We performed a comparison between Check Point CloudGuard Network Security and Check Point UTM-1 [EOL] based on real PeerSpot user reviews.
Find out what your peers are saying about Netgate, Fortinet, OPNsense and others in Firewalls."We were looking for the VPN feature and controlling the inflow and outflow of all the traffic within the site and across the sites. We are also using it for the VPN and VLANs."
"I have found Fortinet FortiGate to be scalable."
"We are using the FortiGate 100D series. VPN, firewall, anti-malware, OTM, and intrusion prevention are useful features."
"Overall, the pricing of the solution is very good. The product offers good value."
"Its user interface is good, and it is always working fine."
"Consolidated our network environment at all locations, but mainly at our datacenter."
"We are very happy with the general bandwidth agility we have seen from one website to another website."
"What's most important is the ease of use."
"I like how straightforward it is and simple it is to implement in the cloud."
"We have found the overall functionality of the product to be exactly similar to the physical product. The one good advantage is that it is cloud-based and can be deployed either as a part of a scale set or one can shut down the virtual machine and adjust the physical parameters of the virtual machine easily and bring it right back up."
"As per the solution's blade design, there are many options. For example, you have to buy a UTM blade and an advanced malware blade, etc. If the blade license is there, we can configure from the firewall GUI."
"I like the tool's ability to manage cloud traffic locally without routing it through our data centers."
"Its integration and use of features, such as advanced threat prevention, have helped us a lot with malware prevention and also with avoiding exposure to false positives."
"It's possible to sync the Check Point Management with the cloud portal, therefore allowing automated rules to be set in place whenever creating a new VM."
"The easy management of the policies is great for us because we are a small team and having easy management is great and useful for us."
"Security effectiveness is the most valuable feature. Operational efficiency, reporting, and support are also good."
"The filtering was very good."
"The solution is very robust."
"The most valuable feature for us was to implement negligent functionality, to direct functionality to viewer control and application control so we could disconnect, and at the same time, we installed checkpoints. We disconnected our proxy."
"The databases and its signatures are its most important features."
"It safeguards against cyber attacks."
"The most outstanding feature is being able to centralize each of the functions in a single device."
"It provides visibility and drives organizational security."
"The UTM platform has been the most valuable."
"The updates Fortinet provides are sometimes unstable."
"With FortiGate, the main complaint that I have heard is about the technical support."
"Its customer service could be better."
"The firewall engine is not so strong as of now, in my opinion... My second concern is that, while they have Zero-day vulnerability and anti-malware features, the threat engine needs to be strengthened, its efficiency can be increased."
"The support system could be improved."
"The cloud features can be improved."
"There are some license issues. Not every feature must have a separate license. There must be some of kind synergy between the license so we don't have to pay for every individual license that we would like to have."
"Their software support needs improvement. I would prefer to have better support for bug fixes. Sometimes, we open a ticket, and it is very difficult to get a solution. Specifically, we are not at all happy with their support for load balancing."
"We did not use the AWS Transit Gateway, and that's one of the things that we're currently using. I believe we will be working with Check Point again, in the near future, to implement it, once they start having proper support for a single customer with multiple accounts. When we were using them, we had to install Check Point on each and every single account."
"While today we can manage some scopes, there are still some segments in the OSI layer we cannot manage."
"I would like to see a step-by-step initial installation of the firewall. That would be really helpful. Like in Oracle appliances, when you start it asks you, what's your current IP address? An initial setup should be a step by step and intuitive process. You click on "begin," it asks you some simple questions. You fill in the blanks - your current IP address, what you want to do, you want to set up a site to site VPN, for example, that kind of thing. That would be the smartest thing to have."
"CloudGuard Network Security needs to include new features. One specific feature I would like to see is the ability to protect external resources using single sign-on integration with various identity providers, including custom identity providers. Its pricing could also be cheaper."
"What I would like for future updates would be faster updates to apply, and perhaps a greater presence in the local language for the regions of Latin America."
"People don't know about the tool's features. There's a lack of skill. Users require more knowledge on how to integrate it into the cloud environment and orchestrate routing. So, it's not necessarily a CloudGuard Network Security or Check Point issue but more about integration, knowledge, and understanding."
"We miss full blade support for all blades that are compatible with the cluster. Especially notable is the lack of support for Identity Awareness in active standby environments for customers. In our setup, transitioning to Connective clusters would be preferable for maintaining connections during failover situations."
"The user experience might suffer if we don't have the time to follow up with our clients and ensure they are using the right options. Clients also want more local support in Portuguese and Spanish during their normal business hours. That's something I hear from my customers and my team, too."
"Some features that could be improved are advanced threat protection, sandboxing, and vulnerability management."
"I am not able to see a demo."
"The solution should be more user-friendly."
"Technical support was very bad because the supplier who sold it to us, wasn't very supportive, and he wouldn't giving us direct links to the OEM."
"The interface needs improvement."
"While the technical support is good, the Indian level technical support could use an upgrade."
"The solution could be improved if there was a better way to report. The reporting functionality is not really good. Even though it's not the major function. Maybe adding a way to make a custom report."
"What has been the issue of firewalls is they ask me for policies and content filtering application control and all these features that are now part of Harmony."
More Check Point CloudGuard Network Security Pricing and Cost Advice →
Earn 20 points
Check Point CloudGuard Network Security is ranked 12th in Firewalls with 112 reviews while Check Point UTM-1 [EOL] doesn't meet the minimum requirements to be ranked in Firewalls with 19 reviews. Check Point CloudGuard Network Security is rated 8.6, while Check Point UTM-1 [EOL] is rated 8.2. The top reviewer of Check Point CloudGuard Network Security writes "The solution has good threat emulation, threat extraction, and reporting features". On the other hand, the top reviewer of Check Point UTM-1 [EOL] writes "Great firewalls, VPN, and Intrusion prevention capabilities". Check Point CloudGuard Network Security is most compared with Azure Firewall, VMware NSX, Cisco Secure Firewall, Palo Alto Networks VM-Series and Akamai Guardicore Segmentation, whereas Check Point UTM-1 [EOL] is most compared with .
See our list of best Firewalls vendors.
We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Hi,
I've been working with gateprotect UTM recently. It's cost effective and much easy to work with compared to Fortinet and Checkpoint UTM.
http://www.gateprotect.com/en/Products/easy-use-eGUI
With the quick guide packed with screen shots, and clear simple instructions, you'll get to know how easy and simple it is to get the gateprotect UTM up and running in no time.
http://www.gateprotect.de/landing/start/start-en.html
Also note gateprotect UTM has been identified as a top choice for SMB in Gartner UTM firewall survey, which makes it a reliable product/solution.
http://www.gateprotect.com/en/gateprotect-identified-top-choice-small-medium-sized-businesses-gartner-utm-firewall-survey-0
http://www.gateprotect.com/en/gateprotects-positioning-gartner-magic-quadrant
Go for checkpoint
regards
kapil yadav
Hi
Both options are good but i would recommend the Cyberaom as i have had a
chance to work with it before.
Other options is Cisco Ironport .
Regards
Brian
Hi Russell,
I advise you to go with Sophos if not I advise you to go with Fortinet.
Did you ask your team to check Sophos demo I sent?
Regard
Maroun Jean Abboud
Mobile : 00961 70943122
Skype :maroun_abboud1
Both devices are good. Checkpoint is one of the market leader who gives a
good UTM solution. Fortinet is cheaper when compare to checkpoint and
flexible.
You may try the Paloalto which gives more attention on zero day attacks.
Thanks & Regards /*Ramesh M*
At this point in time all of the major firewall vendors marketing Next-Gen firewalls provides similar features. I recently participated in a 2 day meeting with sales and engineers with Fortinet. I have to say Fortinet has come a long way in the last few years and am beginning to like their product more and more. In terms of feature set the two products are nearly identical.
When comparing the two vendors there a clear separation in which product focus is clear. Fortinet is a major winner in their smaller units and provide the most bang for your buck. When central management with datacenter and enterprise sized firewalls are required you will find Checkpoint is the leader. In your question you mention CheckPoint UTM. When mentioning this I immediately think of the UTM-1N (old Model) or 620 (New Model). This is a standalone unit and is in the $500.00 - $800.00 range. A comparable unit would be a Fortinet FG-30D. These are the lower end units and I would not recommend them for a solution involving the number of product blades/features you have listed. I have a FotiWifi-60D for my home and it works quite well. I have all the blades configured and enabled. In my home we have 3 sometimes 4 occupants running games and/or streaming video constantly. We average 90GB of internet traffic a month. I have found the FortiWifi-60D able to keep up with the load but at times does peak in CPU and Memory.
A major difference between Fortinet and Checkpoint is their GUI. I find the Checkpoint GUI to be much more intuitive and easier adapt to for new users. Fortinet on the other hand, excels in the CLI with a Cisco/Avaya mixed interface and help structure. Checkpoint is Linux based and almost any Linux command functions on their systems, however, there is limited tab completion and no mid command assistance.
In regards to the firewall blade aka port based firewall I do not see one vendor being better than the other. I would leave this as a preference for what you are used to and what works best for you.
I am going to lump Web Filtering, Layer7- App Filtering together. Both Fortinet and Checkpoint have powerful next-gen capabilities. Both vendors approach web filtering application filtering in a similar way. Utilizing category based URLs and Applications with recommended risk levels. Fortinet published their application/web catalogs at http://www.fortiguard.com. Checkpoint published their URL categorization at https://www.checkpoint.com/urlcat/main.htm and Application Catalog at http://appwiki.checkpoint.com/appwikisdb/public.htm. At this time I can confirm Checkpoint has 6,578 applications identified while Fortinet has roughly 3,500 (Please confirm with your sales rep on this number as I got it from their catalog’s last displayed number of applications and it could have been a display limit rather than the total identified).
I do not have experience with Checkpoint’s IPS and Antivirus in an implemented production use so I can’t provide am accurate comparison. Based on Fortinet’s demos and my experience I would say that it is a comprehensive product. Due to Fortinet’s market (Non-enterprise businesses) and their licensing model (comprehensive of all features) they have a higher rate of discovery, writing a signature, and deploying it than Checkpoint. Also if you purchase the FortiSandbox (enterprise class product) you will have a good result for zero-day attacks.
In the VPN space I currently have a preference for CheckPoint. I find that their approach is very simple, easy to understand, and reliable. Fortinet provides a Wizard based configuration for their VPN tunnels as well as a manual creation process. I find the approach to be more complicated than it needs to be.
Note on Sizing… When it comes to FortiGate if you can afford it start your specs at FG-100D. I have found the lower models to have some quirks. If you are looking for a centrally managed solution Checkpoint includes base central management with all of their models starting at 1100. If you are going to centrally manage your firewalls I would suggest purchasing a VM based Open Server for management and logging. The equivalent would be a FortiManager.
I hope this helps,
Christopher L. Butler
Christopher L. Butler CCP-Network, CCA-Netscaler
We have chosen Fortinet after a long evaluation effort, while CheckPoint was our next best option. So you can't go terribly wrong with either. The reason we chose Fortinet is that it provided us a better bang for the buck. Be careful, however, with the advertized throughput of Fortinet devices as you often get only 50-70% of the advertized value, so size your devices accordingly.
One thing to consider is that UTMs are often not as good as a dedicated product, especially when it comes to web proxies. You should carefully consider your requirements and compare them with the capabilities of the UTMs you are considering. One tricky issue we are facing is web proxies for mobile devices, and there we are considering a cloud-based web proxy solution.
As far as dollars per protection, I would say Fortinet is your solution. I found this article pretty helpful: http://www.itgweb.com/blog/the-top-10-reasons-to-choose-a-fortinet-next-generation-firewall