We just raised a $30M Series A: Read our story

Check Point NGFW Pros and Cons

Check Point NGFW Pros

PS
Principal Network and Security Consultant at a comms service provider with 10,001+ employees
Check Point definitely has a great architecture, where you can just enable the software blades and deploy a secure service. Overall, it provides ease of deployment and ease of use.
View full review »
Senior Engineer Security at a computer software company with 201-500 employees
The feature I like the most is their central management, the Smart controller which you can use to manage all the firewalls from one location... Being able to access almost everything in one location — manage all your gateways and get all your logs — for me, is the best feature to work with.
View full review »
BF
Senior IT Manager at a mining and metals company with 501-1,000 employees
The packet inspections have been a strong point. Our identity collectors have also been helpful. In many ways, Check Point has been a step up from our SonicWalls that we had in-house before that. There's a lot of additional flexibility that we didn't have before.
View full review »
Learn what your peers think about Check Point NGFW. Get advice and tips from experienced pros sharing their opinions. Updated: October 2021.
540,984 professionals have used our research since 2012.
AU
Network and Security Specialist at a tech services company with 51-200 employees
I love the interface of R.80.30. The R.80 interface is very nicely thought out with everything in one place, which makes Check Point easier to use.
View full review »
Network security engineer at Fidelity Bank
The most valuable feature for us is the VSX, the virtualization.
View full review »
Technical Support Engineer at AlgoSec
The Anti-Spoofing has the ability to monitor the interfaces. Suppose any spoofed IP addresses are coming from an external interface, it won't allow them. It will drop that traffic. You have two options with the Anti-Spoofing: prevent or detect. If any kind of spoof traffic is coming through the external interface, we can prevent that.
View full review »
JM
Network Security Engineer/Architect at a tech services company with 1,001-5,000 employees
The most valuable features are the security blades and the ease of managing the policies, searching log for events, and correlating them.
View full review »
Network & Systems Administrator I at DMH
The simplicity of the access control is the most valuable feature for us. It gives us the ability to easily identify traffic that is either being allowed or denied to our network.
View full review »
KK
Network Associate at a wireless company with 1,001-5,000 employees
We have between five and ten firewalls on-premises, and if we want to configure or push the same configuration to all of the firewalls, then the centralized management system is very helpful.
View full review »
IK
Security Expert at a aerospace/defense firm with 10,001+ employees
The management platform and the dashboard, the graphical user interface, is one of the best, if not the best, in the business. It's the most intuitive and it's really user-friendly in day-to-day operations.
View full review »

Check Point NGFW Cons

PS
Principal Network and Security Consultant at a comms service provider with 10,001+ employees
The area it needs improvement is the SandBlast Agent. It receives a file, or if it detects a Zero-day attack, it takes the file and analyzes it, either on-premise or in the Check Point Cloud, and then it reports back whether the file is secure or non-secure, or is unknown. That particular area definitely needs a bit more improvement, because there is a delay... where it needs improvement is where [SandBlast is] an appliance-based solution rather than a software or cloud-based solution.
View full review »
Senior Engineer Security at a computer software company with 201-500 employees
The biggest improvement they could make is having one software to install on all three levels of their products, so that the SMBs, the normal models, and the chassis would all run the same software. Now, while there is central management, everything that has to be configured on the gateway itself works differently on the three kinds of devices.
View full review »
BF
Senior IT Manager at a mining and metals company with 501-1,000 employees
The VPN setup could be simplified. We had to engage professional services for that. That's not a problem, but compared to other products we've used, it was a little more complex.
View full review »
Learn what your peers think about Check Point NGFW. Get advice and tips from experienced pros sharing their opinions. Updated: October 2021.
540,984 professionals have used our research since 2012.
AU
Network and Security Specialist at a tech services company with 51-200 employees
The naming in the inline layers and ordered layers needs improvement. It makes things very complicated. I've seen quite a lot of people saying that. For audit policies, it is okay since it's very simple to see. However, this area is for very large organizations, which have too many policies, and they need to share all these policies. For small to medium-sized businesses, they don't need it. Even if somebody has 500 rules, if they try to use it, it can be very confusing.
View full review »
Network security engineer at Fidelity Bank
The VPN part was actually one of the most complex parts for us. It was not easy for us to switch from Cisco, because of one particular part of the integration: connecting the Check Point device to an Entrust server. Entrust is a solution that provides two-factor authentication. We got around it by using another server, a solution called RADIUS.
View full review »
Technical Support Engineer at AlgoSec
For the user or anyone else who is using Check Point, they are more into the GUI stuff. Check Point has its SmartConsole. On the console, you have to log into the MDS or CMS. Then, from there, you have to go onto that particular firewall and put in the changes. If the management console could be integrated onto the GUI itself, that would be one thing that I would recommend.
View full review »
JM
Network Security Engineer/Architect at a tech services company with 1,001-5,000 employees
Debugging is very complex when compared to Fortinet, for example. That's the worst thing about Check Point. The deployment of the solution is harder than it is with the competitors. But after you've deployed it, the operation is easy.
View full review »
Network & Systems Administrator I at DMH
I would like there to be a way to run packet captures more easily in the GUI environment. Right now, if we want to read packet captures, we have to do so from the command line.
View full review »
KK
Network Associate at a wireless company with 1,001-5,000 employees
The level and availability of training should be improved.
View full review »
IK
Security Expert at a aerospace/defense firm with 10,001+ employees
One of my issues with Check Point is the stability. There have been too many bugs, over the years, when I compare them with other vendors. Their QA team should do better work before releasing their GA versions.
View full review »
Learn what your peers think about Check Point NGFW. Get advice and tips from experienced pros sharing their opinions. Updated: October 2021.
540,984 professionals have used our research since 2012.