Check Point NGFW vs KerioControl comparison

Sponsored
Fortinet FortiGate
Read 312 Fortinet FortiGate reviews
  • 117,316 Views
  • 85,973 Comparison Views
90% willing to recommend
Check Point NGFW
Read 282 Check Point NGFW reviews
  • 26,193 Views
  • 16,046 Comparison Views
96% willing to recommend
KerioControl
Read 54 KerioControl reviews
  • 6,887 Views
  • 4,589 Comparison Views
88% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between Check Point NGFW and KerioControl based on real PeerSpot user reviews.

Find out in this report how the two Firewalls solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Check Point NGFW vs. KerioControl Report (Updated: May 2024).
Buyer's Guide
Check Point NGFW vs. KerioControl
May 2024
Download the complete report
Helped 789,135 peers since 2012
 

Categories and Ranking

Fortinet FortiGate
Sponsored
Ranking in Firewalls
2nd
Average Rating
8.4
Number of Reviews
312
Ranking in other categories
Software Defined WAN (SD-WAN) Solutions (2nd), WAN Edge (1st)
Check Point NGFW
Ranking in Firewalls
7th
Average Rating
8.8
Number of Reviews
282
Ranking in other categories
Unified Threat Management (UTM) (1st)
KerioControl
Ranking in Firewalls
29th
Average Rating
8.0
Number of Reviews
54
Ranking in other categories
Intrusion Detection and Prevention Software (IDPS) (18th), Unified Threat Management (UTM) (11th)
 

Mindshare comparison

As of June 2024, in the Firewalls category, the mindshare of Fortinet FortiGate is 22.6%, up from 20.2% compared to the previous year. The mindshare of Check Point NGFW is 3.1%, down from 3.9% compared to the previous year. The mindshare of KerioControl is 2.3%, up from 0.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Firewalls
Unique Categories:
Software Defined WAN (SD-WAN) Solutions
21.5%
WAN Edge
24.4%
Unified Threat Management (UTM)
18.3%
Intrusion Detection and Prevention Software (IDPS)
2.1%
 

Featured Reviews

TN
Mar 22, 2022
Secure, multifeatured, and user-friendly solution for protecting networks
What we like about Fortinet FortiGate is that it's fast. You can also use it immediately, e.g. you don't have to wait and apply the policy before you can use it. It's robust and offers immediate usage, unlike Check Point, which we noticed was a slow product. Fortinet FortiGate is also more secure, depending on how you set up the SD-WAN technology. We also like the zero trust access, arrays, and the EDR features on this product. It's also 100% more user-friendly, e.g. even when I worked with them configuration-wise. The availability of the support hotline and their knowledgebase articles, e.g. the Cookbook, help a lot. Those articles are accessible to everyone, and they're free. Whenever you implement a solution, you can run through Cookbook, then you can install the Fortinet certificate if you aren't able to, if you're stuck, but most of the time you are likely to get it right. The Cookbook explain everything straight to the point, and this makes it much easier.
Read full review
reviewer09751353 - PeerSpot reviewer
Oct 12, 2023
Easy to use and free of bugs with a good Smart Console
The only downside is that we are not able to have redundant VPN tunnels with our cloud environments. We tried many guides suggested by the CheckMates community and have not been able to easily capture packets in a PCAP file as we used to do with the ASDM Packet Capture Wizard. Finally, in the past year, we faced severe downtime that lasted many days due to a misconfiguration. Support wasn't able to detect it. We are allowed to add an automatic NAT in an object and install it in all three virtual firewalls that we have. I cannot imagine a real case that needs this option. This option should be totally removed. The destination MAC address for this object was flapping between the three virtual MAC addresses of the FW leading to a packet loss in our service up to 30%. Our manager found the root cause at the end.
Read full review
RB
Jun 25, 2020
VPN enables us to do remote work and we can better manage security
It is scalable up to a point that then you might have to use a user faster, bigger one, but on the whole, it is scalable. It's because based most installations I have are over 300. Whereas if they start to get really big, you'll need to increase the model to the next model up. In my company, it's me that manages and installs them all. We install, manage, and offer basic management and support. The environments we've installed for can go from three to 50 users. We've never had any problems with it not being able to manage the traffic.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature of Fortinet FortiGate is load balancing. It can provide central management and VPNA. Additionally, it has enhanced our security environment."
"The performance is good."
"The reporting and monitoring are very good."
"The reporting you receive out of this appliance is excellent. You will not need an external management system."
"The initial setup of Fortinet FortiGate was straightforward."
"Security solution with a straightforward and quick setup. It's a stable and scalable product."
"The most valuable features are the possibility of having one fabric for switching on security."
"The most important features with FortiGate are the web filter and application controls. We can control our internet usage and use the web filter for application purposes."
More Fortinet FortiGate pros
"The most valuable feature is the powerful, deep packet inspection engine."
"Check Point's rule management helped us simplify access control. At one point, we had more than 1,000 access control policies, and it was challenging to manage them all. We cut it down to 300 policies using Check Point's management features, and we are still working on reducing this further to achieve the best way to manage policies. Its logging and monitoring enable us to trace and investigate suspicious traffic."
"The firewall rule writing and object creation are the best and simplest I've seen on a firewall."
"The separate management feature of Check Point NGFW is very convenient."
"Check Point has a lot of features. The ones I love are the antivirus, intrusion prevention, and data loss prevention. Apart from that, there is central management through which we can integrate all the firewalls and support them. It makes it easy to manage all the firewalls."
"The Check Point firewall features for Next Generation Firewalls are excellent."
"It is easy to control from the central management system. For example, if we have 10 firewalls, and we want to push that same configuration among them, we can use this solution's central management system to do that simultaneously. So, there is time saving in that way. The time savings does depend on the situation. For example, if I am running half an hour of work on each firewall, that will take around 300 minutes. However, if I do this work from the central management system, then it will only take 30 minutes to push the same configuration to those same 10 devices."
"Its greatest asset lies in its user-friendly interface, making it exceptionally suitable and reliable for managing gateways."
More Check Point NGFW pros
"Its support is very good, and it is stable product.​"
"Kerio has improved my organization's security."
"The installation is straightforward."
"What I like the most about Kerio is that I can use the software appliance as a solution, so if the hardware fails for any reason then I can quickly replace it with hardware that I have in stock."
"The reporting needs to be improved. It is hard to get a domain."
"Kerio Control can be scaled easily."
"Technical support is good. They respond right away."
"It prevents people from visiting undesirable sites and ensures that they use the internet for their designated jobs."
More KerioControl pros
 

Cons

"The way everything is set up could be easier. Currently, people need a lot of experience and knowledge to administer it and to link it to devices."
"Some configuration elements cannot be easily altered once created."
"Web security solutions can be improved."
"The support is the main thing that needs to be improved."
"You do need some IT knowledge in order to effectively work with the solution."
"In the next release, maybe the documentation on how to use this solution could be improved."
"A sandbox would be good in order to be able to inspect the emails containing spam and be able to validate the emails that contain malware, prior to delivering to the customer."
"Fortinet FortiGate needs to improve to be on par with its competitors, such as Palo Alto and Sophos. They are the market leaders. Fortinet FortiGate needs to improve its capabilities. However, we are happy with Fortinet FortiGate."
More Fortinet FortiGate cons
"While the solution is good, we wish to have something that is a bit better, as the threats have evolved over time."
"There is room for enhancement in the support system in India."
"The Check Point TAC support has, in recent years, deteriorated."
"The virtual environment is not stable at all. We have some customers who are using the virtual environment feature, and sometimes it crashes. We have many tickets open and the response is not as good as expected. We have to wait months for a resolution."
"The current reporting capability needs to be parsed and edited to be appreciated by leadership."
"One area that they should prioritize is enhancing security gateways for protection against cyberattacks."
"The VPN setup could be simplified. We had to engage professional services for that. That's not a problem, but compared to other products we've used, it was a little more complex."
"Although very efficient, the product could be developed in a way that does not take a lot more system resources."
More Check Point NGFW cons
"I would like it if the interface section had multiple failovers. Although I do have three connections, just in case our physical cables get disconnected, I can only set up one failover as a backup. So, if for some reason our fiber and our AFM went down together, I would have to have it search for our 4G modem. I'd love to have extra backups running."
"They don't provide content filtering when it comes to search engine results. We had an incident on the network where a blocked site was showing up in search results. We are in a school environment, so we have blocked a site with some of the explicit content so that kids wouldn't see it. When one of them did a search, the results came on the search engine part. When you try to drill down to the website, it blocks, but when you search by image, it brings up all the images. That's one of the reasons why we are looking at Juniper."
"My experience with the solutions technical support is fine but they could be faster in responding."
"I would like to see them develop a bit more flexibility creating VLANs."
"The solution can be improved to create the capability for larger bandwidths that support our business needs."
"One of the problems we do have causes problems with the VPN. The software slows the throughput down too much. You could have a one-gigabit connection from the internet, and it slows it down to the area of upload and download is extremely slow. There's too much content filtering at that point."
"The trial duration of the product should be extended."
"I would like to be able to automatically send email from Kerio Control and have it tell me what my external IPs are, because on one of my lines I have a fixed IP address and on the other it is variable. If there were a permanent way for me to figure out, "Okay, my current external VPN and my firm IP is this," it would help. I need to know the IP address to connect with the VPN and, at the moment, one of the lines sometimes changes its IP address without me knowing it. It's a hassle to figure out what it is."
More KerioControl cons
 

Pricing and Cost Advice

"We find the most valuable aspect of this solution is the price. It is affordable, and cheaper than other firewalls."
"For medium and enterprise organizations, FortiGate is more affordable."
"The support subscription for the solution is annual. You are paying for support and there are two levels of support, professional and advanced."
"No comment."
"The pricing is flexible."
"Its pricing is fine. It is on a yearly basis. Other than the licensing fee, there is no extra fee."
"Licensing is usually on a three-year period."
"Work through partners for the best pricing."
More Fortinet FortiGate pricing and cost advice
"It is a notably expensive product in our country compared to FortiGate and other servers."
"The price could be better. I think Palo Alto pricing is high, and Check Point isn't much better. FortiGate is cheaper. I think when I implemented this solution, I recommended buying a yearly subscription."
"Palo Alto is somehow not as good as Check Point, budget-wise and performance-wise. Palo Alto is more costly than Check Point."
"It is quite an expensive product, although security is a top priority."
"The pricing and licensing are expensive. If you compare it with Fortinet, then it is cheaper on a yearly basis. However, Check Point is the most expensive firewall right now in terms of licenses and its appliance. My recommendation is if you want a long-term investment, then you should use an open server. If you use an open server, then the latency is really low. If you pay for a full appliance, it's more expensive."
"I don't see that Check Point is very high, but it is geared more towards enterprises."
"The pricing is good. It is less than Palo Alto's firewalls. Check Point has the same features as Palo Alto, but the licensing and cost of these firewalls are not too expensive. It is one of the best firewalls in the market in this range."
"The vendor has a very flexible licensing approach."
More Check Point NGFW pricing and cost advice
"It is priced low enough for entry-level, but it has the power to grow with a company without them having to replace it."
"The biggest advice that I could probably give people is when you buy the solution be prepared to either buy the unlimited license or buy more licenses than you think. Each user license gives you one employee and each a user gives you five devices. In the world nowadays where everybody has a cellphone, tablet, desktop, and laptop, that's four devices. You still get one more device per person. That covers your servers and back-ends."
"Licensing is easier with Kerio Control. With FortiGate, we realized the licensing is really hectic, because if you skip one year, you have to back pay that year. If you skip two years, you have to back pay two years. With Kerio Control, if a license expires, one year later you can just reactivate and go on."
"It is a good fit for SMBs because of its maintainability. When you want to keep your costs low, then Kerio Control is a very good solution. It's not an expensive product that is well integrated. It has a complete set of features within it that make it a very strong product."
"The price is inexpensive."
"I pay approximately $50 for the solution on an annual basis."
"It gives us a lot. It does prove to be a very robust product for the cost."
"GFI has made a stupid decision regarding small office licensing. For offices where there are only three to five employees and had five years towards a five user product, they now force these customers to a 10-year user license. I really don't understand it. It's a stupid decision for the small offices who want a good solution for security because they'll probably decide to go to another product. Why should they buy something that they don't use?"
More KerioControl pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Firewalls solutions are best for your needs.
See recommendations
789,135 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
21%
Computer Software Company
15%
Comms Service Provider
7%
Manufacturing Company
6%
Educational Organization
51%
Computer Software Company
7%
Financial Services Firm
5%
Government
4%
Computer Software Company
23%
Comms Service Provider
11%
Media Company
8%
Financial Services Firm
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the better NGFW: Fortinet Fortigate or Cisco Firepower?
When you compare these firewalls you can identify them with different features, advantages, practices and usage a...
See all answers
What is the biggest difference between Sophos XG and FortiGate?
From my experience regarding both the Sophos and FortiGate firewalls, I personally would rather use FortiGate. I know...
See all answers
What are the biggest technical differences between Sophos UTM and Fortinet FortiGate?
As a solution, Sophos UTM offers a lot of functionality, it scales well, and the stability and performance are quite ...
See all answers
How does Check Point NGFW compare with Fortinet Fortigate?
I have experience on both from Disti and channel experience. Please find below my comments (nothing new as such). -Ch...
See all answers
Which would you recommend - Azure Firewall or Check Point NGFW?
Azure Firewall is easy to use and provides excellent support. Valuable features include integration into the overall ...
See all answers
What do you like most about Check Point NGFW?
Check Point NGFW provides essential security, featuring no-obligation access for secure connections, strong intrusion...
See all answers
What do you like most about KerioControl?
The solution provides feasibility regarding cyber privacy.
See all answers
What is your experience regarding pricing and costs for KerioControl?
The pricing is reasonable. We have to pay approximately EUR 175 for the product.
See all answers
What needs improvement with KerioControl?
The pricing of the product can be improved. The trial duration of the product should also be extended.
See all answers
 

Comparisons

Sophos XG vs Fortinet FortiGate Logo
Sophos XG vs Fortinet FortiGate
Compared 19% of the time
Cisco Secure Firewall vs Fortinet FortiGate Logo
Cisco Secure Firewall vs Fortinet FortiGate
Compared 13% of the time
Netgate pfSense vs Fortinet FortiGate Logo
Netgate pfSense vs Fortinet FortiGate
Compared 12% of the time
Meraki MX vs Fortinet FortiGate Logo
Meraki MX vs Fortinet FortiGate
Compared 7% of the time
SonicWall TZ vs Fortinet FortiGate Logo
SonicWall TZ vs Fortinet FortiGate
Compared 4% of the time
More Fortinet FortiGate Competitors
Palo Alto Networks NG Firewalls vs Check Point NGFW Logo
Palo Alto Networks NG Firewalls vs Check Point NGFW
Compared 21% of the time
Sophos XG vs Check Point NGFW Logo
Sophos XG vs Check Point NGFW
Compared 8% of the time
Cisco Secure Firewall vs Check Point NGFW Logo
Cisco Secure Firewall vs Check Point NGFW
Compared 6% of the time
Netgate pfSense vs Check Point NGFW Logo
Netgate pfSense vs Check Point NGFW
Compared 6% of the time
More Check Point NGFW Competitors
Netgate pfSense vs KerioControl Logo
Netgate pfSense vs KerioControl
Compared 39% of the time
OPNsense vs KerioControl Logo
OPNsense vs KerioControl
Compared 9% of the time
Sophos UTM vs KerioControl Logo
Sophos UTM vs KerioControl
Compared 6% of the time
Sophos XG vs KerioControl Logo
Sophos XG vs KerioControl
Compared 6% of the time
Splunk User Behavior Analytics vs KerioControl Logo
Splunk User Behavior Analytics vs KerioControl
Compared 1% of the time
More KerioControl Competitors
 

Product Reports

Buyer's Guide
Fortinet FortiGate
June 2024
Fortinet FortiGate reportDownload Fortinet FortiGate product report
Buyer's Guide
Check Point NGFW
June 2024
Check Point NGFW reportDownload Check Point NGFW product report
Buyer's Guide
KerioControl
June 2024
KerioControl reportDownload KerioControl product report
 

Also Known As

FortiGate 60b, FortiGate 60c, FortiGate 80c, FortiGate 50b, FortiGate 200b, FortiGate 110c, FortiGate
Check Point NG Firewall, Check Point Next Generation Firewall
No data available
 

Learn More

Fortinet
Check Point Software Technologies
GFI
 

Overview

Fortinet FortiGate enhances network security, prevents unauthorized access, and offers robust firewall protection. Valued features include advanced threat protection, reliable performance, and a user-friendly interface. It improves efficiency, streamlines processes, and boosts collaboration, providing valuable insights for informed decision-making and growth.

Check Point NGFW is a next generation firewall that enables safe usage of internet applications by blocking malicious applications and unblocking safe applications. Check Point NGFW, which uses deep packet inspection to identify and control applications, has features such as application and user control and integrated intrusion prevention (IPS), as well as more advanced malware prevention capabilities like sandboxing.

Check Point NGFW includes 23 firewall models optimized for running all threat prevention technologies simultaneously, including full SSL traffic inspection, without compromising on security or performance.

Benefits of Check Point's Next Generation Firewall

  • Robust security: Check Point NGFW delivers the best possible threat prevention with SandBlast Zero Day protection. The SandBlast protection agent constantly inspects passing network traffic for exploits and vulnerabilities. Suspicious files are then emulated in a virtual sandbox in order to detect and report malicious behavior.

  • Security at hyperscale: On-demand hyperscale threat prevention performance provides cloud level expansion and resiliency on premises.

  • Unified management: Check Point's SmartConsole makes it easy to manage and configure network security environments and policies. With the SmartConsole, users can manage all the firewall gateways and access logs and install databases from one location. Unified management control across the network increases the efficiency of security operations and reduces IT costs.
  • Continuous logging: Check Point NGFW’s Threat Management feature detects vulnerabilities and logs them. Using the logged data, users can easily create and implement efficient security policies.

  • Remote access: The remote access VPN provides a seamless connection for remote users.

Check Point NGFW is suitable for organizations of all sizes, from small businesses to larger enterprises.

Reviews from Real Users

Check Point NGFW stands out among its competitors for a number of reasons. Two major ones are its intrusion prevention feature as well as its centralized management, which makes it very easy to deploy firewall policies to many firewalls with one click.

Shivani J., a network security administrator, writes, "Check Point has a lot of features. The ones I love are the antivirus, intrusion prevention, and data loss prevention."

G., a network administrator at Secretaría de Finanzas de Aguascalientes, writes, “Within the organization, the inspection of packages has given us great help in detecting traffic that may be a threat to the institution. The configuration of policies has allowed us to maintain control of access and users for each institution that is incorporated into our headquarters.”

Arun J., a senior network engineer, notes, “The nicest feature is the centralized management of multiple firewalls. With the centralized management, we can easily use and operate multiple firewalls as well as create a diagram of them.”

Kerio Control is a popular security product for small and medium-sized businesses. It is a next-generation firewall that provides unified threat management without complexity. Kerio Control provides advanced anti-virus protection and industry-leading web and content application filtering, and has a secure VPN.

With Kerio Control you can:

  • Preserve the integrity of your network.
  • Manage bandwidth to streamline traffic flows.
  • Improve productivity with filtering capabilities.

Kerio Control Features

Some of Kerio Control’s most valuable features include:

High availability, deployment flexibility, deep packet inspection, advanced routing, usage reporting, quick administering, intrusion detection and prevention (IPS), gateway anti-virus, VPN, web and content application filtering, and centralized administration with MyKerio.

Kerio Control Benefits

  • Eliminate downtime risks: Because Kerio Control offers high availability and failover protection, you can eliminate the risk and cost of connectivity or threat protection downtime.

  • Detailed reports: Kerio Control makes it easy to view individual users’ internet activity through detailed reports.

  • Traffic monitoring: Traffic monitoring allows you to manage bandwidth and makes it possible for you to control access to streaming video and peer-to-peer networks.

  • Server protection: Using Kerio Control’s advanced networking routing and deep packet inspection, you can protect servers.

  • Easily create policies: With Kerio Control, you can create both inbound and outbound traffic policies, and can also restrict communication by specific URLs, applications, traffic type, content category, or even time of day.

  • Snort-based analysis: Kerio Control gives you the ability to add a transparent layer of intrusion prevention with snort-based analysis along with a database of rule and blacklisted IP addresses that is regularly refreshed.

  • Optionally integrated anti-virus: WIth this feature, you can prevent viruses, Trojans, or spyware from entering your networks.

Reviews from Real Users

Here is some feedback from some of our users who are currently using the solution:

PeerSpot user Brian C., Senior Technology Specialist, VP at Unified Technology Solutions, writes "It is very comprehensive and simple. It has all the active protections. It's updated. We love that you can set how often it is updated so you can work on what is right for you. A large company with a lot of bandwidth can update the virus definitions and security definitions hourly, if they want. A smaller site that's remote, where maybe updating the definitions will eat into the bandwidth, we can schedule those more to go later at night. It's very flexible and works for us in all types of situations. This is great because then we don't have to learn seven different products to be able to work with seven different scenarios."

Andy D., IT Manager at Flare Technologies, praises how easy it is to use and says, "One thing we use quite a lot, as well, is the DHCP Server, because we do a lot of work where all our devices need to have static IP addresses. Rather than going around and configuring every box, we do it all through DHCP reservations. It's easier. We've got a record of it. We can manipulate it if we need to change something or change some hardware. It's all easy. Even guys who are not used to using it can pick it up quite quickly."



 

Sample Customers

1. Amazon Web Services 2. Microsoft 3. IBM 4. Cisco 5. Dell 6. HP 7. Oracle 8. Verizon 9. AT&T 10. T-Mobile 11. Sprint 12. Vodafone 13. Orange 14. BT Group 15. Telstra 16. Deutsche Telekom 17. Comcast 18. Time Warner Cable 19. CenturyLink 20. NTT Communications 21. Tata Communications 22. SoftBank 23. China Mobile 24. Singtel 25. Telus 26. Rogers Communications 27. Bell Canada 28. Telkom Indonesia 29. Telkom South Africa 30. Telmex 31. Telia Company 32. Telkom Kenya
Control Southern, Optimal Media
Triton Technical, McDonald's
Buyer's Guide
Check Point NGFW vs. KerioControl
May 2024
Free Report: Check Point NGFW vs. KerioControl
Find out what your peers are saying about Check Point NGFW vs. KerioControl and other solutions. Updated: May 2024.
DOWNLOAD NOW
789,135 professionals have used our research since 2012.
See our Check Point NGFW vs. KerioControl report.
See our list of best Firewalls vendors and best Unified Threat Management (UTM) vendors.

We monitor all Firewalls reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.