Most Helpful Review
Find out what your peers are saying about BigFix vs. Check Point Endpoint Security and other solutions. Updated: January 2020.
397,082 professionals have used our research since 2012.
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
One of the biggest benefits BigFix has had for our organization is the ease and efficiency to perform many different tasks, across pillars and platforms, all from one pane of glass.
The older version of the tools that I use also included the connectivity aspect, and the fact that the tool now has it separate from the collection of usage data makes the deployment of these tools much easier.
The most valuable feature is patch management, a must have, even for Linux and iOS.
It's enabled us to have a highly successful endpoint patching program for the past decade. It's been enormously successful there. It's also become a core part of many of our business processes, from compliance monitoring of endpoints, encryption management, key escrow, and local administrator password escrow. It's built into our inventory. It's very much everywhere.
Servers are patched more consistently than they have been previously.
Being able to intelligently create reports, gather data, export CSVs and give that to the leadership of some of the client groups that my team supports has helped my organization.
We are able to use BigFix through API connections to automate and reduce resources and time. The product's been great for us. It's increased the security posture ten-fold and it's increased our visibility across our endpoints enormously.
BigFix has drastically reduced the maintenance window period to patch and reboot servers.
We were under an attack in our environment, and the Check Point response was good because we didn't lose anything.
The biggest value we found was ease of deployment. I haven't really used it much, so I can't really comment beyond that. I haven't used it much, but it's working.
The most valuable feature of this solution is the VPN.
The most valuable feature is the integration with CheckPoint's firewalls. You can have one port, and follow the logs from both Endpoint and firewall security.
We had a ransomware attack and the SandBlast agent automatically picked up the ransomware.
Before we used this solution, our mail was blacklisted. Now we are white listed by all organizations, including Google. Also the security of our institution has really improved.
The SandBlast agent is the most valuable feature for Check Point Endpoint Security. We've found that the Check Point SandBlast agent is mature.
The end-user facilities for managing the tool are good.
I would like to see SDK for Web UI included in the next release.
I self-taught for this online, so the initial setup was a little difficult to pick up at first. I had to create a couple of testing environments and destroy them in order to learn how to use it. There was a lot of trial and error, a lot of reading of the manuals.
I would like to see the Self Service section made more user-friendly.
Around the scalability concern, I would like to see the ability to run teamed, clustered, or hierarchical root servers, in order to provide a more robust, high availability system. The single monolithic root server model does somewhat bother me.
I would like to see the integration of user security between the different products to be improved. There's separate security for compliance, separate security for web reports, and the console, and you have to manage those things separately.
The stability is generally pretty good. The one thing that we came across is the battle between load on endpoints and load on our servers and relays versus how quickly, effectively and reliably actions can be taken. I'd like to not have to take an action on a system while I'm working with someone and then have to say whether something will happen between five seconds or thirty minutes from that point.
I would like to see API connectivity, built-in API connectors to the standard toolsets, whether it's for your ServiceNow or your Qualys. More API connectivity to make it easier to integrate to other tools.
I would like to see a web UI SDK so we could take what is provided currently and be able to build our own customized web UI for particular customers that want to sell service.
We would like to have the ability to stop and restart the service remotely, which is something that we can do easily with Symantec but have a hard time with when using Check Point.
I'd also love to see them add full MDM support, but I appreciate that that's not the product market. If it did come in, I'd be more than happy to look at additional modules. It was probably one of the easiest products I've ever had to deploy it, but if it's not capable of doing MD, then that's going to impact its usefulness to us.
I would like to see support for a policy in the appliance that will refuse to create a connection if it does not detect an active virus scanner.
The solution could improve VPN functionality and the VPN user-interface.
One area of this product that has room for improvement is the disc encryption.
They should provide bandwidth regulation, so we can monitor and regulate bandwidth.
The remote deployment with Check Point Endpoint Security requires improvement. We have to depend on some of their deployment tools. I would like a system endpoint protection management tool or a remote deployment tool.
Areas that have room for improvement are the scope of the product and, while I think the support is good, they can improve support as well.
Pricing and Cost Advice
Compliance, inventory, and licensing are really pricey. They should lower the price. It discourages users from getting onboard.
The product is less costly when compared to other solutions, and this is a good solid solution for what we have paid.
The licensing cost for Check Point is $3 USD or $4 USD per end-user.
I bought them for 12 months and I genuinely cannot remember what I paid for them. I think it's about 100 pounds per user per year, so about 10 pounds a month per person.
We pay roughly 80,000 Swedish krona per year. When it comes to the firewall, it's roughly 150,000 Swedish krona yearly. There's also maintenance, of course, which is roughly 10,000 krona per month.
We pay on an annual basis. There are no additional fees, they mostly tell us what we have to pay. We have budgeted for it.
In addition to the standard licensing fees, there is a cost for support.
out of 58 in Endpoint Protection (EPP) for Business
Average Words per Review
out of 58 in Endpoint Protection (EPP) for Business
Average Words per Review
Compared 42% of the time.
Compared 17% of the time.
Compared 5% of the time.
Compared 12% of the time.
Compared 10% of the time.
Compared 9% of the time.
Also Known As
|Tivoli Endpoint Manager||Endpoint Security|
IBM BigFix provides complete visibility and control into all endpoints through a single, unified platform. Enterprises can now bridge the bridge the gap between threat detection and response, drastically reducing remediation times and costs by consolidating best-in-class EDR, enterprise asset discovery, endpoint interrogation, rich threat intelligence, multi-platform patch management (90+ OS) and software distribution. Security and operations teams can see, understand and act on all endpoint threats while proactively reducing the attack surface. • SEE: Discover and audit every endpoint, on or off the corporate network—and rapidly detect evasive attacks using behavioral analytics that understand how attackers compromise your endpoints. • UNDERSTAND: Guided investigation enables security analysts to understand the full context and scope of an attack based on real-time endpoint information, not just historical data. • ACT: Respond with purpose. BigFix provides the capability to deliver targeted remediation—not only on patient zero but enterprise-wide—in minutes or hours.
Check Point SandBlast Agent is a complete endpoint security solution offering a fleet of advanced endpoint threat prevention capabilities so you can safely navigate today’s menacing threat landscape.It provides a comprehensive system to proactively prevent, detect, and remediate evasive malware attacks. SandBlast Agent is a core product of Check Point Infinity, creating a unified security architecture. Learn more about Endpoint Security.
Learn more about BigFix
Learn more about Check Point Endpoint Security
|US Foods, Penn State, St Vincent's Health US Foods, Sabadell Bank, SunTrust, Australia Sydney, Stemac, Capgemini, WNS Global Services, Jebsen & Jessen, CenterBeam, Strauss, Christian Hospital Centre, Brit Insurance, Career Education Corporation||Boston Properties, Independence Care System, Melbourne Convention and Exhibition Centre (MCEC), Courtagen Life Sciences, Carmel Partners|
Software R&D Company35%
Comms Service Provider10%
Software R&D Company33%
Comms Service Provider18%
See also BigFix Reviews, Check Point Endpoint Security Reviews, and our list of Best Endpoint Protection (EPP) for Business Companies.