What is our primary use case?
The Check Point Next-Generation is a firewall that provides security to our inside network from the outside with next-gen features like Blocking Antibot, Antivirus, IPS, etc.
Other than that, Check Point supports threat prevention for zero-day attacks.
With the addition to that Check Point firewall, it also provides a VPN. We can configure Star and Mesh IPSec VPN as well as SSL VPN.
Logging and reporting is one more important aspect when we talk about firewalls and Check Point did a great job in that.
How has it helped my organization?
Check Point Next-Gen firewall provides security to the internal IT infrastructure. With its high-performance hardware & throughput we can use redundancy.
With a large database of the signature at threat cloud, it is very simple to get protected from attackers. We just need to timely update the signature. We can also use the cloud as well as a private cloud that is on-premise sandboxing.
With the new updated R80 version, it becomes easier to use the smart console, manage firewalls, and troubleshoot issues.
What is most valuable?
The most valuable thing in Check Point is the firewall itself. It has a stateful and high throughput firewall capacity.
NGFW features include Signature Based as well as zero-day. They work well.
Another good part of Check Point NGFW is the featured reach dashboard where granular control over all features is provided. Each and every option is made to make life easier. Smart Monitor can monitor the firewalls, logging & reporting provide the best way to analyze traffic.
Lastly, the support team is available 24/7 for help in case of issues.
What needs improvement?
Check Point needs to improve their 3 tier architecture. Firstly, gateways cannot be managed without the Management server, which sometimes creates a problem. There is no way to extract policies or other configurations from gateways in case a management server goes down. That is something other companies provide.
Another major issue is the Smart console application is very heavy and cannot install anything other than the Windows operating system. Every time I open Smart console it becomes unresponsive for some time.
Lastly, the stability of R80 is an issue. Regularly we get some issues or bugs that are resolved by custom or new hotfixes. Sometimes it is a tedious task as this has a production impact.
For how long have I used the solution?
It's almost three years that I am working on Check Point now.
What do I think about the stability of the solution?
After R77 Check Point becomes somewhat unstable but over time they have improved a lot and are close to becoming leaders again.
How are customer service and technical support?
It is one of the best tech support. They respond quickly. You can get help from tech whenever you want but most of the time, the resolution will be installing a hotfix.
Which solution did I use previously and why did I switch?
I have worked on the Sophos firewall. It lacks features and performance.
How was the initial setup?
Implementing Check Point the first time may feel complex but once done I found it is fast and easy.
What about the implementation team?
I am the one who implemented the firewall. At times I have gotten help from tech support, they are really good in terms of technology as well as helping.
What's my experience with pricing, setup cost, and licensing?
Cost is on the higher side, but we cannot ignore that Check Point is one of the leaders in the firewall category.
Which other solutions did I evaluate?
I have evaluated Palo Alto firewalls as well.
Which deployment model are you using for this solution?
Which version of this solution are you currently using?