Check Point NGFW Review

Central management allows us to push policies to multiple firewalls


How has it helped my organization?

The biggest thing is the central management. It is quite good and allows us to manage the different firewalls from it. We can implement and configure many firewalls and push our policies to them as well.

What is most valuable?

One of the most valuable features is the antivirus. It's very good.

We also now support cascading objects. We didn't support this previously, but on Check Point we do.

The dashboard is quite good, you can explore a lot of features there and it's easy to understand.

It also gives us SSL inspection, which provides more effective mitigation of defects and data leakage.

What needs improvement?

The antivirus is not as effective as it could be because updates are not that frequent.

Another area for improvement is that certifications are quite expensive with Check Point.

For how long have I used the solution?

I've been using the Check Point Next Generation Firewall for the last year.

My role includes working on Check Point and Cisco ASA firewalls to make changes on them, per customer requirements or as the organization needs. I also explore new features and do troubleshooting.

What do I think about the stability of the solution?

It's quite stable. Until now, we haven't faced any issues.

What do I think about the scalability of the solution?

The Check Point 44000 and 64000 Next Generation Firewalls are designed to be quite scalable. 

How are customer service and technical support?

If we do face an issue which is not our support boundaries, we involve the Check Point TAC. They're quite technical, so they help us to resolve things. They are always helpful. They're knowledgeable and their response time is very fast.

Which solution did I use previously and why did I switch?

Previously we were working on Cisco ASA firewall which didn't support the cascading objects. Also, Cisco supports two gateways, whereas the Check Point supports up to five gateways.

We also decided to bring on Check Point because there are a lot of switches that are not supported in Cisco ASA. Also, with Cisco, IPS does not come with the firewall and we have to configure it separately. The Check Point IPS comes with it.

There are a lot of features which are not supported in the Cisco ASA Firewalls.

How was the initial setup?

The initial setup of the firewall is straightforward. I didn't find any difficulties in moving from Cisco ASA to Check Point. The dashboard is quite friendly, so it didn't take much time to learn.

Deployment took about three days.

We have different stages in our implementation process like planning, approving, implementing, checking and validating, and the last one is matching. Job roles in our organization go according to these stages the approvals. I do the planning part and my approval request goes to my team leader.

We have about 400 to 500 users. They are semi-technical or non-technical people, such as network and security engineers, who are tracking and monitoring the firewalls. If we're talking about troubleshooting we have from different levels, like L1, L2, L3.

What was our ROI?

It's saving us a notable amount of time. 

What other advice do I have?

Check Point is good. It has a lot of features which will support a lot of things in your organization, and the dashboard is quite good. There are a lot of features, such as data protection and data inspection, at a good price.

Which version of this solution are you currently using?

R80.20
**Disclosure: IT Central Station contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
More Check Point NGFW reviews from users
Learn what your peers think about Check Point NGFW. Get advice and tips from experienced pros sharing their opinions. Updated: July 2021.
523,742 professionals have used our research since 2012.
Add a Comment
ITCS user
Guest