Check Point SandBlast Review

We put in high availability clusters and had zero downtime


What is our primary use case?

Check Point is our main perimeter firewall vendor. We have several Check Point clusters doing different things within our environment.

How has it helped my organization?

We didn't really have any IPS before. So, Check Point has improved our security posture. People get used to doing things certain ways, which might not be the best or most secure way, and they can't do that now, which just requires more education of the user base. With the endpoint client, we've started to use Check Point for remote access.

What is most valuable?

Check Point met all of our criteria that we were looking for in a firewall vendor as far as remote access capabilities, as far as IPS and intrusion detection, the SandBlast and the threat extraction pieces that we were looking at to help limit our attack vectors. They're top rated and have been for a long time. Those were all important things that we were looking at when we were looking at replacing what we currently had with Check Point. 

What needs improvement?

The number one thing that's a little bit frustrating is we implement two-factor authentication for remote access. We thought we were going to be able to pick users or groups to do two-factor against, and some did not do two-factor against. We found out that we can only do that either in the mobile access blade in which we can have it all do two-factor or not, and then the remote VPN all do two-factor or not. For our own internal employees, I want them to have an option to either do clientless or client depending on the situation.

One of the main reasons why we picked Check Point was because we needed a clientless option for third-parties who don't have our hardware. Check Point is not doing two-factor authentication for that. This is something that we've been really asking about and we'd like to be able to do: Two-factor authentication off blade based groups (or something else). We know it is on the roadmap.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

We put in high availability clusters and had zero downtime, even with upgrades. It's been rock solid, we're very pleased. It hasn't been disruptive to the business.

What do I think about the scalability of the solution?

We're small. The new Maestro option is impressive. It is nice to know that we could move into this Maestro product and move away from an Active-Passive firewall cluster to an Active-Active, then if we needed it for computer bandwidth, we could easily add something. That is very awesome.

How are customer service and technical support?

We have premium support currently. Several times a month, I call them to ask them stuff. Some of it is not necessarily because I have a problem, but being very new to Check Point, Check Point does things differently than other firewall vendors, so there is a learning curve if you're not used to the way Check Point does things. We use support for that as well, making sure that we're doing things right. 

My experience with them has been good. There have been a couple of things that we've tried where we read through the documentation, and we were really looking for some help in implementing, and technical support wanted me to try it first, then call them if it breaks. It would be nicer if they would hold my hand a bit more. It makes me nervous in production, as I don't have a lab.

If you previously used a different solution, which one did you use and why did you switch?

We replaced our Cisco ASAs with our Check Points. Our version of the Cisco ASA was at end of life, and we would have needed to move to the next-generation of it.

I was the decision-maker. Our company also has some security teams, software teams, an operations team, and a service desk.

What about the implementation team?

We used a partner for the integration. We used CBTS. We've had a partnership with them, not for just what we've done for Check Point, but with several other products that we've bought over the years, and they've been a good partner. I don't really have any complaints with them.

What was our ROI?

We have seen our return on investment, and I think our security guys would agree with that. It's opened up the eyes of the security, and even the organization, regarding risks to say, “Wow, there is really a lot of stuff going on that we didn't know about.”

Which other solutions did I evaluate?

We looked at the gamut of products out there, since there are a lot of firewall players. However, Cisco has consistently been in the top for a long time.

We also looked at Cisco and Palo Alto. We looked at what the NGFW Cisco ASAs looked like.

What other advice do I have?

Nothing is perfect, but Check Point is pretty close to perfect. Check Point is an anomaly in the industry as they only do security. They have been doing this for 25 years and are a pillar of what they do. 

I would rate it a nine out of ten. It consistently performs well, and independent third-parties agree. They are really good at what they do.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest
Sign Up with Email