What is our primary use case?
The Check Point Application Control blade provides application security and identity control for our organization. It gives us very easy to create policies based on users and groups. We use Critical Risk and Anonymizers, P2P file sharing, Spyware, and Remote admin categories. We use Application Control in two ways, separate rule base and with access policy as well. My all over experience is good.
How has it helped my organization?
With Check Point Application Control we can say we improved our legacy and have made them more secure. Now we are able to allow specific applications on respective service and we are allowed those respective services only.
With Application Control we have visibility into who is accessing which application but our pain area is still with HTTPS inspection.
Overall, Application Control is a very good blade and it is very helpful in our complex environment. We can restrict our site to site rule as well.
What is most valuable?
The Check Point Application control database contains each and every application and category and each of the applications and categories describe the additional category and also a risk level. The database updates regularly. It gives us the updated and latest lists of applications that are widely used. We can filter a search based on risk level, risk level 5 to see all applications with that risk level. We can also see the description of the risk level with the lag line.
What needs improvement?
Most of the business applications stopped working, we don't know why and we have already escalated to the top level but we still haven't gotten any corrective action on this. They always take logs but after that, there is no resolution. They need to improve this, this will help us a lot. We have not blocked anything on a rule base we have enabled HTTPS on a monitoring mode but still, we are facing issues, and if we add an unknown category on that respective rule only then does it start working.
For how long have I used the solution?
I have been using Check Point for four years.
What do I think about the stability of the solution?
How are customer service and technical support?
Support is genuinely not good on Application Control.
How was the initial setup?
The initial setup was straightforward.
What about the implementation team?
We initially implemented it with a vendor.
What was our ROI?
What other advice do I have?
They have to improve more on the Application Control blade.
Which deployment model are you using for this solution?