Maqsood M. - PeerSpot reviewer
Lead - IT Security Operations at MORO
User
Robust and intuitive with a good Smart Console user interface
Pros and Cons
  • "I was impressed by how easy it was to activate blades and implement them on a security gateway, with the process taking less than five minutes."
  • "The need to offer scheduled policy pushes in Smart Console."

What is our primary use case?

We use the product for safeguarding our office network on a routine basis. These firewalls protect against external threats, manage VPN access for remote users, and address various security scenarios. 

Our primary focus involves malware prevention, intrusion detection, and ensuring robust security measures to shield our office network from potential cyber threats originating from the internet. 

It serves as a traditional yet effective security system, providing comprehensive protection against hackers and potential risks associated with internet usage.

How has it helped my organization?

A lot of things need to be improved in Check Point NGFW. For example, their support team isn't very efficient and useful. The solution itself isn't easy to learn, making it hard for support to provide solutions. The design makes it so pockets (specific teams) have to work together when there's an issue, which creates a mess. 

Also, Check Point lacks competitive capabilities like SD-WAN and CGM app integration. And visibility needs improvement. For example, Fortinet shows all connected devices with IP addresses, Mac addresses, and sometimes usernames. More granular detail is crucial for security. 

Support efficiency, visibility, and adding competitive capabilities are key areas for improvement.

What is most valuable?

The product offers a robust and intuitive experience, catering to the essential needs of users. 

The Cleanup Rule's ability to discard unwanted traffic and the inclusion of default Autonomous Threat Prevention Profiles simplifies security measures, catering to various deployment scenarios. I was impressed by how easy it was to activate blades and implement them on a security gateway, with the process taking less than five minutes. 

Additionally, the Smart Console's clear and efficient user interface ensures that the changes to the policy are swiftly made, with the added benefit of maintaining proper audit logs.

What needs improvement?

Places for improvement include:

  • Having a Zone Alarm and the standalone endpoint VPN that become compatible products.
  • Having a Smart Console in-place upgrades with IP/fingerprint retention.
  • Offering a Mac version of Smart Console.
  • Integration of CPview and things like fw accel stat in the monitoring blade.
  • No more legacy SmartDashboard for some features.
  • Streamlining of the endpoint solution and deployment options and also offering the possibility to convert shared policy to unified policy when you run R80.X via some sort of wizard in a layer or so. This is a classical case for people who upgraded their R77 management.
  • Offering a fixed deployment schedule for accumulator hotfixes. This would help us foresee maintenance windows in organizations with rigid change management procedures.
  • Finding a way to restore the object search like in R77, where you could find any part of an object name and not a word in the object.
  • Scheduling policy pushes in Smart Console.
Buyer's Guide
Check Point NGFW
March 2024
Learn what your peers think about Check Point NGFW. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.

For how long have I used the solution?

I've used the solution for ten years.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Abnet Tsegaye - PeerSpot reviewer
Security Engineer at DeliverICT
User
Top 5
Good functionality and access control policies while helping limit access to third parties
Pros and Cons
  • "Its management web interface is very easy and user-friendly."
  • "Finding support is a little bit hard."

What is our primary use case?

We are resellers, and our customers need a robust and well-performing NGFW. The Check Point NGFW tool was acquired since they needed collaborators to have secure access to the company's resources and applications. This tool provides us with the alerts and corrections that must be made when finding a security breach in their environment. 

Check Point NGFW also provides a great capacity of features and helps us apply them to the organization. It has web filtering limited to third parties and SSL encryption. The application's administration is very simple and centralized since it helps them a lot in reporting and generating alerts.

How has it helped my organization?

The organization needed a tool that would provide various security functionalities in the organization, and so far, Check Point NGFW has helped them a lot. 

It has helped the company by applying access control policies and limiting access to third parties and only those who must enter the organization to use resources and applications. 

The application behaved very well with the current resources in the company network; it helped us to prevent several security holes found with web filtering and internal DDoS attacks. 

Check Point NGFW can quickly identify where the attacks are coming from, provide detailed and complete information on the attacks, and provide zero-day attacks in real-time.

What is most valuable?

One of the valuable characteristics of Check Point NGFW is that it presents very centralized management. Due to this, their security throughout and outside of the organization has improved. 

Many collaborators work from their homes or different places and help them filter and limit access to packet inspection with flexibility and speed that was not previously possible. 

The records that it shows and generates (depending on its configuration) make everything very visible to be able to adjust and correct in time. When superiors ask for administrative information, it provides great value. 

Its management web interface is very easy and user-friendly.

What needs improvement?

The tool provides what is expected in its security functionality. However, some points must be improved, such as the latency in the GUI entry. It takes a while to register and allow access to the administrative panel.

Customer service should be improved, both in the administrative and technical fields. Support cases have been generated several times, and it takes time to resolve the case. Finding support is a little bit hard. This needs to be improved.

For how long have I used the solution?

I've used the solution for one and a half years.

Disclosure: My company has a business relationship with this vendor other than being a customer: My company is partnered with checkpoint as a reseller.
Flag as inappropriate
PeerSpot user
Buyer's Guide
Check Point NGFW
March 2024
Learn what your peers think about Check Point NGFW. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.
Technical Specialist at Tech Hat Pvt Ltd
User
Great security management, packet filtering, and built-in high availability
Pros and Cons
  • "In a single bundle we have the all solutions we need - like application/URL filtering, and threat emulation/extraction."
  • "They could improve by lowering prices."

What is our primary use case?

We use the solution for full-scale integration and end-to-end management at the organization in a distributed deployment. The deployment/installation is quite easy.

Check Point NGFW is the best in terms of comprehensive protection against network threats and security against malware and phishing attacks. It smoothly restricts these via anti-phishing algorithms. 

Check Point NGFW source package covers all the bases - application control, NAT, DLP, routing, content awareness, VPN, desktop security, and much more. 

It is scalable, provides end-to-end resolution and customized productive services like providing a complete solution for perimeter protection that blocks the traffic based on an IP address or on applications and content. This makes Check Point NGFW a highly promising and more or less a complete solution.   

How has it helped my organization?

Check Point NGFW proved to be highly scalable, secure, and stable, among other alternatives to multiple firewalls present in the market. 

Before we used Check Point, we faced many issues such as latency, business interruptions, etc. In a single bundle we have the all solutions we need - like application/URL filtering, and threat emulation/extraction. In one single platform, we can manage everything with no need for a separate console to check/manage the features and behaviors. It has improved the performance and has minimal latency.

What is most valuable?

The most valuable aspects include:

Security Management. In a single console, we can manage the policies. It includes all the included bundles, features, and monitoring of logs.

Packet Filtering. This is used to examine every packet of data passing through your network. 

Built-in High Availability. A standard backup feature should be included if you cannot risk losing your firewall. 

Bandwidth control and monitoring. It's important to control the use of the bandwidth you have available.

Policy verification/validation. Check Point provides a convenient abstraction for bundling the validation of data against an expectation suite. 

What needs improvement?

They could improve by lowering prices. The source package is a bit more expensive than its competitors. We've had some downtime issues

Improvements in the time and attention given to solutions for generated cases.  Licensing that is more comfortable and affordable.

Check Point NGFW Firewall requires frequent updates to build more user-friendly dashboards.

A few services of Check Point NGFW require immediate improvements, like the customer support portal and the ads management on the platform.

Sometimes the KB article does not include all the steps. There is a chance for improvement in the content of global KB articles.

For how long have I used the solution?

I've used the solution for eight or more years. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
DouglasSantos - PeerSpot reviewer
Junior Cyber Security Analyst | CCSE | CCSA | CC at Security4IT
Real User
Top 10
Good support, threat extraction, and analysis
Pros and Cons
  • "I haven't had any data leaks or vulnerability situations."
  • "It could be easier to manage the licenses on blades and contracts."

What is our primary use case?

I usually apply Check Point to protect my customer's environment as a main solution boundary gateway, DMZ gateway, LAN gateway, or VPN site-to-site with other Check Point appliances and other vendors. I do a Harmony Endpoint full integration. I use other tools such as threat prevention blades (like IPS and IDS), anti-virus, anti-bot, anti-malware, and the Sandblast solution.

How has it helped my organization?

I haven't had any data leaks or vulnerability situations. The NGFW has been working as it should! It's performing well and offers great security for me and my customers by protecting the environment. Administrators can easily follow and monitor security events, or the health status of the environment or appliance using Smarteview, SmartEvent, and the monitoring blade. We can look at CPU usage, disk space, and traffic and can see user history in real-time. 

What is most valuable?

The threat extraction is the most valuable aspect. It protects the final user and prevents them from falling into the trap of infected files. When a file needs to be downloaded by a machine user, this solution analyzes the file at the same time to send to the user a clean version of this file. If not infected, the real version is available. The threat emulation can scan the computer applications searching for malicious activities and block them according to policy.

What needs improvement?

It could be easier to manage the licenses on blades and contracts. If you have a large environment it will take too much time for your team to verify if all the licenses and contracts are correct and work well. Although it is possible to manage licenses using SmartUpate and SmartConsole, if there are issues, you can only fix them using an expert shell. Simplifying the process would help simplify the daily tasks of administrators.  

For how long have I used the solution?

I've been using the solution for two years.

How are customer service and support?

Technical support works well.

How would you rate customer service and support?

Positive

What's my experience with pricing, setup cost, and licensing?

NGFW is not a cheap solution, however, it does guarantee security. If the goal is to protect assets, using NGFW by Check Point helps immensely.

Which other solutions did I evaluate?

I use this in my company environment. I did not evaluate other options. 

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: I am security analyst and support my company environment and customer environment. I work with this solution daily.
Flag as inappropriate
PeerSpot user
Diana Alvarado - PeerSpot reviewer
Security Admin at a tech services company with 51-200 employees
Real User
Top 5Leaderboard
Easy to implement - NGFW CheckPoint
Pros and Cons
  • "There is modern protection against current threats."
  • "The documentation could be better."

What is our primary use case?

This is a very good application to be able to provide security to our infrastructure in Microsoft Azure. The provisioning through the Azure templates was very good. It is exactly the same security application of Check Point gateways as the one on-premises.

Now we can use the tool to provide granular security between subnets or generate VPNs against other offices, all with the great security that the manufacturer provides us.

The application control provided by the gateways is also very good for our objectives, which were to block some general access applications or categories that are prohibited by the business.

How has it helped my organization?

This security tool helps us a lot in the public cloud environment. We can provide perimeter security in the environment now.

We have been able to implement server policies, DMZ subnets, and updates, among others, that are not available for all VNETs, subnets, or servers, and with this, we have greater control.

Additionally, we have created new VPNs against some offices, which are monitored, encrypted traffic, and find it really easy to provide the required service.

Finally, we have created nets for public access to the infrastructure. It has really helped us a lot.

What is most valuable?

The most important features of this application are:

1- An easy implementation at the virtual level. This helps us to be able to have security in the cloud.

2- The monitor and records are shown from the security management environment, where we can validate many events that happen over time to improve security through the dashboard.

3- There is modern protection against current threats. All new Check Point protection features are included and ready to provide more protection.

4- The licensing includes management service.

What needs improvement?

The documentation could be better. Sometimes they do not update their manuals effectively. Not everything is the same, and it generates some problems in the implementations.

There's an issue with licensing provisioning within the Check Point NGFW Gateway. It is really difficult to place the licenses correctly, generating additional work or limiting the solution due to poor provisioning.

I would like them to improve the response speed of technical support.

For how long have I used the solution?

We have used the Check Point Next Generation Firewalls for the last four years.

Which solution did I use previously and why did I switch?

Four years ago, we had not used an NGFW in Azure. We used the basic security until we could meet and receive support from a Check Point partner.

What's my experience with pricing, setup cost, and licensing?

The best option is to have a partner to support you with quotes, features, and other valuable details. They can guide you via details that Check Point currently does not provide publicly, to make good decisions.

Which other solutions did I evaluate?

We always evaluate the options. We take into account Check Point, Palo Alto, Cisco, and Fortinet.

The benefits provided by Check Point turned out better than what we requested, which is why this was our first choice.

What other advice do I have?

This is a very good security application, both physically and as a virtual appliance.

Which deployment model are you using for this solution?

Hybrid Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Support at a security firm with 51-200 employees
User
Top 5Leaderboard
Nice portal, good security, and great dashboards
Pros and Cons
  • "The solution is easy to administer thanks to its dashboards. The monitoring is really useful."
  • "Currently, some prices are very expensive."

What is our primary use case?

We require local perimeter security in one of our workshops, which is why we require a new-generation firewall solution. The local equipment works for us to be able to provide perimeter security in our workshop.

Thanks to these Check Point Gateway devices and with the integration of many additional security solutions, we have protection against zero-day threats. In addition, we have the possibility of carrying out all the management from the Infinity security portal and can administer all our policies, view logs, and monitor devices, among other tasks.

How has it helped my organization?

Thanks to Check Point, we managed to carry out a better security implementation. By placing one in a workshop, we managed to solve issues with attacks and malware.

The solution is easy to administer thanks to its dashboards. The monitoring is really useful.

What is most valuable?

The most valuable aspects include:

  • Mobile security. Check Point NGFW includes mobile security features that enable you to secure mobile devices and protect against threats such as mobile malware and phishing attacks.
  • Scalability: Check Point NGFW is highly scalable and can support large networks with high traffic volumes. 
  • What needs improvement?

    The best improvements to be considered are:

    • Improvements in the time and attention given to solutions for generated cases.
    • Licensing that is more comfortable and affordable. Currently, some prices are very expensive.
    • In terms of language in the application, they could better facilitate the handling of others.

    For how long have I used the solution?

    This is an excellent product of the new generation, administered in the Infinity Portal. We have used the product for at least two years.

    Which solution did I use previously and why did I switch?

    Previously, we had not carried out verifications of other devices.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Cloud Support at a tech company with 1-10 employees
    User
    Top 5Leaderboard
    Modern threats, and is constantly updated, easy implement
    Pros and Cons
    • "There are several ways to implement it."
    • "The tool is somewhat more expensive than its competitors."

    What is our primary use case?

    Check Point NGFW is a solid, up-to-date solution that helps protect the network infrastructure, resolving unauthorized access, attacks, and access to the infrastructure by cyber attackers.

    We've been pleased to use Check Point's security tool.

    To shield our perimeter, we decided to acquire a security manufacturer that would provide its gateway security applications both on-premise and in Microsoft Azure, for which Check Point, with its GW tool, fulfilled what was required to improve perimeter security.

    How has it helped my organization?

    Check Point NGFW gives us granular security with its intuitive policies, application control, monitoring, logs, and a wide range of blades that can be purchased and included in this tool, providing a more integrated and centralized security to improve infrastructure protection.

    With this, we can use S2S VPNs to communicate with other sites. We can monitor and protect with Check Point.

    There are several ways to implement it. In our case, we use an HA solution, a Check Point cluster that safely provides us with work continuity.

    What is most valuable?

    The characteristic that has caught our attention the most is its easy implementation in Microsoft Azure. Under a template, the tool can be provisioned with the best practices. Its licensing can be BYOL or PAYG through Microsoft Azure where it can be licensed on a monthly basis.

    The different implementation options create wide variability for users.

    This security tool is also up-to-date against the most modern threats, constantly being updated globally to provide intelligence accumulated by other devices worldwide to combat computer insecurity.

    What needs improvement?

    The tool is somewhat more expensive than its competitors. It could equalize the costs a little to be able to be more competitive.

    On the other hand, Check Point documentation does not always help easy implementation for new users or amateurs in the security field.

    Finally, the support must be improved. They need to improve times and schedules and solve both in local applications and in the cloud. Sometimes a solution is extended in the newest tools. Sometimes it is better to investigate one on your own than to wait for a Check Point solution.

    For how long have I used the solution?

    We have used this Check Point NGFW for about three consecutive years. We have improved the technical capacity of the staff to use it. It's an excellent tool.

    Which solution did I use previously and why did I switch?

    We used Cisco and Fortinet as tests. Check Point seems more robust.

    What's my experience with pricing, setup cost, and licensing?

    A Check Point vendor is necessary to be able to address licensing properly.

    I'd recommend carefully validating the documentation and carrying out test environments before implementing NGFW solutions in production to see the pros and cons that are generated in your infrastructure.

    Which other solutions did I evaluate?

    We evaluated various options, including security upgrades, performance, and Gartner ratings, to make the decision.

    What other advice do I have?

    It is an expensive tool. It's very good and effective. If you have the option or facility to acquire it, I recommend you try it first and you will love it.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Edwin Solano Salmeron - PeerSpot reviewer
    Soporte técnico superior at Acobo
    Real User
    Top 5Leaderboard
    Secure, helps comply with regulations, and offers good flexibility
    Pros and Cons
    • "Check Point has given us the ability to comply with regulations and with capacities in a way that we never could before."
    • "In the future, some of the features that I would like to see would be the ability to integrate environmental solutions such as the metaverse or blockchain so that we can see them also in applications directly and on mobile devices or natively."

    What is our primary use case?

    Currently, we have a need for security when it comes to protecting the company's infrastructure on a perimeter basis. We need to cover many branches that must be protected and require a solution that provides us with technological security solutions that allow us to establish and configure in a simple and centralized way for each of the branches.

    As a result, we have searched for solutions that meet these requirements, in addition, we are seeking out solutions with technological innovation capabilities constantly.

    How has it helped my organization?

    Check Point has given us the ability to comply with regulations and with capacities in a way that we never could before. Not only have we managed to secure our network, our infrastructure, and our equipment - we have also managed to gain analysis and additional configurations in each of the complex procedures that are carried out daily.

    What is most valuable?

    The Next Generation firewalls are quite flexible in many of their characteristics. These devices have blades or sections or small spaces where they have additional features that we can use. That way, we are not only protecting our organization and other branches that belong to our company - we also have other features if the need arises. These are the features that will always help us to put safety first in our organization.

    What needs improvement?

    In the future, some of the features that I would like to see would be the ability to integrate environmental solutions such as the metaverse or blockchain so that we can see them also in applications directly and on mobile devices or natively. 

    For how long have I used the solution?

    I've used the solution for three years.

    Which deployment model are you using for this solution?

    Hybrid Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Other
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Buyer's Guide
    Download our free Check Point NGFW Report and get advice and tips from experienced pros sharing their opinions.
    Updated: March 2024
    Product Categories
    Firewalls
    Buyer's Guide
    Download our free Check Point NGFW Report and get advice and tips from experienced pros sharing their opinions.