations
    770,141 professionals have used our research since 2012.
    Questions from the Community
    Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
    Top Answer: When you compare these firewalls you can identify them with different features, advantages, practices and usage at… more »
    Read all 3 answers   →
    What is the biggest difference between Sophos XG and FortiGate?
    Top Answer:From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know… more »
    Read all 13 answers   →
    What are the biggest technical differences between Sophos UTM and Fortine...
    Top Answer:As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite… more »
    Read all 11 answers   →
    How does Check Point NGFW compare with Fortinet Fortigate?
    Top Answer:I have experience on both from Disti and channel experience. Please find below my comments (nothing new as such)… more »
    Read all 5 answers   →
    Which would you recommend - Azure Firewall or Check Point NGFW?
    Top Answer:Azure Firewall is easy to use and provides excellent support. Valuable features include integration into the overall… more »
    Read all 2 answers   →
    What do you like most about Check Point NGFW?
    Top Answer:Check Point NGFW provides essential security, featuring no-obligation access for secure connections, strong intrusion… more »
    Read all 165 answers   →
    Which is the better security solution - Cisco Umbrella or Zscaler?
    Top Answer: Cisco Umbrella and Zscaler Internet Access are two broad-spectrum Internet security solutions that I have tried.… more »
    Read all 3 answers   →
    Which is better, Zscaler internet access or Netsckope CASB?
    Top Answer:We researched Netskope but ultimately chose Zscaler Netskope is a cloud access security broker that helps identify… more »
    What do you like most about Zscaler Internet Access?
    Top Answer:The solution has reduced cyberattacks.
    Read all 36 answers   →
    Comparisons
    Also Known As
    FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate
    Check Point NG Firewall, Check Point Next Generation Firewall
    ZIA
    Learn More
    Fortinet
    Check Point Software Technologies
    Zscaler
    Overview

    Fortinet FortiGate enhances network security, prevents unauthorized access, and offers robust firewall protection. Valued features include advanced threat protection, reliable performance, and a user-friendly interface. It improves efficiency, streamlines processes, and boosts collaboration, providing valuable insights for informed decision-making and growth.

    Check Point NGFW is a next generation firewall that enables safe usage of internet applications by blocking malicious applications and unblocking safe applications. Check Point NGFW, which uses deep packet inspection to identify and control applications, has features such as application and user control and integrated intrusion prevention (IPS), as well as more advanced malware prevention capabilities like sandboxing.

    Check Point NGFW includes 23 firewall models optimized for running all threat prevention technologies simultaneously, including full SSL traffic inspection, without compromising on security or performance.

    Benefits of Check Point's Next Generation Firewall

    • Robust security: Check Point NGFW delivers the best possible threat prevention with SandBlast Zero Day protection. The SandBlast protection agent constantly inspects passing network traffic for exploits and vulnerabilities. Suspicious files are then emulated in a virtual sandbox in order to detect and report malicious behavior.

    • Security at hyperscale: On-demand hyperscale threat prevention performance provides cloud level expansion and resiliency on premises.

    • Unified management: Check Point's SmartConsole makes it easy to manage and configure network security environments and policies. With the SmartConsole, users can manage all the firewall gateways and access logs and install databases from one location. Unified management control across the network increases the efficiency of security operations and reduces IT costs.
    • Continuous logging: Check Point NGFW’s Threat Management feature detects vulnerabilities and logs them. Using the logged data, users can easily create and implement efficient security policies.

    • Remote access: The remote access VPN provides a seamless connection for remote users.

    Check Point NGFW is suitable for organizations of all sizes, from small businesses to larger enterprises.

    Reviews from Real Users

    Check Point NGFW stands out among its competitors for a number of reasons. Two major ones are its intrusion prevention feature as well as its centralized management, which makes it very easy to deploy firewall policies to many firewalls with one click.

    Shivani J., a network security administrator, writes, "Check Point has a lot of features. The ones I love are the antivirus, intrusion prevention, and data loss prevention."

    G., a network administrator at Secretaría de Finanzas de Aguascalientes, writes, “Within the organization, the inspection of packages has given us great help in detecting traffic that may be a threat to the institution. The configuration of policies has allowed us to maintain control of access and users for each institution that is incorporated into our headquarters.”

    Arun J., a senior network engineer, notes, “The nicest feature is the centralized management of multiple firewalls. With the centralized management, we can easily use and operate multiple firewalls as well as create a diagram of them.”

    Zscaler Internet Access is a cloud-native security service edge (SSE) platform. Its main purpose is to provide AI-powered protection for all users, all applications, and all locations. The solution replaces other legacy network security solutions to stop advanced attacks and prevent data loss by using a comprehensive zero trust approach.

    Zscaler Internet Access Features

    Zscaler Internet Access has many valuable key features. Some of the most useful ones include:

    • Proxy (native SSL)
    • IPS and advanced protection
    • Cloud sandbox
    • DNS security
    • Cloud firewall
    • URL filtering
    • Bandwidth control
    • DNS filtering
    • Cloud DLP w/EDM and IDM
    • Cloud access security broker (CASB)
    • Cloud security posture management (CSPM)
    • CloudBrowser isolation
    • Cloud secure web gateway (SWG)
    • Zero trust network access (ZTNA)
    • Digital experience monitoring

    Zscaler Internet Access Benefits

    There are several benefits to implementing Zscaler Internet Access. Some of the biggest advantages the solution offers include:

    • Fast access with zero infrastructure: Zscaler Internet Access creates a fast, seamless user experience because of its direct-to-cloud architecture. With no infrastructure, Zscaler Internet Access helps you eliminate backhauling, which improves performance and simplifies network administration.
    • Threat intelligence: By using threat intelligence, Zscaler Internet Access can stop ransomware, zero-day malware, and advanced attacks via Inline inspection of all internet traffic, including SSL decryption, and a suite of AI-powered cloud security services. 
    • Consistent security: With Zscaler Internet Access, your security policy goes everywhere your users go. When you move security to the cloud, all users, applications, devices, and locations remain protected and secure based on identity and context.
    • Hybrid workforce: Zscaler Internet Access enables secure access to all external and internal apps from anywhere, so remote work is not an issue. You can also enforce business policies that follow the user, making security identical regardless of location.

    Reviews from Real Users

    Below are some reviews and helpful feedback written by Zscaler Internet Access users.

    A Service Manager at a construction company says, "There are a bunch of different capabilities that are valuable within the platform. We use quite a lot of them, but not everything. The ones that are most important to us are the URL Filtering and the application control. For our needs, the cloud-native proxy architecture is a very good solution. This architecture helps with cyber threats because we inspect most of the traffic and we can see that a lot of threats are stopped directly in the secure web gateway."

    Owen N., Security Architect at Claro Enterprise Solutions, explains that the solution’s most valuable features include “The integration of the gateway that inspects all ports and protocols. So, there is threat prevention; The cloud sandbox; VNS security; Access control that will protect URL filtering and the cloud firewall; Data protection that will protect your gateway, like your CASB or your cloud DLP; The capabilities of this will point your traffic to Zscaler Cloud.”

    An Architecture Senior Manager at an insurance company mentions, "The data loss prevention feature is the most valuable. It stops our users from inadvertently leaking our customers' data to the Internet or anywhere else it shouldn't go." He also adds, “The solution provides quick access to cloud services, securing our data and allowing us to inspect all our traffic.”

    Sample Customers
    1. Amazon Web Services 2. Microsoft 3. IBM 4. Cisco 5. Dell 6. HP 7. Oracle 8. Verizon 9. AT&T 10. T-Mobile 11. Sprint 12. Vodafone 13. Orange 14. BT Group 15. Telstra 16. Deutsche Telekom 17. Comcast 18. Time Warner Cable 19. CenturyLink 20. NTT Communications 21. Tata Communications 22. SoftBank 23. China Mobile 24. Singtel 25. Telus 26. Rogers Communications 27. Bell Canada 28. Telkom Indonesia 29. Telkom South Africa 30. Telmex 31. Telia Company 32. Telkom Kenya
    Control Southern, Optimal Media
    Ulster-Greene ARC, BanRegio, HDFC, Ralcorp Holdings Inc., British American Tobacco, Med America Billing Services Inc., Lanco Group, Aquafil, Telefonica, Swisscom, Brigade Group
    Top Industries
    REVIEWERS
    Comms Service Provider16%
    Computer Software Company9%
    Financial Services Firm8%
    Manufacturing Company7%
    VISITORS READING REVIEWS
    Educational Organization20%
    Computer Software Company15%
    Comms Service Provider8%
    Manufacturing Company6%
    REVIEWERS
    Financial Services Firm22%
    Computer Software Company15%
    Comms Service Provider7%
    Manufacturing Company6%
    VISITORS READING REVIEWS
    Educational Organization50%
    Computer Software Company8%
    Financial Services Firm5%
    Comms Service Provider4%
    REVIEWERS
    Comms Service Provider30%
    Financial Services Firm15%
    Manufacturing Company11%
    Computer Software Company11%
    VISITORS READING REVIEWS
    Educational Organization20%
    Computer Software Company14%
    Financial Services Firm9%
    Manufacturing Company8%
    Company Size
    REVIEWERS
    Small Business48%
    Midsize Enterprise23%
    Large Enterprise30%
    VISITORS READING REVIEWS
    Small Business27%
    Midsize Enterprise32%
    Large Enterprise41%
    REVIEWERS
    Small Business32%
    Midsize Enterprise19%
    Large Enterprise49%
    VISITORS READING REVIEWS
    Small Business14%
    Midsize Enterprise58%
    Large Enterprise28%
    REVIEWERS
    Small Business29%
    Midsize Enterprise16%
    Large Enterprise55%
    VISITORS READING REVIEWS
    Small Business18%
    Midsize Enterprise28%
    Large Enterprise54%
    Buyer's Guide
    Check Point NGFW vs. Zscaler Internet Access
    July 2019
    Free Report: Check Point NGFW vs. Zscaler Internet Access
    Find out what your peers are saying about Check Point NGFW vs. Zscaler Internet Access and other solutions. Updated: July 2019.
    DOWNLOAD NOW
    770,141 professionals have used our research since 2012.

    Check Point NGFW is ranked 5th in Firewalls with 275 reviews while Zscaler Internet Access is ranked 2nd in Secure Web Gateways (SWG) with 46 reviews. Check Point NGFW is rated 8.8, while Zscaler Internet Access is rated 8.2. The top reviewer of Check Point NGFW writes "Good antivirus protection and URL filtering with very good user identification capabilities". On the other hand, the top reviewer of Zscaler Internet Access writes "Provides integrated CASB and file sandboxing but could be less expensive ". Check Point NGFW is most compared with Palo Alto Networks NG Firewalls, Sophos XG, Cisco Secure Firewall, Netgate pfSense and Azure Firewall, whereas Zscaler Internet Access is most compared with Cisco Umbrella, Microsoft Defender for Cloud Apps, Netskope , Prisma Access by Palo Alto Networks and Appgate SDP. See our Check Point NGFW vs. Zscaler Internet Access report.

    We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.