Check Point IPS Overview

Check Point IPS is the #7 ranked solution in our list of top Intrusion Detection and Prevention Software. It is most often compared to Darktrace: Check Point IPS vs Darktrace

What is Check Point IPS?

Check Point IPS (Intrusion Prevention System) combines industry-leading IPS protection with breakthrough performance at a lower cost than traditional, stand-alone IPS software solutions. IPS delivers complete and proactive intrusion prevention – all with the deployment and management advantages of a unified and extensible Next Generation Firewall solution. Learn more about IPS Software.

Check Point IPS is also known as Check Point Intrusion Prevention System.

Check Point IPS Buyer's Guide

Download the Check Point IPS Buyer's Guide including reviews and more. Updated: June 2021

Check Point IPS Customers

Morton Salt, Medical Advocacy and Outreach, BH Telecom, Lightbeam Health Solutions, X by Orange, Cadence, Nihondentsu, Datastream Connexion, Good Sam, Omnyway, FIASA, Pacific Life, Banco del Pacifico, Control Southern, Xero, Centrify

Check Point IPS Video

Pricing Advice

What users are saying about Check Point IPS pricing:
  • "I think that the price of support is around $40,000 USD or $50,000 USD per year."
  • "The module has a considerable cost but you can save by purchasing a package with several modules instead of making a single purchase."
  • "Enabling IPS does not require any additional license purchase from OEM, as it comes by default with the NGFW bundle."
  • "The pricing for Check Point IPS is competitive and brings good value for the money."

Filter Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
ITCS user
Network Security Engineer/Architect at a tech services company with 1,001-5,000 employees
Real User
Top 5Leaderboard
Protects us against hundreds of different attack vectors

What is our primary use case?

We use Check Point IPS to protect our infrastructure against threats. It internalizes different attack buttons. We started by deploying it only on the on-prem firewalls, but now we are also rolling out to the internal firewalls, the ones that segregate environments, the production, and the corporate environment.

Pros and Cons

  • "The most valuable feature is that it protects us against hundreds of different attack vectors, like ransomware. The protection is always being triggered. People try to access websites that are categorized as malware, so when the users do a DNS request for the IP of those malware websites, the IPS Blade replaces the real IP of the website that is malware with a bogus IP. The user gets an IP that doesn't exist and when he tries to access, it won't work."
  • "The only thing they could maybe improve is that we notice right away that the performance decreases when we enable the IPS, especially beyond the CPU and memory usage. If you want to enable the IPS and you have a lot of traffic, it can have an impact. The performance could be improved."

What other advice do I have?

My advice would be to always have it with the latest database because you want to be protected against the latest attack vectors. It's very important to have it doing automatic updates so that when Check Point reviews an update of an attack that is currently happening, you always get it first before you get the effect. I would rate Check Point IPS a nine out of ten. Not a ten because of the logging issues we've experienced.
KK
IT Department manager at AS Attīstības finanšu institūcija Altum
Real User
Easy to set up and use, has good reporting with lots of detail

What is our primary use case?

We are using Check Point IPS for securing our internal networks and our website, as well as all of the traffic that goes through us. The traffic is analyzed by the IPS, which checks for things like malicious files and different attack patterns. We are using the virtualized version.

Pros and Cons

  • "The reports are well written so that you can understand what type of attack has occurred, the originating IP address, and other details."
  • "Occasionally there are glitches and errors like false positives, which would be a nice area of this solution to improve upon."

What other advice do I have?

My advice for anybody who is researching this type of solution is that they need to choose the product carefully. Most importantly, I would look from a performance perspective. Secondly, I would consider it from a pricing perspective because there are cheaper solutions available like Sophos and Fortinet, and they are good at what they do. If there is no firewall in place at all and this is their first project with protecting the enterprise, then it is reasonable to look at all of the vendors and look at what features are needed. The most important part is what your administrators are used to…
Learn what your peers think about Check Point IPS. Get advice and tips from experienced pros sharing their opinions. Updated: June 2021.
511,607 professionals have used our research since 2012.
VN
System and Network Administrator at Auriga - The banking e-volution
Real User
Top 5Leaderboard
Helpful alerts and reporting, granular rule options, and the update schedule is flexible

What is our primary use case?

The Check Point IPS module is applied to both internal and external traffic. Many times, we only think about protecting ourselves from what comes from the Internet but it is also good to analyze what passes inside between one network and another and what goes out to the Internet. I'll never forget the first backdoor report. We immediately activated email alerts for the most important reports and it was an email that indicated the compromised server. There were three of us and it took two hours to discover that through the image upload form, there had been an attempt to upload a backdoor. This… more »

Pros and Cons

  • "The Check Point IPS module allows me granularity in creating rules."
  • "Having additional reports available would be helpful."

What other advice do I have?

In summary, this is a well-made product and I don't feel like I would suggest improvements other than having more reports. I recommend its adoption to those who have the availability of a team, internal or external, that has the ability to manage it and the knowledge of the company.
Oleg P.
Senior Network and Security Engineer at a computer software company with 201-500 employees
Real User
Top 5
New protections can be automatically activated in the "Staging mode", which only detect the possible threat and alerts them

What is our primary use case?

Our company works in developing and delivering online gambling platforms. The Check Point NGFWs are the core security solution we use to protect our DataCenter environment located in Asia (Taiwan). The environment has about ~50 physical servers as virtualization hosts, and we have two HA Clusters consist of 2x5400 hardware appliances, managed by an OpenServer Security Management Server on a Virtual Machine (KVM), all running on R80.10 with the latest JumboHotfix. The Clusters serve as the firewalls for both inter-VLAN and external traffic. We have the Intrusion Prevention System (IPS) blade… more »

Pros and Cons

  • "The number of the IPS protections is amazing - after the latest update I see more than 11000 in the SmartConsole."
  • "In my opinion, the Check Point software engineers should works on the performance of the blade - when it is activated with the big number of the protections in place, the monitoring shows us the significant increase in the CPU utilization for the gateway appliances - up to 30 percents, even so we are cherry-picking only the profiles that we really needed."

What other advice do I have?

The correct performance sizing is essential for this kind of software - use the tools provided by the vendor, and consult the sales if you are still not sure.
Basil Dange
Senior Manager at a financial services firm with 10,001+ employees
Real User
Top 5Leaderboard
Good visibility and reporting, helpful support, but it can lead to performance degradation

What is our primary use case?

We use this solution to secure the organization against any attack coming into the network via the internet, a third party, or any other connected network. It is used to detect and prevent identified threats at the perimeter level so attacks do not penetrate the network. With so many access points present on a typical business network, it is essential that we have a way to monitor for signs of potential violations, incidents, and imminent threats. We also use it to provide flexibility for the SOC admin to identify any suspicious activity and either detect and allow (IDS) or prevent (IPS) the… more »

Pros and Cons

  • "It protects against specific known exploits but also, with SandBlast integration, it is able to protect against unknown or zero-day attacks at the perimeter level."
  • "There is a performance impact on the NGFW post-enabling the IPS blade/Module, which can even lead to downtime if IPS starts to monitor or block high-volume traffic."
Kirtikumar Patel
Network Engineer at LTTS
Real User
Top 5Leaderboard
Helps prevent unwanted and unknown attacks

What is our primary use case?

I work in MNC company and we have 6 GEO locations in India and all of our locations are using Check Point as a perimeter firewall. I sit in our HO Office and I am maintaining all the location firewalls with my team, except for 1 location. We regularly monitor the security alerts on our perimeter and based on that we will align our location IT to check and update us. IPS is our core blade for network security, it is provide the details that some suspicious activities happen on our network as per the IPS signature database, and based on that we will work on that. As our primary use case with IPS… more »

Pros and Cons

  • "IPS can protect our organization with any old vulnerabilities or if any vulnerability detected minutes ago IPS can protect us as per our configured policy."
  • "I observed on our management that sometimes IPS does not connect to the threat cloud, we have to check and improve it. Otherwise, all of the features are good."

What other advice do I have?

The IPS is a very good blade in Check Point NGFW.
JC
CTO at a computer software company with 11-50 employees
Real User
Top 5
Easy to configure, helpful notifications, and provides good value for the money

What is our primary use case?

We make use of Check Point IPS to protect our corporate network against incoming threats of all varieties. We have a very minimal intranet/network and this is installed and configured on our firewall that monitors all incoming/outgoing traffic. We felt it was necessary to have this in place as part of our security hardening in preparation for a third-party penetration test of our corporate network. Their goal was to access our network undetected and exfiltrate information. They were unsuccessful.

Pros and Cons

  • "I can easily monitor all of our connected devices and I get instant notification of reconnections and new connections, which removes some of the monitoring burden."
  • "It is generally good, but improving the performance would be the one thing I'd take a look at right now."

What other advice do I have?

In summary, since we have installed Check Point IPS, we really have not had any major complaints or requests for improvement. It was pretty easy to get up and running and configured to protect our environment.
JD
IT Network Administrator at a logistics company with 10,001+ employees
Real User
Good IPS functionality and firewall functionality but overall detection is lacking

Pros and Cons

  • "The solution's IPS functionality and firewall functionality are the solution's most valuable features."
  • "The solution needs enhanced reporting. The reporting on Cisco Stealthwatch and Darktrace is much bigger. The visibility that they grant for the filtering capabilities over large infrastructures are far superior."

What other advice do I have?

We use the on-premises deployment model. We're still in the process of evaluating options. We're doing a POC with Cisco and Darktrace and are moving away from Check Point. I'd rate the solution seven out of ten.
See 1 more Check Point IPS Reviews