Some features that could be improved are advanced threat protection, sandboxing, and vulnerability management.

Another point is to improve the technical support provided by Check Point UTM-1. Although the company offers different standards, including basic and premium, by mail and by telephone, they present a very large deficiency in the time it takes to comply with the provisions of the SLA. Coordinating a meeting is complicated by the schedules. 

The documentation should also be improved by having it unified.

They have been working on unified threat management with the aim of consolidating a wide range of security functions. What has been the issue of firewalls is they ask me for policies and content filtering application control and all these features that are now part of Harmony. They have already been migrated, that is, this feature that was typical of the Check Point solution was passed to more modern ones, so we are not going to ask for many updates since it already exists, and that is something that is used with the cloud. 

The speed of the management interface needs improvement. It is known by many professionals that hardware resource usage increases almost exponentially when using more than just one security blade. Security rule-creation logic, which so far works sequentially, must be made parallel just like the competitors do. Otherwise, many administrators fail to understand it and do not use it the way it should.

The licensing could be improved. It restricted us to maybe 55 connections per license, so anything less than 55 VPN connections. But when you grow and have 100 clients coming in, you have to upgrade. I'd prefer to get something which is a one case scenario.

I think in the future they should also overhaul how all the functionalities work. I tried to gauge what I expected it to do after the setup, but as much as I tried to use it, I still had issues, still had problems with it. And OEM wasn't very supportive. Maybe it works for some setups, but not for what I set it up for.

They should provide better customization options for network threat management.

The solution could be improved by creating or including in the product enforcement of some kind to deal with cybersecurity and all the new kinds of attacks we are dealing with right now.  

One thing that we are facing also is the PKI, the public key infrastructure. We don't know how to use this solution to get the visitor certification from the PKI. We did some searching on the internet looking for cases on how we can have this solution integrated with the PKI and we didn't find anything about this. 

I would like it if the vendors could pay special attention to integration. It must be easy to do with other kinds of solutions. For example, now to authenticate Cisco routers to the Check Point. So this is one thing that the vendors must think about, how can you make this solution easier to integrate with the others, to be able to collaborate. 

The solution should be more user-friendly. I know we can do a lot of the configuration using GUI or CLI. But they have to work more on their GUI. If they work more in the GUI I think many people will come to the solution.

• VPN - It's not that good, so I moved to Juniper.
• IPS - It has room for improvement, as sometimes hackers are able to get through.

The value can be improved. If we have a small company with less than twenty-five employees and only one central site, the opening range of Check Point is expensive.

The implementation of the rules could also be improved, as some other vendors have a cleaner and nicer interpretation of the rules and rules sets. Check Point, by inheritance of all of those different versions, makes it so it's not that straightforward. Once you get the mindset, it's clear. However, until you get the mindset, specifically on clients that are expecting to work with them, it is not that clear. In our case, we are focused mostly on Layer three, and not the universal ones that some other vendors implement.

The solution could be improved if there was a better way to report. The reporting functionality is not really good. Even though it's not the major function. Maybe adding a way to make a custom report.

I would like to see improvements in the report area. Some features should be integrated and not licensed separately.

Some improvement is required to addition feature to set data and concurrent session limit of each user. Currently, there is no option .

Check Point should include a DNS server as a feature as additional advantage.

The CLI is good.

The entire GUI, look and feel of the application.

• Reporting
• Client integration

The physical memory is insufficient for installing policies and some other operations. It would be better to put 4GB RAM into the appliance.

• IPS
• DLP
• QoS

Memory and processing power: These devices are strictly for small business applications.

• I am not able to see a demo.
• The interface needs improvement.