Check Point Antivirus Review

Regularly updated and has good event visibility and logging

What is our primary use case?

Our company works in the area of developing and delivering online gambling platforms. The Check Point Next-Generation Firewalls are the core security solution we use for the protection of our datacenter environment, located in Asia (Taiwan).

The environment has about 50 physical servers as virtualization hosts, and we have two HA Clusters that consist of 2x5400 hardware appliances, managed by an OpenServer Security Management Server on a Virtual Machine (KVM), all running on R80.10 with the latest JumboHotfix.

The Check Point Antivirus software blade is one of the numerous blades activated on the NGFWs and serves for security improvement in the area of scanning files that are traversing the network for the presence of viruses or other malicious software.

How has it helped my organization?

The Check Point HA Clusters are used to protect our company's datacenter, located in Asia (Taiwan). This software blade, the Check Point Antivirus, is activated in conjunction with the others and serves to scan the files traversing via the network. They may be in the form of email attachments or via HTTP/S.

Such files are scanned for the presence of known viruses and malware with the help of the built-in database. The database is updated as per schedule, which for us is four times per day.

The software is quite simple to use, yet still efficient. The antivirus scans are the basic security mechanism, which should be implemented on all the levels. In my opinion, the Check Point Antivirus does its job just right.

What is most valuable?

  1. The Antivirus software blade is part of the Next Generation Threat Prevention license bundle.
  2. The Antivirus is able to scan files downloaded from the internet or traversing the network via Check Point Gateways/Clusters.
  3. The Antivirus software blade is configured via the Unified Threat Prevention policy in the Smart Console (at least for R80.10, the version we use).
  4. There is almost no impact on the security Gateway/Cluster performance after the activation of the blade, especially if you don't scan nested archives.
  5. The updates for the blade are downloaded every two hours.
  6. As with the other Check Point blades, the visibility and logging of events are outstanding.

What needs improvement?

I think that the pricing for the Check Point products should be reconsidered, as we found it to be quite expensive to purchase and to maintain. Maintenance requires that the licenses and the support services be prolonged regularly.

Alternatively, they should create some additional bundles of the software blades with significant discounts in addition to the current Next Generation Threat Prevention & SandBlast (NGTX) and Next Generation Threat Prevention (NGTP) offers.

We also had several support cases opened for software issues, but none of them were connected with the Check Point Antivirus software blade.

For how long have I used the solution?

We have been using this product for about three years, starting in late 2017.

What do I think about the stability of the solution?

The Check Point Antivirus software blade is stable and we haven't faced any issues with it.

What do I think about the scalability of the solution?

The Check Point Antivirus software blade scales well with the gateways we use, since it doesn't affect the overall performance much after activation.

How are customer service and technical support?

We have had several support cases opened, but none of them were connected with the Check Point Mobile Access Software Blade. Some of the issues were resolved by installing the latest recommended JumoHotfix, whereas some required additional configuration at the OS kernel level.

The longest issue took about one month to be resolved, which we consider too long.

Which solution did I use previously and why did I switch?

No, we didn't previously use another network antivirus solution.

How was the initial setup?

The setup was straightforward. The configuration was easy and understandable, and we relied heavily on built-in objects and groups.

What about the implementation team?

Our deployment was completed by our in-house team. We have a Check Point Certified engineer working in the engineering team.

What's my experience with pricing, setup cost, and licensing?

Choosing the correct set of licenses is essential because, without the additional software blade licenses, the Check Point gateways are just a stateful firewall.

Which other solutions did I evaluate?

No, since we had Check Point NGFWs implemented, we just enabled the new software blade.

Which deployment model are you using for this solution?

**Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment