We performed a comparison between Check Point CloudGuard Network Security and Check Point UTM-1 [EOL] based on real PeerSpot user reviews.
Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls."The most valuable features are the enterprise modeling and the simple interface."
"The base firewall features are quite valuable to us."
"We have been able to offer several services to customers in a single box."
"The FortiGate controls the user's activities and maximizes my bandwidth use overall."
"The integration with Active Directory is one of the good features. Most of the customers are now looking for the Single Sign-on feature. So, being able to integrate Active Directory with the firewall is useful. It is also easy."
"The simplicity of the configuration and the stability of the product are most valuable. The VPN concentrator is very useful."
"Consolidated our network environment at all locations, but mainly at our datacenter."
"The IPS is good. It protect my network from attackers."
"Its integration and use of features, such as advanced threat prevention, have helped us a lot with malware prevention and also with avoiding exposure to false positives."
"The most valuable feature I have found in CloudGuard Network Security is the flexibility to rebuild the firewall as needed."
"The tool's most valuable features for us are threat prevention, HTTPS inspection, and the Anti-Bot blade. Threat prevention helps to protect our assets from threats. HTTPS inspection ensures secure communication, and the Anti-Bot blade is particularly helpful in detecting C2 servers, enhancing our ability to identify malicious activities and protect our network."
"The main benefit of the Check Point Virtual Systems solution is its ability to split up the hardware appliances that we have into several logical, virtual devices with separate traffic handling policies, as well as the switching and routing."
"When browsing, it scans sites to ensure that they are safe and that no harm can be caused."
"The feature most valuable to me is the NDTX blade that Check Point provides, and I like how the solution is not vulnerable."
"The versatility is the solution's most valuable feature."
"The most valuable feature for us is the simplicity of creating this environment. Even though our current cloud usage is limited, the process of setting up machines in the product and establishing an HR system was straightforward."
"We can create a domain to separate and segregate some functions, some services."
"The solution is very robust."
"It safeguards against cyber attacks."
"The most outstanding feature is being able to centralize each of the functions in a single device."
"The UTM platform has been the most valuable."
"Firewalls help us a lot in controlling traffic on our network and preventing unauthorized access."
"It provides visibility and drives organizational security."
"The most valuable feature for us was to implement negligent functionality, to direct functionality to viewer control and application control so we could disconnect, and at the same time, we installed checkpoints. We disconnected our proxy."
"I think that the infrastructure for the VPN could be improved. The way that it is bundled also made it difficult to use and sell as it is too expensive."
"Security is a continuous process. In every product, there is a requirement for improvement. Its pricing should also be improved according to Indian market requirements. They must also improve on the reporting part. Its reporting can be more precise. If we can get a real-time report in a specific format, it will be helpful for customers to know about the current status of their security."
"The initial setup and configuration are not intuitive and require training."
"They should make the rule sets more understandable for the end user. When you're trying to explain to somebody how a computer network is secured, sometimes it's difficult for an end user or customer to understand. If there was a way to make the terminology more accessible to the end user, the set up could be easier. They should translate the technical jargon to an easily relatable and understandable conversation for the end user, the customer, that would be brilliant. Particularly in an environment where the IT structure is audited regularly, there's always pressure from the auditor to up the standards and up the security and you get your USCERT's that come out and there's a warning about this and the customer will want to lock out so much and when you apply it they run into issue where they can't search the internet or print to their remote office. Of course they can't print to your remote office, they just locked it up. They should make the language more understandable for the customer. If there's a product out there that made the jargon understandable to John Q. Public, I would buy that."
"The room for improvement is about the global delivery time period. Usually I need to wait for almost one month to deliver it overseas. So if you can shorten the deliver time it'd be great."
"Due to its higher cost, Fortinet FortiGate can lead to increased operational expenses."
"Fortinet FortiGate should improve the VPN tokens."
"Tunnel flapping was one of the major things I had seen wherein your internet link remains but your VPN tunnel is down. However, since I got a fix from the TAC team, I have not noticed it, but the customer complained a few times that they couldn't access the internet because of this problem."
"It is somewhat problematic in the area of the cloud."
"The challenge mainly revolves around the slower functionality of virtual IP switching in Azure Virtual Network compared to on-premise solutions. On-premise, switching between clusters is faster, taking only a few seconds, while in Azure, it can extend up to five minutes. The downtime is a concern for us."
"The solution needs to improve the interruptions that happen during gateway upgrades."
"A threat categorization system can be added to give users the authority to define vulnerable attacks and classify areas that can threaten the workflow system."
"The solution's integration with cloud providers has seen significant development in the past months, but there is room for improvement for better integration."
"This application can be more integrated with web application firewalls. Better integrations would provide more granularity, which would be helpful for focusing on the application itself and preventing attacks. It would be good to include the cross-domain search. If you have multiple firewalls that are managed on the same platform and you want to check who is using some particular objects or where a specific ID is being used, it should provide an option for this kind of search instead of having to check one by one on each firewall."
"Check Point CloudGuard Network Security could improve by making it easier to configure."
"Lacks the ability to integrate with other security solutions."
"Specifically on the user experience, sometimes the set up of things, such as the VPN SSL, takes a lot of time to load and a lot of time to get up and running on every session."
"Some features that could be improved are advanced threat protection, sandboxing, and vulnerability management."
"While the technical support is good, the Indian level technical support could use an upgrade."
"I am not able to see a demo."
"The solution should be more user-friendly."
"The solution could be improved if there was a better way to report. The reporting functionality is not really good. Even though it's not the major function. Maybe adding a way to make a custom report."
"What has been the issue of firewalls is they ask me for policies and content filtering application control and all these features that are now part of Harmony."
"As we don't have a representative of Check Point in Mozambique, this makes it very difficult when we have some issues to resolve."
More Check Point CloudGuard Network Security Pricing and Cost Advice →
Earn 20 points
Check Point CloudGuard Network Security is ranked 8th in Firewalls with 119 reviews while Check Point UTM-1 [EOL] doesn't meet the minimum requirements to be ranked in Firewalls with 19 reviews. Check Point CloudGuard Network Security is rated 8.6, while Check Point UTM-1 [EOL] is rated 8.2. The top reviewer of Check Point CloudGuard Network Security writes "The solution has good threat emulation, threat extraction, and reporting features". On the other hand, the top reviewer of Check Point UTM-1 [EOL] writes "Great firewalls, VPN, and Intrusion prevention capabilities". Check Point CloudGuard Network Security is most compared with Azure Firewall, VMware NSX, Cisco Secure Firewall, Akamai Guardicore Segmentation and Palo Alto Networks VM-Series, whereas Check Point UTM-1 [EOL] is most compared with .
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Hi,
I've been working with gateprotect UTM recently. It's cost effective and much easy to work with compared to Fortinet and Checkpoint UTM.
www.gateprotect.com
With the quick guide packed with screen shots, and clear simple instructions, you'll get to know how easy and simple it is to get the gateprotect UTM up and running in no time.
www.gateprotect.de
Also note gateprotect UTM has been identified as a top choice for SMB in Gartner UTM firewall survey, which makes it a reliable product/solution.
www.gateprotect.com
www.gateprotect.com
Go for checkpoint
regards
kapil yadav
Hi
Both options are good but i would recommend the Cyberaom as i have had a
chance to work with it before.
Other options is Cisco Ironport .
Regards
Brian
Hi Russell,
I advise you to go with Sophos if not I advise you to go with Fortinet.
Did you ask your team to check Sophos demo I sent?
Regard
Maroun Jean Abboud
Mobile : 00961 70943122
Skype :maroun_abboud1
Both devices are good. Checkpoint is one of the market leader who gives a
good UTM solution. Fortinet is cheaper when compare to checkpoint and
flexible.
You may try the Paloalto which gives more attention on zero day attacks.
Thanks & Regards /*Ramesh M*
At this point in time all of the major firewall vendors marketing Next-Gen firewalls provides similar features. I recently participated in a 2 day meeting with sales and engineers with Fortinet. I have to say Fortinet has come a long way in the last few years and am beginning to like their product more and more. In terms of feature set the two products are nearly identical.
When comparing the two vendors there a clear separation in which product focus is clear. Fortinet is a major winner in their smaller units and provide the most bang for your buck. When central management with datacenter and enterprise sized firewalls are required you will find Checkpoint is the leader. In your question you mention CheckPoint UTM. When mentioning this I immediately think of the UTM-1N (old Model) or 620 (New Model). This is a standalone unit and is in the $500.00 - $800.00 range. A comparable unit would be a Fortinet FG-30D. These are the lower end units and I would not recommend them for a solution involving the number of product blades/features you have listed. I have a FotiWifi-60D for my home and it works quite well. I have all the blades configured and enabled. In my home we have 3 sometimes 4 occupants running games and/or streaming video constantly. We average 90GB of internet traffic a month. I have found the FortiWifi-60D able to keep up with the load but at times does peak in CPU and Memory.
A major difference between Fortinet and Checkpoint is their GUI. I find the Checkpoint GUI to be much more intuitive and easier adapt to for new users. Fortinet on the other hand, excels in the CLI with a Cisco/Avaya mixed interface and help structure. Checkpoint is Linux based and almost any Linux command functions on their systems, however, there is limited tab completion and no mid command assistance.
In regards to the firewall blade aka port based firewall I do not see one vendor being better than the other. I would leave this as a preference for what you are used to and what works best for you.
I am going to lump Web Filtering, Layer7- App Filtering together. Both Fortinet and Checkpoint have powerful next-gen capabilities. Both vendors approach web filtering application filtering in a similar way. Utilizing category based URLs and Applications with recommended risk levels. Fortinet published their application/web catalogs at www.fortiguard.com. Checkpoint published their URL categorization at www.checkpoint.com and Application Catalog at appwiki.checkpoint.com At this time I can confirm Checkpoint has 6,578 applications identified while Fortinet has roughly 3,500 (Please confirm with your sales rep on this number as I got it from their catalog’s last displayed number of applications and it could have been a display limit rather than the total identified).
I do not have experience with Checkpoint’s IPS and Antivirus in an implemented production use so I can’t provide am accurate comparison. Based on Fortinet’s demos and my experience I would say that it is a comprehensive product. Due to Fortinet’s market (Non-enterprise businesses) and their licensing model (comprehensive of all features) they have a higher rate of discovery, writing a signature, and deploying it than Checkpoint. Also if you purchase the FortiSandbox (enterprise class product) you will have a good result for zero-day attacks.
In the VPN space I currently have a preference for CheckPoint. I find that their approach is very simple, easy to understand, and reliable. Fortinet provides a Wizard based configuration for their VPN tunnels as well as a manual creation process. I find the approach to be more complicated than it needs to be.
Note on Sizing… When it comes to FortiGate if you can afford it start your specs at FG-100D. I have found the lower models to have some quirks. If you are looking for a centrally managed solution Checkpoint includes base central management with all of their models starting at 1100. If you are going to centrally manage your firewalls I would suggest purchasing a VM based Open Server for management and logging. The equivalent would be a FortiManager.
I hope this helps,
Christopher L. Butler
Christopher L. Butler CCP-Network, CCA-Netscaler
We have chosen Fortinet after a long evaluation effort, while CheckPoint was our next best option. So you can't go terribly wrong with either. The reason we chose Fortinet is that it provided us a better bang for the buck. Be careful, however, with the advertized throughput of Fortinet devices as you often get only 50-70% of the advertized value, so size your devices accordingly.
One thing to consider is that UTMs are often not as good as a dedicated product, especially when it comes to web proxies. You should carefully consider your requirements and compare them with the capabilities of the UTMs you are considering. One tricky issue we are facing is web proxies for mobile devices, and there we are considering a cloud-based web proxy solution.
As far as dollars per protection, I would say Fortinet is your solution. I found this article pretty helpful: www.itgweb.com