What is most valuable?
The UTM platform has been the most valuable. It's a great system. It has the possibility of having several plates implemented on the same appliance. Currently, several other companies have other solutions implemented, but the first time I got acquainted with this was with Check Point.
What needs improvement?
The value can be improved. If we have a small company with less than twenty-five employees and only one central site, the opening range of Check Point is expensive.
The implementation of the rules could also be improved, as some other vendors have a cleaner and nicer interpretation of the rules and rules sets. Check Point, by inheritance of all of those different versions, makes it so it's not that straightforward. Once you get the mindset, it's clear. However, until you get the mindset, specifically on clients that are expecting to work with them, it is not that clear. In our case, we are focused mostly on Layer three, and not the universal ones that some other vendors implement.
For how long have I used the solution?
I've been using the solution since 2003.
What do I think about the stability of the solution?
We do have stability. I have only had issues a couple of times. Regarding the synchronization of events between the management platform and the firewall itself, because it was on the huge port and sometimes the management didn't report the loss in time, because it was overwhelmed with the event. In one period, it happened twice.
What do I think about the scalability of the solution?
They are in line with the rest of the on firewall vendors these days. Because you have to implement a software blade or a hardware blade and then if you go beyond a certain range you have to replace the blade with the solution that comes after. It is supported by them and goes from the advanced layer to the intermediate layer.
How are customer service and technical support?
I've had better support from some other companies. I recall in the past couple years ago, having to submit all of the tickets and it taking a day between the submitting the ticket and getting an initial response or call. I should expect that presently they are better.
How was the initial setup?
The initial setup is straightforward. In the past, we have had to deploy the console and then the firewall then to stop and configure to the main console. Now, with the UTMs and the single appliances, they're straightforward.
What's my experience with pricing, setup cost, and licensing?
This cost is between 3,000 and 5,000 euros per year, so some other solutions are cheaper and the pricing should be improved.
What other advice do I have?
My only recommendation is to get proper sizing of the company or of the environment they're in and to decide if they are going for two layers of firewalls or only one layer. That's the major difference between implementations.
You should start small because of the amount of money. If you have the constraints of buying an appliance that would not suit some VPN constraints or IPSec tunnels that the company might require and if you're going on different layers or implementing more than one layer of firewall, you are spreading the load between them and that's the main issue. That's on top of the high availability which sometimes is disregarded on communications.
The user experience draws the rating down a bit. Specifically on the user experience, sometimes the set up of things, such as the VPN SSL, takes a lot of time to load and a lot of time to get up and running on every session. So some of the users take a long time to get into the SSL VPN.
I would rate the solution a seven out of ten.