What is our primary use case?
Our company works in the area of developing and delivering online gambling platforms. The Check Point Next-Generation Firewalls are the core security solution we use for the protection of our DataCenter environment, located in Asia (Taiwan).
In addition, there are about 30 Google Cloud projects of different sizes ranging from 10 to 250 virtual machines, and they are used for development, staging, production, etc. For every project, there is one dedicated scalable instance group of the Check Point CloudGuard IaaS gateways.
We user the Check Point Remote Access VPN to provide access for our employees to connect to the specified environments.
How has it helped my organization?
We use the Check Point Endpoint Remote Access VPN client to allow our remote employees to connect to our company's offices in a secure and reliable way.
We use the clients for Windows and macOS, with the current software version E82.30. The Endpoint Remote Access VPN clients are fully compatible with the Check Point NGFWs Mobile Access VPN blade, and there are no problems connecting to it.
The clients have additional functions, like Firewall and Compliance blades, which we consider as a strong benefit for using the pure clients.
Several remote sites are supported in the client configuration, which allows us to have the redundancy for the case when one of the Offices becomes unavailable due to ISP problems.
What is most valuable?
- It is easy to install the Endpoint Remote Access VPN client to different platforms. Within the company, we use it for Windows and macOS.
- Built-in, centrally-managed Firewall blade, which allows filtering traffic on the client-side.
- Built-in, centrally-managed Compliance blade. We check the client OS on the presence of the latest security updates and that the corporate antivirus software is up and running, and do not allow the client to connect to the office site in the case where these rules are not satisfied. That prevents the infected computers from connecting to the company's location and spreading the threats.
- Stable VPN connection.
What needs improvement?
- The Compliance software blade is available only for the Windows operating systems family, so no macOS security checks are implemented and performed. This is valid for at least software version E82.30, which we currently use.
- In addition, there is no full client of the Check Point Remote Access VPN available for the Linux operating systems families. That is important since some of our administrators prefer to use this OS even on their home PCs. We hope that Check Point would develop a client for Linux in the future.
For how long have I used the solution?
I have been using the Check Point Remote Access VPN for about two years.
What do I think about the stability of the solution?
The Check Point Remote Access VPN clients are stable on both Windows and macOS.
What do I think about the scalability of the solution?
The Gateway side part of the software scales well.
How are customer service and technical support?
We have had several support cases opened, but none of them were connected with the Check Point Remote Access VPN. Some of the issues were resolved by installing the latest recommended JumoHotfix, whereas some required additional configuration at the OS kernel level.
Which solution did I use previously and why did I switch?
Prior to this product, we didn't use any centralized VPN software before.
How was the initial setup?
The setup was straightforward and simple.
What about the implementation team?
Our deployment was completed by our in-house team. We have a Check Point Certified engineer working in the engineering team.
Which other solutions did I evaluate?
We did not evaluate other options because we already use the products from the CheckPoint ecosystem.
What other advice do I have?
The Check Point Endpoint Remote Access VPN for MacOs and Windows are reliable solutions for remote access VPN, and fully compatible with the Check Point security ecosystem.
Which deployment model are you using for this solution?
Which version of this solution are you currently using?