Director Of Information Technology at a security firm with 1-10 employees
Real User
Top 5Leaderboard
Helpful alerting, provides valuable network insights, and the pricing is negotiable
Pros and Cons
  • "Overall, it give me a lot of insight into my network that I didn't have before."
  • "The pain point that I have with this solution is contacting technical support."

What is our primary use case?

We primarily use Check Point to provide visibility into our network. It lets us see the east-west traffic, and it gives us a lot of information to work on as far as what kind of traffic was passing through.

How has it helped my organization?

Overall, it give me a lot of insight into my network that I didn't have before.

What is most valuable?

It lets us know about anomalous behavior and it provides alerts regarding activity on certain ports. It lets me decide, for example, whether something is a valid connection, or causes me to question why a certain port is open.

What needs improvement?

The pain point that I have with this solution is contacting technical support.

Buyer's Guide
Check Point IPS
March 2024
Learn what your peers think about Check Point IPS. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,386 professionals have used our research since 2012.

For how long have I used the solution?

I have been working with Check Point IPS for more than a year.

What do I think about the stability of the solution?

Stability-wise, this product is great.

What do I think about the scalability of the solution?

The scalability comes from the fact that this is an on-premises device that ties into a cloud service. It's a hybrid application. Once you have it installed, it's collecting information. You put it right there in front of your input into the network, and it picks up all of the traffic.

How are customer service and support?

Sometimes, technical support takes a long time to get back to you.

Which solution did I use previously and why did I switch?

I used Check Point Endpoint Security, as well as the Network Detect and Response (NDR) appliance.

I am currently using Darktrace and Vectra in addition to Check Point. I've been using all three and I find that Check Point is the one where I get the most information from. I will stop using Vectra this year but I will retain Darktrace, as long as they keep it at a certain price.

Darktrace takes a lot more configuration; unlike Check Point, there are a lot more changes that need to be made. When it's fully integrated, it requires a lot of time and it may end up being as useful as the Check Point.

The reason I keep all three is because they all give me a different kind of view. They all give me different information. If they gave the same information, it'd be useless to keep them.

With respect to similar security products, I have demoed CrowdStrike, worked with Symantec, and am also using Check Point.

How was the initial setup?

Check Point was fairly usable out of the box.

I am using an on-premises appliance that ties into a cloud service.

What's my experience with pricing, setup cost, and licensing?

Pricing for this solution is negotiable and I'm happy with our pricing.

I suggest negotiating either at the end of their fiscal year or at the end of every quarter. At the end of the quarter, they have an incentive to lower the prices to sell as many units as possible in order to meet their end-of-quarter quota.

What other advice do I have?

If I could only keep one of my security solutions, it would be Check Point. To me, it provides the most valuable information.

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Tshidiso Sehloho - PeerSpot reviewer
ICT Security Consultant at National Treasury of the Republic of South Africa
Consultant
Top 20
Robust network security with comprehensive protection, and continuous improvement, offering advanced features like signature-based detection, behavioral analysis, and mobile solutions
Pros and Cons
  • "It offers robust protection with features such as Next Generation firewall capabilities, mobile solutions, and proactive threat prevention."
  • "Enhancements are necessary for the proficiency of notifications in the event of a Social Security incident, whether through email or alternative channels such as SMS."

What is our primary use case?

The primary use cases include application security control, comprehensive security management, and proactive protection against a wide range of threats. It serves as a crucial component for safeguarding applications and ensuring overall security effectiveness. It contributes to proactive protection and plays a pivotal role in firewall protection strategies.

How has it helped my organization?

The focus is on safeguarding the departmental environment, and it is effectively fulfilling its role in environmental protection.

What is most valuable?

It offers robust protection with features such as Next Generation firewall capabilities, mobile solutions, and proactive threat prevention.

What needs improvement?

Enhancements are necessary for the proficiency of notifications in the event of a Social Security incident, whether through email or alternative channels such as SMS.

For how long have I used the solution?

I have been working with it for ten years.

What do I think about the stability of the solution?

It offers excellent stability. I would rate it ten out of ten.

What do I think about the scalability of the solution?

I would rate its scalability abilities nine out of ten. Currently, 1,800 users within our organization actively use it.

How are customer service and support?

I would rate its customer service and support nine out of ten.

How would you rate customer service and support?

Positive

How was the initial setup?

The initial setup can be somewhat intricate, involving coordination with the OEM and service provider. I would rate it a six out of ten.

What about the implementation team?

For the deployment, we conducted a refresh last year, which took approximately two to three weeks to complete. It is essential to have at least two individuals involved in the process, with one requiring additional expertise. This team typically consists of a Check Point specialist, an expert, and an administrator.

What's my experience with pricing, setup cost, and licensing?

The pricing is quite reasonable.

What other advice do I have?

It is highly efficient and it provides a mobile solution for various devices, including cell phones and iPads, catering to mobile workflows. The system is not only efficient but continually improving. I would certainly recommend it. Overall, I would rate it eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Buyer's Guide
Check Point IPS
March 2024
Learn what your peers think about Check Point IPS. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,386 professionals have used our research since 2012.
Adrian Cambronero - PeerSpot reviewer
Consultant at ITQS
Reseller
Top 5Leaderboard
Easy to implement with helpful support and good ROI
Pros and Cons
  • "Check Point IPS manages risk categories very well and accordingly helps us protect each of our devices in real-time."
  • "When entering, it always takes a long time to load."

What is our primary use case?

Check Point IPS was implemented two years ago to protect our infrastructure from threats.

It began by being implemented in local environments with a reduced staff to carry out the corresponding tests and not cause a total company blockage. Once the tests were over, we gradually extended to different departments. We began to use Check Point IPS to be able to provide security of Internet to users using the IPS and anti-virus anti-bot modules, we also apply them to invite us to enter the company and thus monitor outgoing Internet traffic and thus avoid malicious users. Prevention and detection are one of the most valuable pillars of security.

How has it helped my organization?

This tool has allowed us to obtain complete reports of the applications' vulnerabilities, which helps us remedy these vulnerabilities presented by the organization. 

It helped us a lot to monitor the internal traffic keeping monitored each server or user that enters the platform in this way Check Point IPS. It has allowed us to proactively reduce any incorrect configuration of network access that results from delegation. 

One of the points where Check Point needs to improve is in the support they offer, since there we have had a few inconveniences.

What is most valuable?

The implementation of Check Point IPS brought a lot of value to our organization with all the characteristics that the tool shows, starting with great visibility in a single dashboard, which makes it much better. You don't have to go through different tabs. 

Another feature is that it allows you to create multiple rule profiles. We can block directly from the outside without waiting to look at the logs.

With these and other features, Check Point IPS manages risk categories very well and accordingly helps us protect each of our devices in real-time.

What needs improvement?

It is always important to be improving the product to be at the forefront of technology. 

One of the improvements that would be good is to improve the latency in the portal. When entering, it always takes a long time to load. Also, when the tool is already running, you feel a slight decrease in performance.

The application has many facilities when using the tool. The configuration of each of the policies should have filters. 

We need to be able to understand and detect each of the vulnerabilities.

For how long have I used the solution?

This solution has been used for approximately two year in the company.

What do I think about the stability of the solution?

It's very stable. We never had any issues of it stopping to work. It's been very stable.

What do I think about the scalability of the solution?

We have not observed any significant performance impact on the firewall gateway by enabling the IPS module.

How are customer service and support?

The Check Point engineer we dealt with during setup had a lot of experience. His working knowledge helped us with the implementation.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

It is the first time that we've implemented a tool of this type.

How was the initial setup?

We implemented the product in-house with the aid of support as part of a POC.

A Check Point engineer who had a lot of experience helped us with the implementation.

What about the implementation team?

We implement the product internally with the help of support.

What was our ROI?

Attacks are prevented and detected based on severity, helping our organization eliminate compromising attacks. When making an investment with these tools, you are taking care of an important aspect that will double your profits.

What's my experience with pricing, setup cost, and licensing?

With Check Point, the IPS license could be included with the firewall product. Therefore the cost of the license is not huge.

Which other solutions did I evaluate?

Other solutions were not evaluated. We have always worked with Check Point products.

What other advice do I have?

One piece of advice is to have the latest database. You want to be protected against the latest attacks.

Which deployment model are you using for this solution?

Private Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Database Administrator at Ordina
User
Top 5
Great unified system with impressive protection and helpful support
Pros and Cons
  • "Real-time protection has blocked most threats that could affect system operations."
  • "The cost is high."

What is our primary use case?

This tool seals any loopholes that could be detected by ransomware attackers and may lead to data loss. It has protected the organization from potential vulnerabilities affecting operations and the slowdown of workflows. It ensures that the applications are performing efficiently based on the set objectives. It delivers many signatures that enable teams to ascertain the security situations in various departments. It saves the organization a lot of costs since it is less costly and more powerful than many versions in the market.

How has it helped my organization?

Digital transformation has been efficient and productive thanks to the operation of this great product. After the implementation of IPS, there is increased production, and teams can easily focus on more productive tasks without fear of being attacked by cybercriminals. We have accelerated operations with the modern data management models that come with this application. It is easy to detect threats in advance and plan effectively how to eliminate them. Our organization has been secure since we deployed this tool without cases of external attacks.

What is most valuable?

Most features in this platform have been of great importance in the organization. The unified system controls the security situation in any system, reducing the total cost of ownership. Real-time protection has blocked most threats that could affect system operations. It can detect and prevent the entry of known and unknown data vulnerabilities. 

The customer support services are efficient and have always helped us achieve most goals. The platform provides continuous cyber security reports that enable us to plan and make informed decisions.

What needs improvement?

The set features have played important roles in transforming the organization to meet the basic security standards. 

The cost is high. That said, depending on the company's size, there can be a mutual agreement for efficient licensing terms. We are satisfied with the set performance parameters that have enhanced the smooth running of workflows. 

The team should focus more on timely updates and configuration processes that sometimes may fail. I like the performance of this product and the achievements we've made so far.

For how long have I used the solution?

I've used the solution for eight months.

What do I think about the stability of the solution?

It is stable, and I recommend it.

What do I think about the scalability of the solution?

I am impressed by the performance.

How are customer service and support?

The customer support staff is always supportive.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I have not used a different solution.

How was the initial setup?

The initial set up was not complex.

What about the implementation team?

Implementation was done through the vendor.

What was our ROI?

There is increased ROI.

What's my experience with pricing, setup cost, and licensing?

The setup cost is good.

Which other solutions did I evaluate?

I have not evaluated other options.

What other advice do I have?

The security measures are effective and I'd recommend the product to companies seeking great performance.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Google
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Paola Zúñiga Rojas - PeerSpot reviewer
Agente de servicios al cliente at Grupo Purdy
Real User
Top 5
Great predefined visualizations, good integrations, and helpful alert capabilities
Pros and Cons
  • "Some of the features for views and visualization are already predefined as default files."
  • "The service that we want to see in the future is a capacity to segment the IPS services by equipment."

What is our primary use case?

One of the needs that we had within our organization was the need to solve and support the prevention of zero-day attacks or vulnerability attacks within the network. We needed to be as proactive as possible to focus on solving any incident or gap that could be opened in the future within our organization. With this product, we were able to implement IPS solutions. IPS gives us the ability to detect and be proactive against many attacks - even if they are very new. The solution can detect old and new signatures. 

How has it helped my organization?

Check Point IPS services give our organization peace of mind. We know that the solution will be running and constantly updated thanks to the integrated Check Point services. It ensures stability. We have a solution that covers us all the time, day and night. In the configuration process, the solution has provided us with detection regarding what is stable. It is scalable and will allow us to grow according to the demand and the need. The service is well-maintained and functional.

What is most valuable?

The solution with the most organizational value is its 360° view, which has allowed us to integrate it well and speed up the view of records. It is dedicated 24/7 to detecting any attack. Vulnerabilities or incidents be flagged. It has the capability to give us alerts and offers good productivity to ensure that the services and data of our organization are always secured. 

Some of the features for views and visualization are already predefined as default files. This helps us to be proactive and not have to define any search or specialty of the services.

What needs improvement?

The service that we want to see in the future is a capacity to segment the IPS services by equipment. We'd like to see the integration of the communication of the services in the next-generation firewall and the other solutions that it has, such as Harmony. It would be great if they could start creating interoperability with both technologies. Integrating these solutions with the lighthouses could generate more complex and complete interoperability. That said, we'd want the solutions to be acquired and administered as one solution. 

For how long have I used the solution?

We have been using the service for about two months.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Jonathan Ramos G. - PeerSpot reviewer
Cloud Engineer at ITQS
Real User
Top 5Leaderboard
Integrates well with other solutions, give broad visibility and offers good detection capabilities
Pros and Cons
  • "Among its great features is the ability to detect outgoing malware or extraction of compromised data and stop it, thus safeguarding us by isolating the network, the equipment, or the identity of the affected users."
  • "We want the solution to continue to move towards cloud-based and portability focused for telecommuting users."

What is our primary use case?

They are one of the blades that we get to try or use more when we start using Check Point Firewall products. They give us the power of protection and security accompanied by other characteristics and solutions that together become the best in the market. It's uniting all that computing power with the cloud and thus giving organizations greater peace of mind and closing our security gaps in applications or services. Something that we love is that it can be enabled in any gateway, and therefore that saves us implementation time. 

How has it helped my organization?

It came to help us in many ways. The most outstanding was being able to have broad visibility and being able to make threats visible in real time. We are able to integrate it with smart events, which allows us at the SOC level to have a complete and reliable panel that saves time for security in visualizing and responding to events of this nature. 

Among its great features is the ability to detect outgoing malware or extraction of compromised data and stop it, thus safeguarding us by isolating the network, the equipment, or the identity of the affected users. 

What is most valuable?

The IPS feature is available in all appliances that we are going to use as a firewall, and that is how we have a blade that helps at all times. We have both a firewall and also a complete solution with multiple new-generation features that can be physical or virtual and where more advanced analytics can be integrated, for example, in the Infinity Check Point cloud. Among those characteristics is its coverage of updates in real-time and constantly. This is done without an administrator's intervention. 

What needs improvement?

What I want as a new feature is to be able to bring these solutions to public clouds. However, today, we can do this. We are taking our datacenters, these next-generation places. These technologies evolve at an unparalleled pace. This solution will soon be in mobile services, and it is here that the new equipment management lines will be managed in the future. We want the solution to continue to move towards cloud-based and portability focused for telecommuting users. 

For how long have I used the solution?

I've used the solution for about two years.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Network Engineer at Fujairah Port
User
Top 5
Simple to activate, configure, and implement
Pros and Cons
  • "IPS logs enable complete visibility and reporting through the smart console."
  • "There is no standalone IPS appliance available."

What is our primary use case?

We deployed the Check Point 6300 series firewall for protection of our internal and external servers, and various in-out traffic as well. 

We have Windows-based servers, Linux-based servers, and other appliances which are connected through a Check Point firewall. These devices have many vulnerabilities. To secure our infrastructure we activated the IPS Blade on the Check Point firewall.

The IPS has helped us to block many known and zero-day attacks on our network. IPS is one of the best solutions from Check Point firewall

How has it helped my organization?

Check Point IPS has helped us to prevent attacks on our servers and user traffic as well. We have many Windows-based servers has many vulnerabilities. After Check Point IPS is implemented, we blocked those signature-based attacks on our network. Many times I found logs, and IPS has blocked many windows-based signature attacks.

We scheduled IPS updates as per our IT policy and new signature updates are set to monitor mode until a particular period to avoid conflicts after checking the behavior we set back to prevent mode.

What is most valuable?

The switch IPS prevent and monitor mode is a good feature that helps us to avoid any unnecessary impacts on our network.

It is simple to activate, configure, implement and assign profiles and rules to security gateways.

The Check Point IPS database is huge. Signature updates are satisfied. Every two hours, the database receives an automatic update that keeps it current and protects against zero-day vulnerabilities.

IPS logs enable complete visibility and reporting through the smart console. This was a big help to us.

What needs improvement?

I am pleased with it as it seems to be in order. I don't have much to say, however, there were a few things I noticed about the behavior of the Check Point IPS.

First, sometimes I have issues with scheduled IPS updates.

The impact on performance when opening the IPS blade is challenging while the firewall is operating under severe demand is the second, which is pretty common. I only note it here. 

There is no standalone IPS appliance available. Only the IPS blade needs to be enabled on the security gateway that Check Point provides.

For how long have I used the solution?

I've used the solution for more than two years.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Systems en networks engineer at CB
User
Updates signatures quickly, offers good reports, and is straightforward to set up
Pros and Cons
  • "I can generate reports for management automatically based on the threats of the last day/week/whatever is needed."
  • "Sometimes protections are 'aggregated' into a single threat name when you look at the logs. I would prefer to see all protections named individually (for example, right now, 'web enforcement' is a category that contains several signatures)."

What is our primary use case?

The product protects our environment from specific threats; we 'approve' signatures manually (or automatically) based on the applications/appliances in use in our company. We are a logistics company hosting several websites/order management. The company is about 1000 FTE across several locations (in the Netherlands & Belgium). We have been using this for the last 10 years at least (since I have worked at the company). It's easy to use. The reporting is good. Usually, when threats emerge on the internet, there are signatures for this within a few hours.  

How has it helped my organization?

We manually approve the signatures daily, for the software/appliances that we use. Based on the experience of the administrator, we prevent threats if they are present in our network; and we sometimes use the signatures in detect mode to gather intelligence (for instance to detect TLS1.0/TLS1.1 usage through the firewall). 

This has helped us to identify several key webservers that would be vulnerable to 'downgrade attacks'. We could easily identify the vulnerable servers and remediate the issue based on the information we got from the reports we can generate. 

What is most valuable?

The quick updates of the signatures when a new threat is identified are great. For instance, when Microsoft releases patches, we usually see new signatures for those issues that have to be patched in a day. This gives us time to test/deploy the patches while already being protected from the threats. 

Also, it's very good with reporting. I can generate reports for management automatically based on the threats of the last day/week/whatever is needed. 

It also clearly states the performance impact of a signature and the 'confidence' of a signature so you can quickly evaluate if you need to start panicking or not.

What needs improvement?

Sometimes protections are 'aggregated' into a single threat name when you look at the logs. I would prefer to see all protections named individually (for example, right now, 'web enforcement' is a category that contains several signatures). 

I also wish there was an option to run reports of the individual signature 'usage'; it's not easy to generate views based on the number of 'hits' a signature has generated. (it is possible, however, there could be an easier option). For example, if you have a signature activated, for instance, a MS issue then patch your environment, it's 'hard' to identify if the individual signature has been 'hit'.

For how long have I used the solution?

I personally have used the solution since December 2012 - almost 10 years.

What do I think about the stability of the solution?

It's very stable. I haven't seen issues with signatures, downloading, or implementing the signatures, or the 'hits' that it generates. 

What do I think about the scalability of the solution?

The product is very scalable; if you size your requirements properly when buying and don't 'prevent all signatures' and customize it for your environment. 

How are customer service and support?

Customer support is fine. We have a vendor we use, and, if needed, can fall back on Check Point (I had a few very good remote sessions when we had issues with our firewall; no issues were seen with IDS/IPS). 

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

The company I work for has used it since I've worked there; no switching was needed. We are happy with the solution. 

How was the initial setup?

When implementing the solution, you must activate the blade on your firewall and decide if you want to do it manually or automatically and then (when doing it manually) approve/detect/ignore the relevant signatures. It is pretty straightforward. 

What about the implementation team?

We had a vendor team install the firewall and handle the basic configuration, then we went on training. In terms of implementation, I can do it myself now. The vendor team was very good and had a high level of expertise. 

What was our ROI?

I'm a network admin; not involved in the money.

What's my experience with pricing, setup cost, and licensing?

I'd advise users to bundle the things they want; so they get a cheaper offer. 

Which other solutions did I evaluate?

We've had the same solution since I've worked there.

What other advice do I have?

I am happy with the solution and have been using it since i started working for the company (10 years now). I dont want to be without it.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Check Point IPS Report and get advice and tips from experienced pros sharing their opinions.
Updated: March 2024
Buyer's Guide
Download our free Check Point IPS Report and get advice and tips from experienced pros sharing their opinions.