We used vendor support and account teams and in-house technical engineering.

We implemented it through an in-house team.

The deployment took approximately five hours. The process can be executed in various methods. I typically perform a remote login from the console. The deployment involves three main steps: IP configuration, security configuration, and DNS setup, including any necessary DNS protection configurations.

The implementation was done by a very qualified vendor team.

We implement through a vendor team. The vendor team is very competent and has consistently displayed their expertise in the technology. 

The implementation process is generally straightforward and basic, taking around one to one and a half hours. However, if there's a need for the creation of numerous VLANs and policies, it might extend over several days.

I have hands-on experience working in various environments, including on-premises, private clouds, hybrid setups that combine both private and public clouds (e.g., AWS, Google Cloud, Oracle Cloud), and purely public cloud deployments. While the technical interfaces and options may differ slightly between these environments, the core concepts, such as Security Event and Management (SEM), remain consistent. For instance, the Virtual Private Cloud (VPC) configurations in Google Cloud are similar to those in AWS. Network components like instances and Access Control Lists (ACLs) share common principles across platforms. The key to successfully implementing it lies in understanding the specific needs of each client's business and aligning our solutions accordingly. We can leverage technology and services to meet their requirements effectively. It's worth emphasizing that the adaptability of our approach is central to achieving our clients' objectives. When starting a project, we typically initiate a POC and conduct thorough pre-checks to assess the network's specific needs. In cases where clients want to transition from legacy firewalls like Cisco ASA or Palo Alto to modern Next-Generation Firewalls like Check Point Firewall, we carefully examine their existing configurations. This allows us to manipulate and adapt the configurations to suit Check Point's requirements. The timeline for these processes can vary. For entirely new environments, which involve documentation, design, and diagram creation, it may take anywhere from 15 days to one month at most.

The expertise of the vendor team is excellent; I'd rate their services nine out of ten.

We set up the solution mostly in-house. However, we were experienced with Check Point installs.

We handled the setup initially in-house.

I implemented this myself.

The deployment process took approximately a week and a half, and about half of the challenges we faced were related to the physical connectivity issues on our end. Despite those hurdles, the deployment timeline remained relatively swift. One critical aspect for anyone planning to deploy this solution is to thoroughly understand where it fits within the network architecture and how it should be physically connected. This is especially important when implementing clustering, as the physical connectivity can become intricate. It's essential to consider high availability and compatibility with other devices it will connect to, such as core switches or perimeter routers. Ensuring that these devices support the desired failover and reliability modes is key to avoiding complications. The duration of the deployment also depends on the expertise of the person responsible for it. In our case, we opted for professional services, which included on-site configuration support. If the person handling the deployment is familiar with the surrounding devices and network environment, one individual may suffice. If there are connections to devices from different vendors, and the configuring expert lacks expertise in those areas, I would advise involving additional personnel with the relevant expertise to ensure a smooth deployment process.

We implemented the solution through our in-house engineer.

We had a vendor assist us.

The implementation was performed by a vendor team in combination with our in-house security team.

A vendor team implemented this. They gave us in-house training for our staff. They are experts in Check Point and taught us well.

The deployment process can be rated at about six in terms of complexity. Several factors influence this complexity, but getting the infrastructure ready is often the most challenging aspect. To successfully deploy, you need to account for downtime, ensure proper backups are in place, and ideally test it in a sandbox environment before going live. After deployment, thorough checks and adjustments are necessary. It typically requires at least two days of parallel operation, where both the new and old equipment run simultaneously. In an environment with no existing infrastructure to replace, the process is generally smoother. Deployment typically involves a team of 2 or 3 people working full-time for 4 to 5 days, equivalent to nine hours a day. Maintenance is handled by a networking team, which includes a Network Operations Center. The team consists of approximately eleven people managing various network components, including L1, L2, and L3 devices.

A vendor team helped us, and the migration was smooth. The Check Point engineers who worked for our partner were well trained to handle the implementation.

We implemented it through a vendor team. Their level of expertise ranged as we moved through three separate technicians during our installation which was problematic. I wouldn't use this particular vendor again. That said, this was nothing against Check Point. 

We had help through a vendor and the experience was great. 

We are an IBM OEM company who received installation support from that vendor. They provided all the network connectivity.

For our implementation, we:

1. Started with an initial diagram of the configurations and what we want to see after the installation.
2. Segregated the SonicWall and Check Point tools for the migration since we used automation.
3. Checked the mode of installation. We went with transparent mode.
4. Collected the IPs for the firewall. It required multiple IPs because with we have cluster nodes.
5. Assessed the feasibility of Check Point in our environment.

For our strategy, we looked at:

• How many users are in all our offices? For example, is it a small office, mid-size office, or data center?
• Using high-end versus lower-end devices, e.g., lower-end devices means a smaller price tag.

A smaller office of less than 500 people would get a 4000 Series. Whereas, a larger office would get a 5600 or 7000 Series. We have to be focused on the natural topology.

We've had positive experiences with the deployments, and we've recommended it in several instances. Currently, we have implemented four Check Point Firewalls. Our initial deployment at the primary site took approximately a week to set up. After fine-tuning and making necessary adjustments, the total time for implementation was roughly two weeks. The main office at our headquarters had a similar timeline, as the tuning process does require a significant amount of time and effort.

We have used help from a third-party company.

It was implemented through a CheckPoint partner who demonstrated great experience in migration.

We support companies locally and remotely. Since the lockdown, we have been supporting companies only in a remote fashion.

We have to first make a plan of action, then verify that it meets Check Point's requirements. Then, we will raise a case with the Check Point desk. We verify with them if there are any changes that they need us to do. After that, we will go for deployment. Check Point engineering will also help if there are issues with the deployment.

We implemented the solution through a vendor team; they had well-trained technicians.

We implemented it with a third party and in-house. The support company that helped in Italy is fantastic.

We implemented it through a vendor. There was not a high level of expertise, however, I took a course with Check Point and that was very clear and now I'm very expert on the Check Point world.

We can implement it by ourselves.

We handled the setup in-house. We have enough knowledge to do that. Our expertise is CCSM level.

We implemented through Check Point directly.

We implemented via a vendor and I have to say their level of expertise was brilliant. Every question we threw at them, they were able to provide an answer to. 

Was implemented using a third-party vendor.

In-house team and technical support team.

We deployed the solution using Check Point's PS Support. Their team is highly experienced and professional.

I am part of the vendor team. We do a good job implementing it, although sometimes it takes too much time to deploy a product. 

When deploying on AWS cloud, I typically opt for CloudFormation templates to facilitate the setup of Check Point. This approach offers the advantages of infrastructure as code. When it comes to on-premises deployments, the process is manual and involves tasks such as physical cable connections, configuring interfaces, setting up routes, and defining network policies. For a typical mid-sized project, a single person is usually sufficient for the cloud deployment, taking no more than two hours if the implementation plan is well-defined and the design is in place.

We implemented the solution through a vendor team. The score I'd give for their expertise is seven out of ten.

The deployment process begins with configuring the firewall's IP and other settings. Once this initial configuration is complete, we proceed to the AI portal. In the AI portal, the first step is to configure the interfaces. After configuring the interfaces, we proceed to install the created interface. Next, we move on to the SmartConsole. To access the SmartConsole, we download it from the app portal. Once the SmartConsole is installed, we can easily create rules for logging purposes, manage objects, configure networking, and VPN, and other technical tasks from the SmartConsole. Routing and related tasks are typically handled in the data portal. One individual is enough for the deployment. The duration of the setup process varies depending on factors such as the complexity of the customer's environment and the site architecture. For instance, in a relatively simple scenario with just two VLANs and a couple of VPNs, the configuration could be completed within a few working days. Maintenance is essential, with upgrades and patch updates being mandatory at least once every six months. This ensures the system remains up-to-date and secure.

We did the deployment in-house and with a vendor team. The level of expertise was a 10/10.

We have implemented it completely in-house.

We used a vendor team. Their level of expertise was acceptable.

We implemented through a vendor team and I would rate them at a 10 out of 10.

We had vendor involvement.

We had an in-house team for deployment with active support from Check Point.

Yes we took help of the Certified Vendor. Vendor support was good.

It was a collaborative effort of our in-house and vendor teams. The support was good & quite appreciable.

Overall, the process is very fast and depends on the type of deployment. For example, replacing a Cisco firewall with Check Point requires converting policies, which can take quite a while, depending on the size of the policy base. In my personal experience, setting up Check Point was very quick.

The deployment was done through the vendor team.

We used a consultant. Our experience with them was very good.

For deployment and maintenance, we have five people on our staff. We have to do some maintenance on it. It's pretty much scheduled to rotate between us so that we keep our skills fresh.

We did everything in-house.

Check Point NGFW requires security and OS patching, and life cycle management. Every three to five years you need to replace the hardware. We have a dedicated team that does the maintenance of the solution.

It's hard to say exactly how many people are involved in implementing and maintaining the solution because some of the work is outsourced, but I would say it's a team of approximately between 10 and 20 people.

The vendor did all the migration in just a couple of hours.

We did an in-house implementation.

The deployment time varies depending on the scale of the project. For small cases, it may only take a couple of minutes, while larger-scale deployments can span up to a month. Having a skilled engineer is crucial; one proficient engineer can handle the job effectively. Maintenance is relatively straightforward.

We handled the setup in-house.

The Check Point support team is one of the best. When I need them, they can escalate the ticket to an appropriate level of engineer to fix the problem.

The help we received was good.

The product was implemented by a partner and their expertise was very good.

We did it ourselves.

We implemented the firewalls with our in-house team.

We have around 20 people on the team, because it is a large company. So, I deployed it with the help of 19 members. The team of 20 people work on different shifts and we manage all the organization's firewalls. We are all network engineers, though some of us have different designations.

The installation was done jointly with an engineer provided by the supplier, and his capacity was good.

We implemented the solution in-house.

We worked with Check Point professional services.

We handled the setup in-house.

For the deployment process, there were only four senior network engineers involved from our company.

In our deployment process, there are two methods available: standard and distributed. The predominant choice in our country is the standard deployment, utilized by approximately ninety-two to ninety-five percent of our customers. In the standard deployment approach, a separate server is configured with three ports, situated between the firewall and the switch. Configurations are not directly applied to the firewall; instead, they are made on the server. After completing the configurations on the server, the changes, such as creating new firewall rules, are not immediately connected to the firewall. Instead, they go through the server, where calculations are performed, and the configured rules are loaded. If a misconfiguration is detected, the server notifies us, highlighting any inaccuracies in the rules or policies. This preventive measure helps avoid applying flawed configurations directly to the firewall. Regarding the ISMP modules, I believe a single individual is sufficient. Given some time for research, this person should be able to deploy it efficiently for me. The deployment time varies depending on the configurations. Maintenance primarily involves updating the firmware; aside from that, there are no additional requirements.

We have always used Check Point Professional Services to assist with our implementation.  They are very knowledgeable and can save you a lot of time and frustration.

We handled the implementation in-house.

We handled it on our own. 

Our in-house team deployed it with support from the OEM.

We used a vendor team along with our in-house team.

We used Check Point for implementation, and they are top-notch. They know the hardware and software better than anyone.

We did the implementation with vendor support.

Yes, and we had a good experience.

We have a very good in-house engineering team that does the setup and configuration. We did not require any third-party assistance because we have had full training on it.

Our deployment included seven or eight people who were working in different shifts. Similarly, we have three to four network security engineers working in shifts who maintain it. This includes things like dealing with tickets for updating policies.

We didn't require any external help for the deployment. Our R&D and tech were capable of doing it. Our deployment team consisted of six to eight people, working in different shifts, to configure it.

I did most of my deployments by myself, but in our headquarters, where there was an older version of a Check Point version, and they wanted to migrate to a new one, I used a partner. The partner I used was SafeWay, a company in Israel. They have quite extensive knowledge and they are very professional.

The initial implementation was with the help of a vendor with good knowledge of the product.

We handled the initial setup in-house

We implemented the solution in-house.

I don't believe we've ever had to actually call Check Point to assist with anything. It's pretty straightforward. The wizard does most of the work and we have all the instructions we need. It's pretty much all done in-house.

We implemented the solution through a vendor. They offered excellent support.

The provider we have used has highly qualified staff and offers excellent and professional services.

We handled everything through Check Point PS. They were very good.

We used a Check Point partner for the installation. I was involved in the deployment, meaning that while they were deploying I was there. They even took us through some training.

We handled the implementation in-house.

Implementation was done with the help of Check Point's professional services.

We have used several vendors and some are better than others. 

It was implemented through a provider that has been guiding us towards the correct use of the equipment and the best practices to keep it updated. The service has been excellent, both in common day-to-day ticketing situations, including the most serious incidents.

We initially opened a case regarding the upgrade. Check Point's technical support was there on the call because the upgrade was going from version R77 to R81.10. This was a major update for the entire network, and they were there supporting us in case of any issues.

Check Point authorised partner had been involved in the migration to avoid any operation issue 

The initial setup was completed by a partner, who was a certified system integrator.

Our in-house team handles maintenance.

Deployment duration varies based on the customer's specific conditions. On average, an installation might take around twenty minutes.

We implemented it through a vendor called S G Informatics India Pvt Ltd.

The level of expertise I would rate at 10 out of 10.

I handled the implementation myself. I did not need the assistance of an integrator or consultant. 

We had two different ways of getting help. We have local representatives who are in the same metropolitan area and they were very responsive. Then when we would have to contact standard support. We were satisfied about 80% of the time. Sometimes follow-up was not there. Sometimes there would be delays and occasionally there would be rehashing of information that didn't seem like it was efficient. Eventually, we would get the answers we would need.

That's why we rely heavily on the local people because they could sometimes light a fire and get things moving a little bit quicker.

In-house team - we have a Check Point Certified engineer.

We had a partner. A representative of Check Point came and did the implementation.

You need to work with a vendor that is overall quite knowledgeable. 

From scratch to finish, deployment took about a month. It took this long because we had to convert all of our existing configurations from Cisco Firewall to Check Point. We had to get help from our vendor to do this. He had to manually convert each and every command from our existing Cisco device to Check Point — that took a while. This was the main reason that deployment took so much time.

The end-user VPN didn't take much time to deploy. Neither did the site-connecting with the VPN — that took a day or two to deploy.

I handled the implementation myself.

The product was implemented through a third-party vendor.

It was through a vendor, and they were very good and did it on time as they promised.

I was not present when the first firewall was set up, although I was presented for the deployment of new ones. Whenever there is a new firewall deployment, I am involved. We have between four and five network engineers who take care of this part.

There is no maintenance required from our side. When we have a hardware issue then we contact technical support to get it sorted out.

When we tried Threat Emulation, we have received professional services from Check Point. However, for the normal setup, we don't involve any professional services.

We do it ourselves most of the time. We only take help when it comes to scalable platforms, like big chassis firewalls, which are little complicated. Then, we get outside help.

I manage the operations team and have also been involved as a consultant.

We have some best practices in place that we follow.

There are four security engineers who deploy and maintain this solution.

The implementation was through a vendor, and the installation went really well. The consultant was Check Point certified and explained everything in detail.

Later on, we added new remote sites to the configuration (in-house) without any problem. We didn't need to check with the vendor.

I implemented it with the help of a vendor.

Our in-house team was in charge of the deployment. We have a team of seven people that work in shifts, and we did all of the work, with some support from Check Point.

Six or seven people in different shifts are required for maintenance. At any given time, we generally work with two or three people during the same shift. I think that two people working at the same time are sufficient.

We handled the setup in-house.

We had assistance from the vendor's professional services team to ensure smooth deployment. It was a green field project so the deployment was easy. The team deployed on implementation had expertise with the solution.

We deployed it with the help of a partner, called Spider Solutions, here in Israel. Our experience with them was good. The technician that came here to install the firewalls was professional and thorough. Everything went according to plan, with no issues.

The whole initial setup was done by the partner and our role was more oversight to see that everything was okay and to give the information that was needed to proceed.

The implementation was done through a vendor.

We had an integrator that assisted us with the implementation. 

The vendor implemented this product for us.

We are working with Check Point Firewalls to provide installation, migration, updates, setup, etc. 

In the beginning, we needed help from the vendor with the setup. The support was good.

We implement the firewalls ourselves.

I implemented this solution by myself.

We didn't require Check Point's help during deployment. After deployment, we did require their help for critical cases.

Our In-house team handled the implementation. 

We did the deployment ourselves. We have onsite specialists who have done many deployments.

20 people take care of the deployment and troubleshooting of this firewall.

All implementation is handled by our team.

We do it ourselves.

We had help from a Check Point integrator. It was a good experience. They were very helpful.

We had a partner set up the solution for us.

I deployed it myself with the help of one or two of my colleagues.

We are only vendors.

We hired a company to do the implementation. I don't remember the dynamics of the team. The last time it was set up, there were two people on the implementation team. 

We did and their expertise was high. We did not face many problems.

For the first setup, I used a consultant. For the second one, I didn't. We didn't need one.

We had Checkpoint support engineers for the implementation. The people are helpful. They support their product. The problem is that there were too many problems. Even their support can't fix it. They try their best to help but when the product isn't great, there's not much you can do.

We needed help from the Check Point expert experts because we deployed it in the HA. It's a bit different from the other firewall vendors. You need a Check Point expert to deploy it initially.

We have a five-person technical team for the maintenance of the solution. We use managers, admins, engineers, and developers.

I implemented using a vendor team, whose performance was good.

Our in-house team does the installation for our clients. We also handle support, depending on what level of support the client has. Sometimes, they go directly to the OEM.

We do the deployment ourselves, but if we face any kind of issue, we just raise an issue with their TAC.

In-house

I implemented and deployed Check Point NGFW alone.

When it comes to the deployment and maintenance, there are two people involved, one for the deployment and the other for monitoring, consisting of an engineer and a technician. 

We consulted with one partner of Check Point, who is our provider. If the issue is really big, then we open a case with Check Point directly via the partner. My experience with them was really nice. It was the best experience that I had ever had.

They have amazing engineers. Their expertise is unbelievable. They do integrations really well. They could improve on routing and networking, but the product is what is important for me. 

We have a contract with the vendor to implement and deploy this solution for customers. There are three engineers on the staff who are responsible for maintenance and support, including dealing with tickets.

In total, working with this solution, we have four engineers and two junior administrators.

We have one staff member that does the implementation of the solution.