We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"I like the firewall features, Snort, and the Intrusion Prevention System (IPS)."
"It has a good security level. It is a next-generation firewall. It can protect from different types of attacks. We have enabled IPS and IDS."
"Another benefit has been user integration. We try to integrate our policies so that we can create policies based on active users. We can create policies based on who is accessing a resource instead of just IP addresses and ports."
"When it comes to the integration among Cisco tools, we find it easy. It's a very practical integration with other components as well."
"A good intrusion prevention system and filtering."
"The feature set is fine and is rarely a problem."
"Web filtering is a big improvement for us. The previous version we used, the AC520, did not have that feature included. It was not very easy for us, especially because the environment had to be isolated and we needed to get updates from outside, such as Windows patches. That feature has really helped us when we are going outside to pull those patches."
"Feature-wise, we mostly use IPS because it is a security requirement to protect against attacks from outside and inside. This is where IPS helps us out a bunch."
"The firewall feature and DDoS Protector, when turned on, keep away attacks from the outside. They also prevent users from accessing things on the Internet that they are not supposed to access."
"The Next Generation Firewalls, the 64000 and 44000 series, provide us with support for large data centers and telco environments. They're quite reliable and provide great performance."
"Check Point definitely has a great architecture, where you can just enable the software blades and deploy a secure service. Overall, it provides ease of deployment and ease of use."
"My favorite feature is the UTM piece and that was the main reason we bought it. It helps us to fine tune the network."
"The Threat Management feature makes it very easy to detect the vulnerabilities and other factors. We can make new policy according to it. Policy creation is very simple in Check Point. Because the logs are very good in Check Point Firewall, this reduces our work with the reports that we are getting from the Threat Management. It is very convenient for us to use the reports to make new policies for security and other things."
"In the four years I have worked on the five firewalls we have not had any downtime caused by stability issues."
"One of the most valuable features is performance improvement, wherewith ClusterXL and CoreXL, you can improve performance."
"Check Point is very administrator-friendly and the SmartDashboard is easy to use."
"The solution is easy to use."
"Technical support is excellent."
"The most valuable features are the firewall section, the VPN, and how you control live users."
"Having a firewall solution with a data quota is very important when the bandwidth is limited, which really distinguishes it from other products."
"The most valuable feature is the IPSec forwarding."
"There are plenty of features available, such as Full Guard and WAN."
"The product, itself, doesn't seem to have any bugs or glitches."
"The VPN is excellent on the solution."
"An area of improvement for this solution is the console visualization."
"It's mainly the UI and the management parts that need improvement. The most impactful feature when you're using it is the user interface and the user experience."
"Its interface is sometimes is a little bit slow, and it can be improved. When you need to put your appliance in failover mode, it is a little difficult to do it remotely because you need to turn off the appliance in Cisco mode. In terms of new features, it would be good to have AnyConnect VPN with Firepower. I am not sure if it is available at the moment."
"The initial setup could be simplified, as it can be complex for new users."
"We're getting support but there's a big delay until we get a response from their technical team. They're in the USA and we're in Africa, so that's the difficulty. When they're in the office, they respond."
"The initial setup was a bit complex. It wasn't a major challenge, but due to our requirements and network, it was not very straightforward but still easy enough."
"Web filtering needs improvement because sometimes the URL is miscategorized."
"The performance should be improved."
"Check Point's support, at all levels, needs a complete overhaul."
"Compliance and centralized management can be improved."
"Internet load balancing provides either active/passive or active/active load balancing, however, I would like to see more options that provide SD-WAN capabilities while also allowing for more than two links."
"It could be more stable and scalable. Check Point price and support could be better."
"Check Point needs to work on hardware problems also."
"In terms of new features, maybe it would help if we could start to manage all the stuff in the cloud and not in the on-prem servers. The management side could also be faster when you install policies. But other than that, I'm satisfied."
"The software licensing model is too complicated with all the various tiers of SKUs (i.e. per software blade). They need to simplify this for easier purchasing and renewing."
"Check Point solutions have always been more complex to deploy than their competitors."
"Sometimes, users are timed out intermittently."
"The product is at its end-of-life. There is nothing to improve as it will be discontinued."
"Cyberoam UTM needs to have more certifications with third-parties, such as NSS Labs."
"I would say there's room for improvement in terms of the GUI. Because it is better than some of the other standard firewalls. They have the drag and drop features."
"We have had some issues with technical support, which is an area that needs improvement."
"The VPN is an area that can be improved."
"The technical support response time could be faster."
"Technical support could be faster."
"Its pricing is good and competitive. There is a maintenance cost. It includes SecureX that makes it cost-effective as compared to the other solutions where you have to pay for XDR and SOAR capabilities."
"It definitely competes with the other vendors in the market."
"I am happy with the product in general, including the pricing."
"When we purchased the firewall, we had to take the security license for IPS, malware protection, and VPN. If we are using high availability, we have to take a license for that. We also have to pay for hardware support and technical support. Its licensing is on a yearly basis."
"Its price is in the middle range. Both Firepower and FortiGate are not cheap. Palo Alto and Check Point are the cheapest ones. I don't remember any costs in addition to the standard licensing fees."
"Pricing is the same as other competitors. It is comparable. The licensing has gotten better. It has been easier with Smart Licensing."
"I like the Smart Licensing, because it is more dynamic and easier to keep track of where you are at. If we have a high availability firewall pair and they are deployed in active/standby rather than active/active, I would expect that we would only pay for one set of licenses because you are using only one firewall at any one time. The other is there just for resiliency. The licensing, from a Firepower perspective, still requires you to have two licenses, even if the firewalls are in active/standby, which means that you pay for the two licenses, even though you might only be using one firewall any one time. This is probably not the best way to do it and doesn't represent the best value for money. This could be looked at to see if it could be done in a fairer way."
"The solution was chosen because of its price compared to other similar solutions."
"Check Point is a little more expensive than FortiGate."
"Check Point Firewall costs more compared to the other firewalls in the markets, as pricing is little high. However, it is easy to take the license and use it in the firewall."
"Licensing is pretty straightforward and is based on the blades available, such as NGFW, NGTP, and NGTX."
"The price is too high."
"They offered more features for a lower cost than competitors, and the licensing model was easy to understand."
"An annual technical support fee is paid to maintain the equipment with the most updated licenses and versions and thus avoid vulnerabilities"
"The pricing and licensing are expensive. If you compare it with Fortinet, then it is cheaper on a yearly basis. However, Check Point is the most expensive firewall right now in terms of licenses and its appliance. My recommendation is if you want a long-term investment, then you should use an open server. If you use an open server, then the latency is really low. If you pay for a full appliance, it's more expensive."
"They sell it in one box. In that one box, they sell Antivirus and Threat Prevention. They have everything, so we are not required to purchase additional IPS hardware for it."
"I had an issue when I was trying to stop a user from using too much bandwidth while I was using Azure, I was not able to stop them."
"There is a license required for this solution and we are on a three-year contract. I am satisfied with the price."
"The licensing is on an annual basis and is very reasonably priced."
"I am not happy with the pricing, it could be better."
"It is not cheap."
"The solution comes with a yearly licensing fee."
"We pay for licensing the solution. It's my understanding that it is not overly expensive. It may be somewhere around $2,000 for a license."
"This is a cost-effective solution compared to other vendors, such as Cisco."
Cisco NGFW firewalls deliver advanced threat defense capabilities to meet diverse needs, from
small/branch offices to high performance data centers and service providers. Available in a wide
range of models, Cisco NGFW can be deployed as a physical or virtual appliance. Advanced threat
defense capabilities include Next-generation IPS (NGIPS), Security Intelligence (SI), Advanced
Malware Protection (AMP), URL filtering, Application Visibility and Control (AVC), and flexible VPN
features. Inspect encrypted traffic and enjoy automated risk ranking and impact flags to reduce event
volume so you can quickly prioritize threats. Cisco NGFW firewalls are also available with clustering
for increased performance, high availability configurations, and more.
Cisco Firepower NGFWv is the virtualized version of Cisco's Firepower NGFW firewall. Widely
deployed in leading private and public clouds, Cisco NGFWv automatically scales up/down to meet
the needs of dynamic cloud environments and high availability provides resilience. Also, Cisco NGFWv
can deliver micro-segmentation to protect east-west network traffic.
Cisco firewalls provide consistent security policies, enforcement, and protection across all your
environments. Unified management for Cisco ASA and FTD/NGFW physical and virtual firewalls is
delivered by Cisco Defense Orchestrator (CDO), with cloud logging also available. And with Cisco
SecureX included with every Cisco firewall, you gain a cloud-native platform experience that enables
greater simplicity, visibility, and efficiency.
Learn more about Cisco’s firewall solutions, including virtual appliances for public and private cloud.
Offered via the Check Point Infinity architecture, Check Point’s NGFW includes 23 Firewall models optimized for running all threat prevention technologies simultaneously, including full SSL traffic inspection, without compromising on security or performance. Learn More about Next Generation Firewall and What is Firewall?
Check Point NGFW is ranked 2nd in Firewalls with 150 reviews while Sophos Cyberoam UTM is ranked 5th in Unified Threat Management (UTM) with 21 reviews. Check Point NGFW is rated 8.8, while Sophos Cyberoam UTM is rated 7.6. The top reviewer of Check Point NGFW writes "Central architecture means we can see an end-to-end picture of attacks". On the other hand, the top reviewer of Sophos Cyberoam UTM writes "Useful data quota features, but scalability is an issue and the signature database could be enhanced". Check Point NGFW is most compared with Fortinet FortiGate, Azure Firewall, Palo Alto Networks NG Firewalls, Meraki MX and Juniper SRX, whereas Sophos Cyberoam UTM is most compared with Fortinet FortiGate, Sophos XG, Cisco ASA Firewall, Sophos UTM and Palo Alto Networks WildFire. See our Check Point NGFW vs. Sophos Cyberoam UTM report.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.