Check Point UTM-1 [EOL] Review

I can create a central database for objects, and browse logs for all of the gateways from a single screen.

What is most valuable?

Check Point is the brand that invented customer centricity when it comes to network security. SmartDashboard was there before many competitors were pushing administrators to the CLI, even for the simplest tasks. The ability to create a central database for objects (sources, destinations, services, etc.), which can be used in several different policies, and the possibility of browsing all logs (FW, IPs, identity awareness, etc.) from all the gateways from a unique screen are big pluses.

How has it helped my organization?

Successful implementation of central management allows my organization, which might be considered over-segmented with lots of firewalls, to make firewall changes easier and track possible problems faster.

What needs improvement?

The speed of the management interface needs improvement. It is known by many professionals that hardware resource usage increases almost exponentially when using more than just one security blade. Security rule-creation logic, which so far works sequentially, must be made parallel just like the competitors do. Otherwise, many administrators fail to understand it and do not use it the way it should.

For how long have I used the solution?

I have used it for six years.

What do I think about the stability of the solution?

Upgrades are quite troublesome, even more so when you have bigger appliances, with special modules like SAM. Not everything goes according to the procedure suggested by Check Point, causing clusters to fail. There are too many unexpected problems.

How is customer service and technical support?

Customer Service:

Customer service is definitely degrading, according to me. Check Point technical support can be held responsible for that.

Technical Support:

Technical support is really hard to reach because of the channel organization. There are know-how differences between support regions, which you normally wouldn't expect from a global organization.

Which solutions did we use previously?

Because of the stability in identity awareness functionality, we switched to Palo Alto Networks firewalls on user-facing environments and it proved to be a right decision.

What's my experience with pricing, setup cost, and licensing?

Check Point seems to purposely keep pricing and licensing complex. That much complexity is really not needed.

What other advice do I have?

Check Point is quite different from other vendors in the way it operates. Too much CLI configuration and strong Linux knowledge is needed for admins. Check Point is not really famous for sharing its learning resources and documentation with the end users. Their proven reputation also impacts the price, making them one of the most costly firewalls, if not the most.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Sign Up with Email