What is our primary use case?
I have been designing, deploying, implementing, and operating Check Point's Security solutions including NGFWs and EndPoint security as well as Remote Access VPNs, Intrusion Prevention systems, URL filtering, user identity, UTMs, et cetera, for around 12 years.
I have also used VSX and MDS/MDLS solutions. In my organisation I am using over 150 virtual and physical appliances and also MDS for virtualized/contanerized central configuration management and also central log management MDLS/MLM. We are using this not just for NGFW but also for other Perimeter security solutions.
How has it helped my organization?
This solution has helped keep the security posture of my organization in the best possible shape. Check Point's solutions stay a cut above its competitors to make sure your IT infra Cyber is safe from both known as well as zero-day attacks and malware.
From an operations point of view, Check Point solutions are the best in terms of providing central configuration management and also central log correlation and management. Additionally, Check Point's virtualization solutions around VSX are super-efficient and very stable.
What is most valuable?
I found Check Point's software ability to provide for all the perimeter security solutions including next-generation firewalls, intrusion prevention systems, identity and access management, and URL filtering. They are all excellent. Check Point's Central configuration management, central log correlation, and management solution are a cut above the other vendors and are the best in the industry. Check Point's virtualization solutions are also very efficient and can be scaled. They are highly stable solutions (MDS/Domain Managers & MDLS).
What needs improvement?
To be very very honest, I do not see any major gap or improvement area for any of Check Point Cybersecurity solutions, whether it's your enterprise be cloud-based only, on-prem (Private cloud or Legacy infrastructure), or hybrid infrastructure. Check Point's solutions are highly cost-efficient, have low OPEX costs, are very stable, are safe and secure, and helps maintain the enterprise's security posture.
Check Point's security solutions are a cut above the other vendors, not just today but for the last 30 years. Without having to mention any gaps, Check Point's development team works hard to stay ahead of technology in the cybersecurity space.
I feel the only thing that I see as a possible improvement in Check Point software is the lack of ability to create "static discard routes" which makes it difficult for NAT ranges to be advertised via BGP to neighbors. Although Check Point has an alternative of creating a dummy interface to introduce "directly connected" routes for NAT ranges so that they could then be advertised up/downstream, having the ability to do so using "static discards" would be a great thing to have.
For how long have I used the solution?
I've worked with the solution for a little over 12 years.
What do I think about the stability of the solution?
The product is very stable.
What do I think about the scalability of the solution?
The solution is highly scalable.
How are customer service and technical support?
The sales, pre-sales, professional services, and tech support are all very nice.
Which solution did I use previously and why did I switch?
Yes, and we switched because Check Point proved to be more reliable.
How was the initial setup?
The initial setup is absolutely straightforward.
What about the implementation team?
We implemented it through an in-house team.
What was our ROI?
Every dollar spent is worth it.
Which other solutions did I evaluate?
Yes, we looked at Cisco, Juniper, and Palo Alto.
What other advice do I have?
Which deployment model are you using for this solution?
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Which version of this solution are you currently using?