Check Point IPS Room for Improvement

reviewer1098015
Network Security Engineer/Architect at a tech services company with 1,001-5,000 employees
In my opinion, IPS is one of the better Check Point products because it's very easy to configure. You don't need to go protection by protection to check which ones you want to enable. You can enable the ones that are medium or higher severity and all those protections are immediately enabled. When you deploy this on an existing firewall that is already working, it's always better to set it on detection mode before you put it on prevention mode. It's very easy to detect a profile and then check for a month if there are some false positives that you want to filter before you put it on prevention. It's very easy to work with. The only thing they could maybe improve is that we notice right away that the performance decreases when we enable the IPS, especially beyond the CPU and memory usage. If you want to enable the IPS and you have a lot of traffic, it can have an impact. The performance could be improved. View full review »
Kristaps Krauklis
IT Department manager at AS Attīstības finanšu institūcija Altum
It is always possible to improve the speed of an IPS, although there is always a performance penalty when using additional security software. Occasionally there are glitches and errors like false positives, which would be a nice area of this solution to improve upon. The pricing could be improved. View full review »
Oleg P.
Senior Network and Security Engineer at a computer software company with 201-500 employees
In my opinion, the Check Point software engineers should works on the performance of the blade - when it is activated with the big number of the protections in place, the monitoring shows us the significant increase in the CPU utilization for the gateway appliances - up to 30 percents, even so, we are cherry-picking only the profiles that we really needed. Due to that fact it is also not so easy to choose the correct hardware appliance when you are planning the infrastructure. It is even more important when you realize that the Check Point hardware is very expensive. View full review »
Learn what your peers think about Check Point IPS. Get advice and tips from experienced pros sharing their opinions. Updated: August 2020.
442,845 professionals have used our research since 2012.
Kirtikumar Patel
Network Engineer at LTTS
I strongly agree that with IPS blade we can protect our organization vulnerabilities. I would like to have the ability to virtually patch our application or vulnerable machine that is talking ourside our network. If it is there then we can protect our application and systems to any unknown attack if our system or application has a weakness or vulnerability. I observed on our management that sometimes IPS does not connect to the threat cloud, we have to check and improve it. Otherwise, all of the features are good. View full review »
reviewer1225173
IT Network Administrator at a logistics company with 10,001+ employees
The detection needs improvement. We fear that it doesn't detect everything that we want to see. The solution needs enhanced reporting. The reporting on Cisco Stealthwatch and Darktrace is much bigger. The visibility that they grant for the filtering capabilities over large infrastructures are far superior. View full review »
Learn what your peers think about Check Point IPS. Get advice and tips from experienced pros sharing their opinions. Updated: August 2020.
442,845 professionals have used our research since 2012.