We compared Check Point Security Management and IBM Security QRadar based on our users' reviews in five categories. We reviewed all of the data, and you can find the conclusion below.
Features: Check Point Security Management is praised for its centralized management features, user-friendly interface, and extensive monitoring capabilities. QRadar users say the solution provides extensive information and helpful leads for locating pertinent data. QRadar stands out with its comprehensive network visibility and strong SIEM capabilities. Check Point Security Management could improve by simplifying the migration of security policies, optimizing performance, and expanding its management API. Other pain points include threat tracking and documentation. QRadar could improve its rule deployment and lower its false positive rate. Users would also like expanded storage capacity, streamlined user management, and a more mature architecture.
Service and Support: Check Point Security Management's customer service is widely praised for being knowledgeable, supportive, and reliable. Although some users had problems with inexperienced agents and coordination issues, the overall support experience is positive. Some QRadar customers have had trouble connecting with knowledgeable support staff and experienced delayed responses.
Ease of Deployment: Check Point Security Management is generally seen as easy to set up if the user has some expertise. QRadar's initial setup can be complex for users without expertise, and the difficulty may vary depending on the size of the data set.
Pricing: Check Point Security Management is seen as a solid investment, offering flexibility and a good value for the price. QRadar can be costly because users need to buy new hardware to upgrade.
ROI: Check Point users said the solution offers a steady ROI over time. QRadar delivers a high return on investment, improving security through its advanced user behavior analytics.
"It provides for capabilities and has allowed us to be more scalable."
"The management API is the best new feature for me. It allows us to further automate our customers' automated server ordering."
"One of the most outstanding characteristics of its centralized administration is its great computing power."
"The Check Point Management server is isolated from security gateways, which means that in case there is an issue, we have our configuration ready and we can directly replace the device and push the configuration."
"As the security administrator, who is responsible for the day-to-day tasks (e.g. creating new firewall rules, monitoring the security alerts and incidents etc.) and the maintenance (e.g. installing the new Jumbo Hotfixes), I find the Check Point Security Management R80.10 to be the great solution."
"It is good when it comes to access control, which is the basic feature that we use in a firewall appliance or solution. Check Point is effective when it comes to security control and threat prevention."
"The most beneficial features for us are the alert classifications, which help us prioritize critical issues, and the detailed reports that provide insights into attack origins and purposes, such as TLS violations or content violations."
"The company uses software called Harmony. Check Point integrates nicely, whether on an endpoint or mobile device. It integrates well with the firewall and can give me reports that I can check without going to an online portal."
"The product can scale."
"The most valuable features would have to be the products' ability to customize vulnerability management settings."
"It comes with many rules disabled. You can tune them and modify them according to your enterprise needs and avoid false positives."
"It allows us to search data both on-premises and on the cloud."
"The playbook engine is flexible and allows for the graphical visualization of processes, enabling the implementation of dynamic playbooks for incident response or testing."
"QRadar, Splunk, and ArcSight are SIEM solutions with built-in AI/ML features. They can do the complete investigation and alert the admin about what is happening. They can also do the root cause analysis. There are many other features that come with QRadar. It has a more granular log, so you can integrate with various non-IT as well as IT-based components. You can get unstructured data to the SIEM data, and you can identify more what is happening in the network or what is happening in the central head office. You can also identify what is happening between your remote offices. You can also use it to identify what the users in the field are doing on their devices and how things are moving. From the integration point of view, it is very centric. It gives complete control centrally. If a user is not connected to the system, whenever he comes online, we can see the policy updates over the Internet, and we can ensure that the data that is supposed to be protected is protected."
"The scalability is awesome, because QRadar includes other solutions in the same console."
"The support is very good. We get support whenever we need it. Sometimes they respond immediately and sometimes it will be within 24 hours. We can ask them to please do it right away and they can get a request done within an hour or two."
"Check Point Security Management lacks some of the competitor features."
"Being a security appliance, there should be the ability for the Security Management server to send email alerts via authenticated email."
"Policy installation time can be reduced."
"The management API can be further developed so that all functions offered by the dashboard are also available via the API (for example, Network Topology)."
"I would like it to be the administrator of equipment or Next Generation firewalls (which have to be managed on this platform) and to be able to manage other services (like Harmony) that also belong to Check Point."
"If the SmartView monitor can be integrated in the R80.40 and R81 versions, that would be ideal in understanding the trends and graphs of how traffic is observed hitting the different Check Point Firewall Gateways that the Security Management controls."
"Some of the configuration elements could be improved."
"They could offer educational courses to help individuals improve their knowledge and skills."
"The AI engine could be smarter."
"IBM QRadar Advisor with Watson could be more user-friendly. You need some skills and understanding of what you're looking at, especially if you're going to draw down specific information."
"The user interface is a bit difficult to get used to."
"The solution should include remote action capabilities."
"We would like to see better instrumentation for debugging changes in the log flow."
"There should be easier and wider integration opportunities. There should be more opportunities for integration with CTI info sharing areas. On platforms where you exchange CTI, there should be more visibility connected to what we share, what we can reach, or what options are connected to CTI info sharing. This is one area where they could add value because we cannot integrate it easily with QRadar. If a client has a legacy or already existing solutions for CTI, we cannot ask them to forget it because we cannot guarantee that QRadar is able to deliver everything connected to this area."
"There should be more opportunity for community kind of distribution where, for example, if there was a zero-day threat targeting companies."
"The product is good, but one feature they should have is an Elasticsearch. Currently, in QRadar, there are no Elasticsearch criteria."
More Check Point Security Management Pricing and Cost Advice →
Check Point Security Management is ranked 9th in Log Management with 55 reviews while IBM Security QRadar is ranked 6th in Log Management with 198 reviews. Check Point Security Management is rated 8.8, while IBM Security QRadar is rated 8.0. The top reviewer of Check Point Security Management writes "Great DDoS protection, high availability, and useful firewall rule implementation". On the other hand, the top reviewer of IBM Security QRadar writes "A highly stable and scalable solution that provides good technical support". Check Point Security Management is most compared with Wazuh, Fortinet FortiAnalyzer, LogRhythm SIEM, Splunk Cloud Platform and Graylog, whereas IBM Security QRadar is most compared with Microsoft Sentinel, Splunk Enterprise Security, Wazuh, LogRhythm SIEM and Elastic Security. See our Check Point Security Management vs. IBM Security QRadar report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.