We use the solution for VPN with multifactor authentication, IPS protection, and threat emulation. We have deployed the product in the cloud data center.

It's very easy for management to understand workflow and everything.

Check Point Tech Support will not assist with new configurations if we encounter any issues during the configuration process. They only provide support if there are issues with existing configurations.

I have been using Check Point Security Management for four years.

The solution is stable.

It is 100% scalable. Behind the firewalls, around 25 web applications are accessed daily. Each application can be accessed by up to one lakh people every day.

Support is good.

Positive

Previously, I worked with FortiGate, and integrating that product with cloud platforms was very difficult. The workflows were overly complex, and the documentation was inadequate.

Check Point is superior to other security vendors. Their signature database, which includes antivirus, IPS, and anti-malware, is highly advanced. The system is easy to understand, and deployment via the web interface is also straightforward.

For example, during the COVID-19 pandemic, a new vulnerability known as Log4j emerged. While many vendors were unaware of this vulnerability, Check Point promptly emailed all its customers to inform them. They reassured customers that their gateways already had predefined prevention signatures to protect against this threat, requiring no additional action. 

The initial setup is straightforward. Fresh deployment and creating the gateways will take approximately three to four hours.

With Fortinet, managing the product through cloud formation can be difficult to implement in a cloud environment because it's not straightforward. First, we need to spin up some VMs and configure everything manually. In contrast, Check Point provides a more seamless cloud formation process. With Check Point, you click on the cloud formation option, and the VMs and necessary configurations are automatically set up. You will get GUI access quickly.

Only two resources are required. One knows Check Point, and another guy knows the cloud platform where they want to deploy the gateway.

The integration process is straightforward. If you have some knowledge of your cloud service provider, you can easily integrate with it.

It has improved over the past four years. Previously, pushing any policy from the management server to the security gateway could take around ten to fifteen minutes. However, this task is now completed in about one minute with the new firmware version. This improvement demonstrates the substantial advancements made in the Management of Check Point products. It continuously updates its products to align with security standards and market awareness. They implement these updates in their own unique way. It is a strong player in the security market and has a long-standing presence. Their solutions are reliable and trusted for real security needs.

Maintenance is very easy.

First, we will thoroughly understand their requirements. Once we understand clearly, we will design tailored solutions for them. Next, we will present these solutions to the customer for review and discussion. Following their approval, we will run POC, collect evidence as required, and submit the comprehensive report.

Overall, I rate the solution a ten out of ten.

We use the product as a perimeter and core firewall for multiple clients at different locations.

We have physical Smart-1 appliances and virtual appliances in our environment. We merged all of the old managers into these managers and managed to centralize the management of firewalls and see the logs altogether.

We are using management API for large configs, and clear rules, blocking malicious IP addresses with SAM rules, and migrating the VLANs with it.

We have deployed Check Point high-end firewall UTMs to medium business-grade devices with different models. We also have a cloud-based Check Point firewall for one of our clients. It's easy to manage either centrally or as separate devices. We use them for network security including firewall rules, NATTing, Web application access, IPSec VPN tunneling between offices and cloud services, user VPN clients for access from home, data encryption, anti-malware/anti-virus solutions, and as network gateway devices for routing and DNS.

Check Point's management portal and firmware are very stable and don't require frequent maintenance. Their IPSec tunneling is very stable, especially with Azure and AWS networks.

Access to detailed network logs in real time helps us decide and take prompt action to block and fix threats.

Centralized management is great. With this, we manage all of Check Point products from one central management, we can apply rules, and NATS and manage app and URL Policies, threat prevention, and IPS protection rules.

Secondly, centralized log and report management is important. We can distribute logs to our log appliances with centralized management and view logs without logging additional devices.

HA Structure provides good coverage and works fine. With the HA structure, we can manage two data centers as one, and this is helping much.

We can keep old revisions, and with that, we can check or revert to one when needed.

The most valuable aspects of the solution include:

• IPSec VPN Tunneling, 
• DDoS Protection, 
• HÀ and Clustering, 
• Firewall Rules, 
• Proxy support, 
• Revision history
• Detailed audit log, 
• Smart Event
• Filter syntax.

These features are easy to configure and offer multiple options to set them up with cloud services and other vendor firewall products.

We can always feel secure if some things go wrong, I'm sure that we can restore to the old one.

We can apply centralized proxy settings to get additional databases when we need them.

We can get a graphical view of the traffic and provide history when we need it.

We didn't find any major feature missing or lacking in Check Point products that we used. We'd just like them to continue to improve their products with new features and updates.

However, license update and upgrade processes can be made a little easier.

Also, I'd like to see more integration possibilities between Check Point and other vendor security solutions.

The Check Point SandBlast platform could also be merged with the Check Point GAIA platform for a central management console and easier controls.

I have been using Check Point for more than 10 years for different clients.

The solution is highly scalable.

Check Point's knowledge base is very vast and provides lots of information if we need some help. The community is very helpful as well.

Positive

We have multiple clients and use different technologies, so we work on other vendor products also.

We have a professional service team that we work together for setup-related work to Check Point appliances.

We handle the initial setup in-house.

We have multiple clients and use different technologies, so we work on other vendor products also like Cisco ASA, FTD, Palo Alto, FortiGate etc.

Overall I am fully satisfied with Check Point

The main function is to securely manage and deploy configurations to firewall devices and logs through its security management console. We configure and test all settings within the security manager and subsequently push these configurations to the relevant firewall devices.

Check Point Security Management in cloud environments focuses on securing cloud services and managing traffic within the cloud environment. Network security typically involves managing Layer 3 to Layer 4 services. Access Control Lists are used to secure network access.

It offers numerous features and blades, including intrusion prevention (IPS) and malware detection. It excels in network security and VPN capabilities, including IPSec VPNs. IPS is particularly powerful due to its signature-based detection, which automatically checks for and identifies malicious software.

Check Point is highly regarded for its effectiveness and the three-layer architecture for security, comprising the client, Security Management, and secure management console, integrated with firewall capabilities. This architecture differentiates it from other security solutions like Palo Alto, Cisco, and FortiGate. Our files are more secure against potential compromises with three layers, as configurations are managed centrally on the Management servers. The SmartConsole facilitates easy configuration and management, aligning with modern automation trends. Integrating Check Point with AI and API security features enhances its effectiveness and user-friendliness. Customizable logs tailored to sources, businesses, and IPs can be automated for delivery via email, ensuring accessibility without needing to log into devices directly.

I have been using Check Point Security Management as a partner for ten years.

The product is stable. I rate the solution’s stability a ten out of ten.

600 users are using this solution.

I rate the solution’s scalability a ten out of ten.

There are multiple ways to contact Check Point Security Management, such as phone calls, chats, and emails. We receive responses based on the ticket's priority and the business need.

Positive

The initial setup is straightforward and takes three hours to complete. I rate it a ten out of ten, where one is difficult and ten is easy.

The product is a bit expensive. It has yearly licensing, costing around 48 bucks.

It is very effective nowadays due to its ability to provide feedback from DDoS attacks and man-in-the-middle attacks, which are powerful and useful in today's enterprise scenarios. It integrates with various software APIs and provides web firewalls and security, which are crucial in security. These features protect against DDoS attacks, man-in-the-middle attacks, and other implementation vulnerabilities. It provides security and ensures that our services are available 24/7.

I recommend the solution because it is proactive and easy to use.

Overall, I rate the solution a nine out of ten.

We utilize the security management solution to oversee all our Check Point products, including firewall, IPS, and antivirus policies. It serves as our primary tool for managing all Check Point devices.

Check Point Security Management excels over Forti Management in daily operations, policy management, and graphical interface. It is easy to open and edit policies, search within them, and view logs.

The only issue is that, you need to install an application instead of managing it through a browser. Thus, it requires installation. Additionally, it can be slow when multiple users access the manager simultaneously. Even with increased CPU and memory resources, some performance issues may still occur when multiple users check simultaneously.

I have been using Check Point Security Management for ten years.

Sometimes, we encounter crashes while working on Check Point Security Management, necessitating application restarts. We also face connectivity issues with certain firewalls, making it less stable than other products.

The solution’s scalability is good ; adding more CPUs and memory can give you more gateways.

20 managers are using this solution.

I rate the solution’s scalability a nine out of ten.

We currently have at least two or three cases open, and some are regarding demand. We struggle to find a good engineer who can truly help us instead of just sending some comments for us to run and provide feedback. They need to improve, especially in their initial client support.

Positive

The initial setup is complex.

Compared to Forti Management, Check Point Security Management involves much more work and is more difficult. You need to establish connections to all the firewalls manually, one by one. However, with the function manager, you point the firewall to the manager and accept it on the Management, and it's done. Additionally, you need to manage certificates on Check Point, making the process less straightforward than FortiManager. 

You depend entirely on the manager to edit the security gateway policies. If the manager encounters an issue with Fortinet, you can still access the FortiGate and delete policies. In Check Point, you cannot delete firewall policies directly on the firewall itself if you encounter a Management issue.

Deployment, including firewall synchronization, takes about four days to complete.

You usually need to create and use the VM Manager VM. So, you need to deploy the VM, configure the IPs, and install the Check Point console software. Then, you need to perform an SIP IT connection to all the firewalls to manage them. After that, you need to configure the firewall networks and public IPs. 

I rate the initial setup as seven out of ten, where one is difficult, and ten is easy.

The product is more expensive than Fortinet. We need to pay the license for the Management. I rate the product’s pricing a seven out of ten, where one is cheap and ten is expensive.

It enhances our daily operational efficiency. Therefore, all management personnel prioritizing working on Check Point policies over Fortinet would benefit. However, maintenance upgrades, backups, snapshots, and synchronization between primary and secondary management can become cumbersome. These tasks tend to be more challenging and time-consuming.

The learning curve for Check Point is quite steep. Sometimes, when we recruit new members to our company, they take a lot of time to understand how our Check Point system works, including the connection between the Management and the firewall, among other components. With Fortinet, it takes only two or three weeks for them to get acquainted with everything. With Check Point, they need at least three months to become accustomed to upgrades, managing policies, and maintenance of the Management system. So, it takes at least three or four times longer than with Fortinet.

AI is essential for correlating logs and presenting the ones that matter. They could strengthen how they present logs by giving more attention to the ones that matter most.

Check Point is easy to use, allowing users to drag and drop objects effortlessly. However, it's essential to note that deploying and maintaining the solution may require a bit more expertise than some competitors.

Overall, I rate the solution an eight out of ten.

Check Point Security Management Server is a comprehensive solution designed to streamline and centralize the management of security policies across an organization's network infrastructure. 

One of the standout features of the Check Point Security Management Server is its ability to manage security policies across multiple Check Point security gateways centrally. This centralized approach simplifies policy deployment, monitoring, and updates, making it easier for administrators to maintain a consistent security posture.

The Check Point Security Management Server has the ability to centrally manage security policies across multiple Check Point security gateways. This centralized approach simplifies policy deployment, monitoring, and updates, making it easier for administrators to maintain a consistent security posture. 

It offers high-performance capabilities to handle large volumes of traffic while maintaining low latency, ensuring minimal impact on network performance. This product greatly improved our company customers and allowed us to implement the solution easily.

The most valuable aspects of the solution are:

1. Centralized Management: It can centrally manage security policies across multiple Check Point security gateways. This centralized approach simplifies policy deployment, monitoring, and updates, making it easier for administrators to maintain a consistent security posture. 

2. Intuitive User Interface: The management console provides an intuitive user interface that allows administrators to configure and monitor security policies with ease. The interface is well-designed, with clear navigation and comprehensive options for managing security rules, network objects, and logs. 

3. Comprehensive Security Features: Check Point Security Management Server offers a wide range of security features, including firewall, intrusion prevention, VPN, application control, and threat prevention capabilities. These features work together to provide multi-layered protection against various cyber threats.

Check Point Security Management Server integrates seamlessly with other Check Point security products, providing a cohesive security ecosystem for organizations. It also offers compatibility with third-party security solutions, however, it is not a lot. This needs to be improved.

Check Point offers comprehensive product support and documentation, including online resources, knowledge bases, and technical support services. This ensures that administrators have access to the assistance they need to deploy and maintain the Security Management Server effectively, but when customers raise issues, the support is not satisfactory and timely.

I've used the solution for more than one and a half years.

We use the solution mostly for policy pushing to other gateways.

We deployed the tool for a customer. They faced an attack, but Check Point did not allow it. Check Point does not allow unauthorized access to the network. It just sends a message to the person saying they are not authorized to access the network. The exceptions work very well. Most of the attacks go through the web path. The tool does a good job of securing the web path.

We can easily push the policies to any of our gateways. The solution manages the gateways. It works well with other products. It integrates well with Cisco products, too.

The tool is expensive.

I have been using the solution for the last two years.

The tool is very stable. The equipment is never down.

We have more than ten customers.

The support is very good. We get a response immediately whenever we enter a support request on the website. We do not have to wait for one or two hours. The team also offers remote support. The support provided by Check Point is one of the best in the market.

We have most of the products on-premise. We have only one client on a VM. Check Point offers training for their products. They usually send us a link every time they launch a new feature. Unless we go through the tutorials, it will be difficult for us to deploy the solution. However, it is easy to deploy when you know how to do it. It is easy to navigate if we have read about the gadget.

The tool is expensive. However, if we buy Check Point Security Management, we do not have to buy anything else. We get all the features we need in a single solution. We get value for our money.

If we want to troubleshoot, we just have to log in to the SMS. Everything is listed there. We just have to log in to the gateway we have an issue with. We need not go to the server rooms. I see no improvements needed in the product. The other gateways and SD-WAN could be improved. If someone wishes to use the product, they have chosen the best option. It provides security, reliability, and support. Though it is expensive, it is the best. It has all the features we need. The product is absolutely excellent. Overall, I rate the tool a ten out of ten.

We utilize Check Point Security Management for our daily security operations, including managing firewall rules, reviewing alerts, and generating reports on a weekly basis.

We've integrated Check Point Security Management with some of our business associates' portals for HR, finance, and payroll activities, which are outsourced. Check Point alarms us about any version changes on these sites, allowing us to block unauthorized changes. So far, we haven't encountered any serious incidents that require immediate action. We receive incident reports, but they usually involve blocked or quarantined threats rather than major security breaches. Additionally, our internal management console provides us with alerts, adding another layer of security monitoring.

Over the past 1.5  years, we've started monitoring it more regularly, analyzing alerts closely. The most beneficial features for us are the alert classifications, which help us prioritize critical issues, and the detailed reports that provide insights into attack origins and purposes, such as TLS violations or content violations. 

While we use a cloud-based Security Control console, we primarily conduct in-depth analysis of reports on a weekly basis to enhance our security posture.

Check Point EDR has room for improvement, especially in the area of Data Loss Prevention where it currently lacks functionality. 

I'd also like to see enhancements in content filtering and categorization features.

I would appreciate the ability to restrict forwarding of confidential documents to specific groups, ensuring tighter security measures.

I have been using Check Point Security Management for the past 1.5 years.

I would rate the stability 9 out of 10. 

I would rate the scalability 8 out of 10. 

We faced issues, but with the help of tech support, it was solved. It took almost one week approximately to set the solution through firewall.

We rely on tech support to enhance our capabilities.

We have a small, focused team of four engineers.

Currently, we only use Check Point and are satisfied with its benefits in terms of time-saving and security performance, estimating a 30% time savings.

The pricing can be estimated around 3 or 4 out of 10 in terms of expense.

I have evaluated another product before Check Point but found the local account manager to be more aggressive.

I would rate the product overall at 8 out of 10, mentioning that while functionalities are there, improvements could be made to make it more user-friendly for laymen, such as incorporating drag-and-drop functionality.

We use the product as a primary gateway firewall for all offices at different locations. 

We have deployed their high-end firewall UTMs to medium business grade devices 1400 series. They are easy to manage either centrally or as separate devices. We are using them for Network security including firewall rules, NATTing, Web application access, IPSec VPN tunneling between offices and cloud services, user VPN clients for access from home, data encryption, anti-malware/anti-virus solutions, and as network gateway devices for routing and DNS.

We have seen tremendous improvement in the overall security of the organization's IT assets. We performed Pen Tests and External vulnerability audits on our network and we always scored top-rated thanks to Check Point. 

Their management portal and firmware are very stable and don't require frequent maintenance. Their IPSec tunneling is very stable, especially with Azure and AWS networks. 

Access to detailed network logs in real time helps us decide and take prompt action to block/fix threats. 

The most valuable aspects of the solution include:

• IPSec VPN Tunneling: they are easy to configure and offer multiple options to set them up with Cloud services and other vendor firewall products over certificates, shared keys etc.
• DDoS Protection: Firewall cleverly handles such attacks without compromising on performance.
• HA and Clustering: Seamless load management and High Availability between nodes of firewall clusters.
• Firewall Rules: You have access to set up rules at a very granular level and all are accessible through the GUI platform as well as over CMDLET.

We didn't find any major feature missing or lacking in Check Point products that we used. We'd just like them to continue to improve their products with new features and updates. 

We'd like to see more and more integration possibilities between Checkpoint and other vendor security solutions such as Malwarebytes, SIEM solution providers, and standalone vulnerability scanners.

The Check Point SandBlast platform could also be merged with the Check Point GAIA platform for a central management console and easier controls.

I've used the solution for more than ten years.

The solution is very stable compared to peers.

The solution is highly scalable.

Technical support is satisfactory, however, it takes some time to escalate your ticket.

Positive

We did use Sophos and Cisco ASA, however, they were either complicated products to manage or lacked features.

The initial setup wasn't difficult after you attended free platform support sessions by Check Point.

We handled the initial setup in-house.

We evaluated Sophos, Cisco ASA, SonicWall, and FortiGate.

One of the recent use cases for this solution has been related to a power company, which was facing issues but was able to get its infrastructure secured and get back its business continuity and growth. In addition, its management was able to get back its confidence with solutions or services provided by Check Point.

The client was able to quantify its security elements. As a result, a strong defensive framework was developed. Deployment of Check Point's solution resulted in the evasion of any existing and potential threats.

Check Point is not just a firewall. They deliver everything including IPS, application control, threat emulation and extraction, identity awareness, and more. In line with the quantum security gateways, other elements and services as provided by Check Point have also proven to be very helpful and reliable in keeping the company environment secured. The organization has also gone a great mile to tag itself as a proactive threat elimination expert in the industry viz a viz its competitors.

Harmony Endpoint is one of the great solutions by Check Point; it ensures compliance with policies and minimizes the risk of threats entering through endpoints. 

It's a great complete endpoint security solution that prevents the most imminent threats to the endpoint such as ransomware, phishing, or malware. 

It has proved to be very successful in identifying ransomware behaviors such as file encryption or attempts to compromise operating system backups and safely restore ransomware-encrypted files automatically. 

While the console and administration work well, they have to work on performance since it consumes a lot of CPU and memory. There is also latency in the administrative panel when entering. There has been a problem with updating licenses as well. There is ground-level feedback based on interaction with the relevant stakeholders that states implementing it would make a major difference in the overall experience.

I've used the solution for two years.

The solution has not caused major deviations and the historical experience has been quite good. The stability and reliability of the solution is pretty much appreciated

The overall impression of the scalability is good and impressive.

Technical support has been pretty good.

Positive

I have been involved with a lot of other partners in parallel, depending on the requirements of the customers.

I am not directly involved in the setup and deployment of the product.

The implementation was handled by an in-house team.

I've witnessed an ROI of 25% to 30%.

Users should actively evaluate the existing options available in the market and finalize the one that matches their requirements, budget, and priorities. Check Point can definitely be considered based on my personal experience.

The choice to evaluate would not be my personal decision but the requirement raised by the customers.

Our use cases are protection infrastructure in a financial corporate environment.

Check Point firewalls meet all the PCI guidelines that regulate players in the financial market.

The support is pretty incredible.

There is room for improvement in reliability. 

I have been using this solution for ten years. I worked from version 840 to 8120.

I would rate the stability a six out of ten.

It is very scalable. I would rate the scalability for this solution a ten out of ten.

I initially took Cisco training for routers, switches, and firewalls. I did actually work up the Cisco firewalls long enough to convert them to Check Point.

The initial setup was complex. But that was really the fault of Check Point just because we deployed it into the Google Cloud environment, and their environment is a little different.

We have security management deployed on-premises and on the cloud.

The pricing is about par for the enterprise-class firewalls.

Palo Alto and Cisco. And the reason for going with this solution was the price.  So, with Cisco, it was priced. We actually checked the overall price of the cost of ownership. When you talk about support costs and everything else, was cheaper than Cisco. And with Palo Alto, also had reliability issues that could not be overcome by their support.

I definitely recommend it, but unless you're fully trained and experienced on Check Point, you should get the better support program. 

Check Point has support rep programs that go all the way up to putting one of their own people in your business to help you. Then, they have support programs. If you're an expert, you just need to be able to download updated files and stuff. They have support programs like that, too. The worst possible situation is if somebody isn't really skilled with the thing and they cheap out on the support program, and they'll just flounder.

Overall, I would rate the solution an eight out of ten.