We performed a comparison between Check Point Security Management and Netsurion based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The SSL VPN monitoring based on users and tunnel monitoring are great value-added features present in the management console."
"The solution is easy to use and comes with few vulnerabilities. You don't have to worry about release upgrades. Life cycle management is very easy."
"I love the URL filtering as well as the identification capabilities which link with the Active Directory and work for me even with bandwidth regulation. These allow me to select to whom to do what, and when."
"Check Point has been very effective in terms of threat management and comprehensive protection against vulnerabilities, and it has given us confidence that our data is not going anywhere."
"Regarding the tool's valuable features, I would say that Check Point is a very accessible and fast tool, especially when dealing with logs for the first time."
"As the security administrator, who is responsible for the day-to-day tasks (e.g. creating new firewall rules, monitoring the security alerts and incidents etc.) and the maintenance (e.g. installing the new Jumbo Hotfixes), I find the Check Point Security Management R80.10 to be the great solution."
"The reporting system provides real-time insights into the security situation and shows measures that can be taken to protect our data."
"Check Point management is one of the most complete solutions for managing Check Point Firewall appliances."
"I like the UI, overall. I like the main page and there are aspects of the search page that I like. When you bring it up on the left-hand side of the page, as you look at the events, the ability to simply hit and click the plus/minus to pull events in and out of the overall view is well done and is very effective from a threat-hunting and an analysis perspective. I like the detail it shows."
"If we need to do a search for user lockouts, we can go, search, and find locations where they have been locked out, then keep track of those events, historically."
"The SIEMs and managed service are its most valuable features. We get a weekly report from them which provides a culmination of them combing through millions of events which are triggered across our network every day and minute. Their information security experts basically boil that down to a report which I get emailed once a week. It identifies potential threats and the remediation that I should take to be able to quell those threats."
"I really appreciate the fact that the dashboard breaks everything down into a pretty easy view for me... It shows what changes are happening to privileged user accounts, access and identity, what's cropping up. It shows application activity and whether we've got system resources that aren't online and being found anymore. It's a pretty simple, easy, quick hit and there are the supporting logs behind it. If I need to drill down further, I can do that quickly. It's very effective."
"Their SOC team manages vulnerability management and IOC reviews. They stop bad processes when they happen. The best thing is their weekly reviews of what has been going on in the infrastructure as well as the things that they see and what we should look out for."
"The network alert is the most valuable feature. That way, we in the IT department are aware of user lockout and invalid password attempts way before a user ever even calls in."
"Expediting incident response is really great."
"When it comes to threat detection and response, it does a very good job detecting and blocking on its own. And the SOC is a nice added value because they're doing analysis on things that aren't as obvious, on things that you can't just detect with a signature or behavior. Also, any SIEM will come with a lot of noise, so having them do a lot of the initial analysis to find out what's critical and what issues are false alarms is very good."
"I would like to bind users to their network, as well as their local office machine."
"The management API can be further developed so that all functions offered by the dashboard are also available via the API (for example, Network Topology)."
"The migration from R77 Manager to R80 is a major upgrade. It's not very easy to do. There should be some kind of Wizard for a direct upgrade from the R77 to the R80. There should be an easy way for the customers to do the upgrade."
"The graphical interface is nice but it is a bit heavy."
"Check Point could possibly lighten up the software code so that it is not as resource-intensive and will run more smoothly on a variety of hardware and cloud or virtual machine platforms."
"If the SmartView monitor can be integrated in the R80.40 and R81 versions, that would be ideal in understanding the trends and graphs of how traffic is observed hitting the different Check Point Firewall Gateways that the Security Management controls."
"It would be great if the SmartView Monitor could become integrated into the SmartView Console Platform."
"SD-WAN functionality could be added."
"I would like to see the dashboard come up more quickly."
"The MITRE ATT&CK framework could be faster when identifying and understanding sophisticated threats. Whenever something happens, we usually get notified a couple hours later."
"Probably the biggest thing is just: Can I search for this and what's the best way to do it? If I'm looking for two events versus a singular event, I just throw it back at them. They're the experts on it."
"There are some issues with searches taking a long period of time, but they assured me that they have implemented a new search function that's available in version 9, but which requires a solid-state hard drive... Depending on how many logs you have it could take a long time to return the results if you're looking back prior to the last 30 days."
"The threat detection and response is passive. We have asked if there were options for taking action, and we have not gotten any feedback on that, which would be useful to know. Depending on the situation and threat, some actions may not be possible, but we haven't gotten any feedback on what options could be directed and actionable with the understanding that it may have an extra cost. It would be nice to know or find out if it is actually possible to take actions by a SIEM service or a SIEM agent."
"I'd like to see improvement in the ease of generating reports. It seems fairly cumbersome whenever you decide to start tracking new categories of events. It seems a little kludgy when trying to generate those reports."
"Netsurion's threat detection and response aren't quite mature. I would expect a little more."
"We get a report generated on a particular day of the week and we go through it, trying to mitigate problems and make sure we're seeing everything that's happening. It would be helpful if the SOC spent a little more time with us going through some of those reports."
More Check Point Security Management Pricing and Cost Advice →
Check Point Security Management is ranked 9th in Log Management with 55 reviews while Netsurion is ranked 4th in Managed Security Services with 24 reviews. Check Point Security Management is rated 8.8, while Netsurion is rated 8.4. The top reviewer of Check Point Security Management writes "Great DDoS protection, high availability, and useful firewall rule implementation". On the other hand, the top reviewer of Netsurion writes "The SOC center monitors, hunts, and notifies us of threats around the clock". Check Point Security Management is most compared with Wazuh, Fortinet FortiAnalyzer, IBM Security QRadar, LogRhythm SIEM and Splunk Cloud Platform, whereas Netsurion is most compared with Arctic Wolf Managed Detection and Response, CyberHat CYREBRO and Wazuh. See our Check Point Security Management vs. Netsurion report.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.