What is our primary use case?
We use the solution to protect our organization and workers from the outside Internet or any untrusted network.
We have the three-tier architecture of Check Point. We use its consoles, central management system, and firewall device for managing it. This three-tier architecture is recommended by the Check Point Community.
How has it helped my organization?
We protect our internal customers using Check Point Firewalls by providing them security as well as detecting vulnerabilities.
What is most valuable?
The most valuable feature would be the central management system of Check Point because we can manage multiple firewalls through it at the same time. It doesn't matter the location.
I also like the advanced Antivirus feature of Check Point.
The Threat Management feature makes it very easy to detect the vulnerabilities and other factors. We can make new policy according to it. Policy creation is very simple in Check Point. Because the logs are very good in Check Point Firewall, this reduces our work with the reports that we are getting from the Threat Management. It is very convenient for us to use the reports to make new policies for security and other things.
It is very user-friendly.
What needs improvement?
The training for Check Point Firewall should increase, including the number of Training Centers. For most new people in our organization, we have to provide them training from our end, as they are not trained in Check Point Firewalls. So, we have to do the training, from our point of view, to make our engineers able to use Check Point Firewalls. However, with other firewalls, they are already trained, so we are not require to provide them training. This could be improved by the Check Point Community.
For how long have I used the solution?
I have been using it for the past six years.
What do I think about the stability of the solution?
The Check Point Firewall is stable.
The updates that we get are also very stable. We haven't found any stability issues in the updates at all. Features, like the Antivirus, are updated with almost every release and done on a frequent basis.
What do I think about the scalability of the solution?
The scalability is very good for Check Point Firewall. It is very easy to increase. For example, during the COVID-19 period, we increased our deployment on an emergency basis, and it was very easy.
My organization has around 4,000 people.
For Check Point, we have a team of around eight people who manage it. We are basically a team of senior network engineers.
How are customer service and technical support?
The tech support is very good for Check Point. We get straightforward solutions for it every time, and they do not take a lot of time since we have to resolve the cases quickly in a live environment. So, they are very helpful and capable.
Which solution did I use previously and why did I switch?
We are also using Cisco ASA, and we have been thinking that we need to go with Cisco or Check Point. At last, we have decided to go with Check Point because of its advanced features.
How was the initial setup?
The initial setup was very straightforward. We didn't have many problems.
The deployment part took around nine to 10 months. We completely planned the deployment before doing it. Since we already installed Check Point Firewall in multiple branches earlier, we used those same plans to configure it.
What about the implementation team?
We didn't require any external help for the deployment. Our R&D and tech were capable of doing it. Our deployment team consisted of six to eight people, working in different shifts, to configure it.
What was our ROI?
Overall, it is a good cost saving product. We do not have to purchase additional hardware for it, which is a good. This saves us 10 percent in costs compared to Cisco.
The solution saves us about 20 percent in our time, which is substantial.
What's my experience with pricing, setup cost, and licensing?
The price could be decreased, because the competitors of Check Point Firewall are giving lower prices in comparison.
The licensing part is something that is very easy to do in Check Point Firewall. We just need to purchase the license, then we have to write the keys in while installing it. The good thing is that it is an easy process to update the license.
Which other solutions did I evaluate?
We are also using Cisco ASA and FTD. The problem with Cisco ASA is the GUI is missing, while the GUI is good for Check Point Firewall. Apart from that, in Check Point, there are advanced features, like Antivirus and Threat Management, for which we do not require other hardware, where it is required for Cisco ASA Firewall. So, Check Point provides us a cost savings in that way.
The central management system of Check Point is missing in Cisco ASA. This is a good feature because it saves time. We can use it to manage multiple firewalls through one central management device. It is also easy to use.
We are slowly eliminating Cisco ASA and using more Check Point Firewalls, bringing more Check Point Firewalls into our environment.
I have also used Palo Alto, but the organization is using Check Point because they have more confidence in things like Check Point's stability factor. However, more people are trained to use Palo Alto.
What other advice do I have?
Get good training on Check Point, which is very rare to obtain at this point of time. Before implementing or deploy the product, you should be trained properly so you know all the features. It has heavy features in terms of quantity. You should know about each feature before using or deploying it.
I would rate the solution as an eight out of 10.
Which deployment model are you using for this solution?
Which version of this solution are you currently using?