Check Point IPS Valuable Features
The most valuable features of the solution are that the product's stability has been very good. The product's uptime has been massive, and there has not been any downtime, making it a very good product. Our company has had a six-year uptime record with Check Point IPS. The firewall has not caused a single second of outage while functioning to protect access to our data center.
In terms of valuable features, it's hard to choose one. Dome9 and Harmony Connect have both been great in detecting and solving access issues.
As mentioned elsewhere in this review, the Harmony Connect SASE has been extremely valuable in improving our security posture and moving us to a zero-trust mindset (organizationally speaking).
Also, as mentioned, Dome9 has paid for itself through the cost savings of additional headcount. If we didn't have Dome 9, we would keep an additional headcount for the single purpose of detecting network changes within the environment.
View full review »The most valuable feature is very good and easy to use. Configuration is straightforward, and support is fast, usually within one hour. The IPS blade is integrated into our Check Point environment and is used for intrusion prevention.
View full review »Buyer's Guide
Check Point IPS
April 2024
Learn what your peers think about Check Point IPS. Get advice and tips from experienced pros sharing their opinions. Updated: April 2024.
768,415 professionals have used our research since 2012.
We've been able to monitor all the devices in the network after activating and configuring the software blades. This shows us who's connected and who's not and how many disconnections there have been.
The firewall picks up malware traces that may have affected other users and networks and notifies when a particular site has been the source of infection.
There's less admin burden to detect these threats as Check Point IPS will do it all for you and suggest the best preventive actions to protect the network.
View full review »RN
reviewer1855911
Network Engineer at VSP Vision Care
The mechanism where you can let the system automatically turn the IPS signature to a different mode (prevent / monitor / inactive) is a nice feature that allows us to easily adjust the balance between security protection and the risk of business impact.
It is also worth noting that many IPS signature comes with detailed background about the vulnerability, and potentially how the vulnerability would affect the network security.
Also, you can easily search through thousands of IPS signatures using various keywords is another feature worth noting.
View full review »SK
Saranjit Kainth
Head of IT at RD Tech
The tool's most valuable feature is its detection panel. Managing and updating policies within Check Point IPS is easy and without issues. It provides a secure network.
View full review »The most valuable feature of Check Point IPS is the management of devices and policies.
View full review »KP
Kirtikumar Patel
Network Engineer at LTTS
The default category (Low, Medium, High, Critical) is the most valuable feature because we don't know what type of attack will happen, but with this category, we can create a policy to prevent any high and critical severity behavior. With this, we can protect our organization from weakness exploit of vulnerable systems.
IPS can protect our organization with any old vulnerabilities or if any vulnerability was detected within a few minutes. IPS can protect us as per our configured policy.
View full review »The docking of the IPS engine can be improved.
View full review »SS
reviewer1164006
Director Of Information Technology at a security firm with 1-10 employees
It lets us know about anomalous behavior and it provides alerts regarding activity on certain ports. It lets me decide, for example, whether something is a valid connection, or causes me to question why a certain port is open.
View full review »It offers robust protection with features such as Next Generation firewall capabilities, mobile solutions, and proactive threat prevention.
View full review »The implementation of Check Point IPS brought a lot of value to our organization with all the characteristics that the tool shows, starting with great visibility in a single dashboard, which makes it much better. You don't have to go through different tabs.
Another feature is that it allows you to create multiple rule profiles. We can block directly from the outside without waiting to look at the logs.
With these and other features, Check Point IPS manages risk categories very well and accordingly helps us protect each of our devices in real-time.
View full review »JH
reviewer2029350
Database Administrator at Ordina
Most features in this platform have been of great importance in the organization. The unified system controls the security situation in any system, reducing the total cost of ownership. Real-time protection has blocked most threats that could affect system operations. It can detect and prevent the entry of known and unknown data vulnerabilities.
The customer support services are efficient and have always helped us achieve most goals. The platform provides continuous cyber security reports that enable us to plan and make informed decisions.
View full review »The solution with the most organizational value is its 360° view, which has allowed us to integrate it well and speed up the view of records. It is dedicated 24/7 to detecting any attack. Vulnerabilities or incidents be flagged. It has the capability to give us alerts and offers good productivity to ensure that the services and data of our organization are always secured.
Some of the features for views and visualization are already predefined as default files. This helps us to be proactive and not have to define any search or specialty of the services.
View full review »The IPS feature is available in all appliances that we are going to use as a firewall, and that is how we have a blade that helps at all times. We have both a firewall and also a complete solution with multiple new-generation features that can be physical or virtual and where more advanced analytics can be integrated, for example, in the Infinity Check Point cloud. Among those characteristics is its coverage of updates in real-time and constantly. This is done without an administrator's intervention.
View full review »SM
reviewer1805079
Network Engineer at Fujairah Port
The switch IPS prevent and monitor mode is a good feature that helps us to avoid any unnecessary impacts on our network.
It is simple to activate, configure, implement and assign profiles and rules to security gateways.
The Check Point IPS database is huge. Signature updates are satisfied. Every two hours, the database receives an automatic update that keeps it current and protects against zero-day vulnerabilities.
IPS logs enable complete visibility and reporting through the smart console. This was a big help to us.
View full review »MD
reviewer1718724
Systems en networks engineer at CB
The quick updates of the signatures when a new threat is identified are great. For instance, when Microsoft releases patches, we usually see new signatures for those issues that have to be patched in a day. This gives us time to test/deploy the patches while already being protected from the threats.
Also, it's very good with reporting. I can generate reports for management automatically based on the threats of the last day/week/whatever is needed.
It also clearly states the performance impact of a signature and the 'confidence' of a signature so you can quickly evaluate if you need to start panicking or not.
View full review »SM
reviewer1591110
ICT at a manufacturing company with 501-1,000 employees
The possibility of customizing the rules is great. Sometimes it appears a bit rigid yet it is still easy to use. There is an easy application of policies once the basic configuration has been done with the possibility of copying profiles to make them better meet all the needs of the companies.
There's also the possibility to set alerts only in order to check whether a signature can cause problems or not before blocking traffic and causing damage to users.
Overall, it seems like a good product even if sometimes a little unintuitive. That said, it is no worse than others.
View full review »By having a solution that allows us to protect systems and data from cyber attacks or unauthorized instructions (including malware and DDoS attacks), we can protect our system from all kinds of threats. Check Point reduces downtime and costs associated with attacks that cause communication losses and guarantees compliance with security. It also ensures the privacy of all the data that we have stored, which helps us maintain a high level of reputation when it comes to careful administration and data segmentation. Now, there is a formalization of data protection. Check Point is really compatible with the internal needs of our organization, and its features offer us a great advantage.
View full review »Speaking of the IPS solution, it is important to understand that each of these features is based on real-time detection, analysis, and centralization of events. We were able to interpret that the solution is a total complement to each of the needs that any organization may have. Its event analysis and centralization features are very important for any organization. Those allow you to generate a general visualization, making a complete panorama of each of the events that you have inside your security system.
View full review »Check Point offers DDoS and endpoint protection called EDR or XDR, so it provides a holistic security architecture for any organization.
View full review »BD
Basil Dange
Senior Manager at a financial services firm with 10,001+ employees
IPS can be enabled on the same security gateway and does not require any additional hardware purchase or additional network connectivity.
It provides complete visibility and reporting on a single dashboard for the entire NG firewall, including the IPS blade on the Smart Console.
Signatures are constantly updated and it also provides virtual patching protection up to a certain extent.
It provides a detect-only mode for IPS Security policy that the admin can enable on a required segment for monitoring, giving an opportunity to observe prior to blocking.
View full review »IPS easily allows follow-up flags on recently updated patterns. If, in rare cases, a false positive does occur, it is quickly detected and an exception can be easily created.
Basically, it is easy to use and offers a wide variety of protections through all kinds of software, services, appliances, and IoT-Devices. Updates are available regularly and can be easily downloaded and deployed through all the infrastructure. Rollback is easy to perform if ever something happens. It is a must-have on each gateway.
View full review »LD
Leo Diaz
Cloud Support at a tech company with 1-10 employees
Its monitoring and reports generate extra help to be able to fight against
vulnerabilities.
We have really liked practically all the product's features - from the easy implementation through Check Point's gateway to its reduction in licensing costs. That especially really positively impacts the company's finances.
The low number of false positives for vulnerabilities builds additional confidence in the brand.
The constant updating of vulnerability signatures gives the tool protection against new and old threats.
View full review »KK
Kristaps Krauklis
Head of IT Department at AS Attīstības finanšu institūcija Altum
The solution is user-friendly and the interface is easy to configure.
View full review »MB
Manuel Briones
Voice and data infrastructure specialist at a tech services company with 1,001-5,000 employees
Check Point Intrusion Prevention System has great profiles, and we can continuously create, modify, activate, deactivate or configure any specific setting to allow the profile to focus on just one thing or for certain attacks. I also like that profiles can be applied to groups of workstations that need to be more protected from possible attacks. Each profile that we create has activated protections and some instructions of what the IPS should do with the traffic.
View full review »The number of IPS protections is amazing - after the latest update, I see more than 11000 in the SmartConsole.
All the protections are tagged and categorized by the vendor/type/product, the severity of the threat, confidence level, and performance impact of the activation, which helps in finding and enabling only he profiles that we really need (e.g. we don't have any Microsoft Windows servers in our environment, so decided to disable such protections by default).
The protections are updated based on the schedule - we used the default once-a-day approach.
I also like that the new protections may be automatically activated in the "Staging mode", which only detect the possible threat and alerts them, but doesn't block the actual traffic, thus minimizing the impact of the false positives.
View full review »GK
Grace Kuo
Sales Manager at USO
The integration is a valuable feature.
View full review »Check Point's Intrusion Prevention System (IPS) provides us with many important features such as:
1- A centralized environment, managed by the security management portal.
2- Real-time protection against threats, generating security so that we can act immediately when we have a threat.
3- Protection backed with thousands of signatures of prevention and malicious behavior.
4- The reports are useful in helping to verify the threats where we can see the level of severity in order to be able to take action.
It really is a complete tool.
View full review »JC
reviewer1573887
CTO at a computer software company with 11-50 employees
The most valuable features of Check Point IPS are the protection it provides against the various attack vectors out there with ransomware and other malware. Once we had Check Point IPS up and running, which was really quite easy and straightforward to do, we noticed a surprising number of times that it was getting triggered.
It was a little scary thinking back to how vulnerable we were prior to having Check Point IPS in place and simply relying on our users, albeit not that many, to be safe and responsible.
View full review »MN
reviewer2235303
Netwroking and Security Operations at a consultancy with 11-50 employees
The solution protects against the latest attacks. It is essential because collaborative tools and networks are necessary. The attacks are increasing, and we need protection in real time.
View full review »NG
N Guzman
Support at a security firm with 51-200 employees
One of the characteristics that we liked the most is the functionality and easy implementation via the Check Point Gateway.
The cost is reduced to being a blade. That is a good detail of the product in terms of licensing.
Protection in real-time is very good. It helps us detect things on time and make decisions to improve perimeter security.
Also, a very good feature is the optional mode of putting it only in detection mode. They are ensuring in that sense that they are not so intrusive at the beginning of the implementation in production environments.
View full review »SS
SURAJ SHARMA
Network Security Engineer at I Dream networks pvt ltd
What I like best about Check Point IPS is that it can prevent attacks. I also like that it has a log feature.
View full review »PL
reviewer1670154
Firewall Engineer at a logistics company with 1,001-5,000 employees
Automatic updates can be done either via management or the Gateway itself, without any user interaction. The gateway is up-to-date with the newest signatures.
If you're unsure which profile to use, Check Point has some pre-defined profiles according to its best practices. Each one adds a different load to the relevant gateway, so you have to first check the current load and then decide on the right profile.
IPS signatures can be set quite granularly depending on your environment. You can filter on performance impact, severity, and confidence which makes sizing and adapting easier.
View full review »The solution's IPS functionality and firewall functionality are the solution's most valuable features.
View full review »The Check Point IPS feature I find the most valuable is the firewall. It is great and easy to work with.
View full review »KK
Kristaps Krauklis
Head of IT Department at AS Attīstības finanšu institūcija Altum
The most valuable feature is ease of use.
Check Point IPS has quite a decent database of attacks.
The reports are well written so that you can understand what type of attack has occurred, the originating IP address, and other details.
View full review »CK
Cornelius Kakungu
System Engineer/IT Support at Starlabs Limited
The product is user-friendly and easy to implement. We receive training on how to onboard and when we are onboarding clients, we have the option of engaging Check Point to assist. It's a good provision to have. In terms of functionality, it's one of the best solutions on the market.
View full review »PD
PRAPHULLA DESHPANDE
Associate Consult at Atos
There's a good out-of-the-box configuration for recommended security based on severity levels, confidence levels, and network impact - also known as an IPS Profile.
For better security, we can edit options based on requirements and we can keep actions as detect-only which gives us alerts but allows traffic to flow without stopping anything.
There's an automatic update after every 2 hours which makes sure that the database is up to date and providing zero-day vulnerability protection.
Check Point IPS provides reports for running vulnerabilities which help enable SOC teams to respond to the highest-priority events first to patch them.
View full review »The notifications are the most valuable feature of the solution.
View full review »VN
reviewer1572915
System and Network Administrator at Auriga - The banking e-volution
The Check Point IPS module allows me granularity in creating rules. I can specify which definition to apply and to which scope or network.
I can create multiple profiles, which is helpful. Profiles are the set of rules and I can choose which one to apply. Having more profiles and more options, we have not always moved in a guaranteed way with respect to internal traffic, and rigorously with respect to external traffic.
From the outside, we block directly without waiting to look at the logs. If anything, then we will allow this traffic. From the inside, we allow traffic by default and maybe we will block it after looking at the logs.
These decisions were also supported by the degree of reliability declared by Check Point itself. If we are talking about a high degree of reliability combined with a dangerous vulnerability then you can immediately block traffic with greater confidence in not having false positives
The logs and related functionality are done very well.
View full review »RM
reviewer1854018
Implementer at a tech services company with 51-200 employees
The autonomous threat prevention is very easy to use. The APIs and SmartConsole tool also work well.
JM
Jose Mendes
Network Security Engineer/Architect at Euronext Technologies SAS
The most valuable feature is that it protects us against hundreds of different attack vectors, like ransomware. The protection is always being triggered. People try to access websites that are categorized as malware, so when the users do a DNS request for the IP of those malware websites, the IPS Blade replaces the real IP of the website that is malware with a bogus IP. The user gets an IP that doesn't exist and when he tries to access, it won't work. This is the protection that triggers the most on our infrastructure. For example, if a user tries to access malware.com, the DNS response gets changed by the IPS Blade to an IP that doesn't exist.
View full review »RM
reviewer1474608
Consultor at a government with 201-500 employees
The most valuable feature is security.
View full review »Buyer's Guide
Check Point IPS
April 2024
Learn what your peers think about Check Point IPS. Get advice and tips from experienced pros sharing their opinions. Updated: April 2024.
768,415 professionals have used our research since 2012.