What is our primary use case?
The main feature we use this product for is the firewall. The second thing we use it for is the secure VPN for connections to the corporate office. The third one is intrusion prevention and antivirus. It is an all-in-one solution for peace of mind.
There is really a fourth feature. The appliance has at least four interfaces. This allows users to have a different interface port per user group. It is a way of making network segmentation. There are four ports on that appliance, but there can be six or seven.
What is most valuable?
One of my favorite features is the logging. The log journal is very descriptive in what it records about the traffic. It is a good way of tracking who comes in and who goes out of your network.
What needs improvement?
I think this product is made by the market leaders. They have pretty much everything you can ask for as far as features are concerned. The pricing is high and I think it could be more competitive if it was lower. They might resolve that difference by offering even more features.
Another feature I'd like to see is a different way to handle load balancing on the firewall. Sometimes when you are using a firewall, you need another layer to properly balance your traffic. Right now that means adding more equipment, which is expensive. If Check Point could offer another option for a different way of doing load balancing, that would be a cost-savings for the client.
Another option might be offering data fusion. Sometimes you can combine the data stream. If you can and you do, you will have one stream instead of having multiple streams. That is also very cost-saving when you can fuse the data.
What do I think about the stability of the solution?
The product is stable. I'm quite satisfied with the stability.
How are customer service and technical support?
I think the technical support is very good. They know what they are talking about and I get answers when I need them.
How was the initial setup?
The setup was straightforward. The deployment took me only a couple of hours.
What about the implementation team?
I am both a consultant and at the same time a systems integrator. I do the installations.
What's my experience with pricing, setup cost, and licensing?
The pricing is really extremely high in comparison to the rest of the market. The cost for the licensing of the Check Point 3100 series is a little bit over 10,000 euros. But they also make the software subscription mandatory. That means that not only do you have to buy the appliance, but you have to also buy a subscription.
Which other solutions did I evaluate?
The other firewall solutions that my clients usually want to consider when they are looking for an anti-malware tool aside from Check Point are Fortinet (which is also a good product) and SonicWall (which is also a good product).
As far as how these products compare, I would say Fortinet has more accessibility in terms of just getting the product. Check Point is very hard to procure. You have to go through different channels, you have to follow different requirements and give a lot of private information in order to acquire it. Sometimes there are governmental laws and restrictions that affect the procurement of a product with such sophisticated encryption. It is almost like they have to clamp down on the encryption when the product is outside the US. It is like wifi. When you order wifi access points for the UK or for the US, there are different encryption algorithms. As soon as that product goes out of Europe or the US, it is illegal to keep the same encryption type. You have to lower the level of encryption for some reason. It seems very strange.
When leading countries start dictating what you should have and what you should not have, it seems like there is no justice. It should not be that you consider yourself a privileged country and you want to have a high level of encryption and not allow people in other countries to have it. If you believe in fairness, equality, and sharing — all of these values are things we hear them talking about, but that they don't allow us to experience. In just buying the goods, you have different standards for our country. The same product should be the same thing everywhere. We are on the same grounds and the same sky above you. It is not fair and even trades for everybody, but it costs the same.
What other advice do I have?
Advice that I would give to others who are looking to implement Check Point Antivirus in their organization is the same advice I would give to someone considering any solution. Before you invest any money in any product — it could be Check Point, it could be Fortinet — you have to know what you are trying to achieve. If you don't know what you are trying to achieve, there is no purpose in buying anything. It will not serve a purpose.
First, define your parameters, understand the risk that you are up against without the solution and what the benefits are if you buy. Then after you think about it, it is time to decide if it is worth it according to your actual needs. You do not always need to go to get fancy products and an enterprise solution if the purpose and scope for your plans do not fit the model of those products. Sometimes I hear people just say they want a product because they hear it is the best name. Sometimes a choice like that is more overwhelming. It does not serve the purpose, it is more difficult to deploy and people end up not even using it. The purchase becomes an operating capital that gets burned and spent for no reason when it was money they could have invested somewhere else. They just put the money in the wrong place because they want to do like everyone else. If you are talking about a large insurance corporation, their needs are much different than if you are talking about a small or medium-sized company that does not fall under so many government restrictions.
I would recommend Check Point Antivirus for medium and enterprise-sized organizations. Not for small organizations because it would almost always be too much.
On a scale from one to ten where one is the worst and ten is the best, I would rate Check Point Antivirus as an eight to nine. That is because they know their market. They are focused on what they do and they do only that. Their focus is not spread out so they produce the best product.