Share your experience using Ivanti Application Control

I've been using Check Point Application Control since the last three years, where I've been an administrator for Check Point firewall. Within that span, I have encountered multiple clients where Application Control was being used.

My main use case for Check Point Application Control is mostly for granularization of what to access and what not to access, particularly for a client with more than 3,000 users. For such a large number of users, it's always a hectic task for the administrators to give granularization on what the client has access to and what they do not. So, with the help of Check Point Application Control, we can define the granularity that reduces the risk of unauthorized access and potential breaches. Additionally, it has helped us improve efficiency and enhance real-time threat prevention capability.

I have unique scenarios where Check Point Application Control made a difference in a client environment that wasn't categorized, resulting in bandwidth issues. When we implemented Check Point there, we granularized the teams by categorizing what all access each team needed, which helped us improve bandwidth efficiency overall.

The best features of Check Point Application Control are advanced threat detection, SSL inspection policies, application categorization, and custom application detection, all of which stand out due to the zero trust security model Check Point follows along with several other enhancements.

The custom application detection feature in Check Point Application Control has been helpful in my environment where we define access for different teams. For instance, the HR team needs access to Facebook and other social media platforms, while the marketing team requires access to promote new features and products we are implementing. By regulating application-centric access, we increase the overall productivity for users while restricting them from browsing non-essential sites.

Application categorization and SSL inspection are crucial because to achieve full effectiveness of application control, it is necessary to have HTTPS inspection enabled.

Check Point Application Control has positively impacted my organization by increasing productivity and optimizing bandwidth. By filtering out the level of access that users have, we limit potential threats from malicious links, ultimately increasing both security and user productivity.

I can share metrics reflecting the impact of Check Point Application Control, where we have seen a reduction in the number of tickets created, indicating fewer incidents. Also, bandwidth has been optimized, especially after categorization where we previously faced overutilization issues.

Check Point Application Control could be improved, particularly regarding the application categorization accuracy as we often face miscategorization issues. The database should be updated properly to avoid misclassification and ensure 100% accuracy.

I see a needed improvement in the categorization where a gaming site might be categorized under sports or gambling. For instance, I blocked it under gambling but also allowed it in games, causing issues where the site sometimes gets opened incorrectly. This is an area where Check Point can enhance their service.

I've been using Check Point Application Control since the last three years.

In my experience, Check Point Application Control is stable.

The scalability of Check Point Application Control is commendable as it can handle organizational growth effectively.

I've reached out to customer support for Check Point Application Control, and the experience was good. The tech engineers are knowledgeable and supportive, with prompt responses, although I believe the response time could be improved.

I would rate the customer support for Check Point Application Control at nine out of ten.

Positive

I did not previously use a different solution before Check Point Application Control.

The initial setup with Check Point Application Control is straightforward and very simple.

I have seen a return on investment with Check Point Application Control, with increased productivity as users no longer spend time on unnecessary applications. By restricting access to only what is required, the productivity has increased, which results in greater value for the organization.

My experience with the pricing, setup cost, and licensing for Check Point Application Control is that the pricing is a bit high, but the features provided justify the cost. The features that Check Point offers are extensive and worth the investment.

Before choosing Check Point Application Control, we evaluated Palo Alto as well, but I find Check Point's level of categorization and database readiness for application control to be more user-friendly and comprehensive.

Check Point Application Control is deployed on-prem in my organization.

My advice for others looking into using Check Point Application Control is to definitely consider it if you already have security needs.

Overall, Check Point Application Control is an awesome product that can definitely be used to secure environments.

I rate Check Point Application Control nine out of ten.

My main use case for Check Point Application Control is controlling application access as per client requirements. The LAN users try to access various applications randomly, but with respect to business requirements, users should access only business applications such as Teams and FTP. For the marketing team specifically, they should have access to Facebook, while other users should not have access to Facebook and social media platforms. We have implemented this type of use case for the client.

This use case fits into my daily workflow by providing a particular scenario where Check Point Application Control made a difference for my client. For example, the marketing team has access to Facebook and other social media platforms for marketing purposes, while other users can only access business applications such as Teams. This provides a granular level of control over which applications users can access. With Facebook, users can view posts but cannot post anything or chat on the application, achieving granular level control in particular applications.

Check Point Application Control offers features that control around 4,000 users through the Check Point firewall. This application control is one of the blades of the Check Point firewall, which helps us control user traffic based on which applications users should access and which they should not, with respect to company or organization compliance policies.

Changes in network performance are noticeable after implementing Check Point Application Control. Restricting users from visiting unnecessary applications improves the bandwidth, meaning the bandwidth is utilized only for desired applications or required tasks.

Check Point Application Control has positively impacted my organization, as I have seen improvements in security and compliance. Another important factor is that unnecessary bandwidth is not getting utilized; only the required applications get higher priority. For example, Teams voice calling takes priority. If users wanted to browse on YouTube and stream videos, that would consume bandwidth, but after blocking unwanted social media platforms and streaming sites, we prevent unnecessary bandwidth utilization, allowing it to be used for desired tasks.

Check Point Application Control can be improved, particularly in policy management. When we add applications in the policy, we currently have the option to select individual applications, but a feature allowing categorization of applications based on types, such as social media applications, would make it easier to add multiple or bulk applications in the policy. This feature would be very valuable if introduced.

Feedback from management about how these changes improved productivity and network performance has been positive. Users were spending their time watching videos on YouTube or streaming content, wasting time on Instagram and Facebook while in the office. Managers complained about this, leading to compliance policies being defined to restrict access to these kinds of applications.

I have been using Check Point Application Control for more than one and a half years as an administrator.

Check Point Application Control is stable; I have not faced downtime or issues with reliability.

The scalability of Check Point Application Control is good. I have not needed to scale up or down, and the process has been smooth.

Customer support for Check Point Application Control is fair and good, and I have reached out to them with satisfactory results.

Neutral

I have not previously used a different solution before Check Point Application Control.

The initial setup with Check Point Application Control is not very complex. If you know Check Point firewall, then it is easy to implement.

If you want to implement Check Point Application Control, I advise you to implement HTTPS inspection for it to work 100% perfectly. Without HTTPS inspection, it may not function perfectly, as it will scan or judge applications based on their ratings. Additionally, implementing HTTPS inspection will yield better outputs and correct results.

I have seen a return on investment since implementing Check Point Application Control. We can say that 4,000 users are now accessing only legitimate business applications rather than wasting time on other applications that utilize unnecessary bandwidth. If we hadn't implemented Application Control, we might have needed to increase bandwidth for the users, which saved costs from that perspective. Additionally, users stay focused on their tasks, ultimately helping the organization save time, and from a security perspective, there are no disruptions seen.

The pricing, setup cost, and licensing of Check Point Application Control are higher than other vendors, but it justifies the features offered. The licensing is straightforward.

I evaluated Palo Alto before choosing Check Point Application Control. I noticed that in Palo Alto, we don't get a granular level of application management as we do in Check Point, which has a large database for the applications, making it easier to implement policies.

The process for setting up specific rules for user groups is straightforward. To work efficiently, we have to implement HTTPS inspection, which is important to work perfectly. The rest of the configuration process is very straightforward.

That level of detail is important for my clients because it prevents users from posting any internal information on social media platforms, which is crucial for our organization.

We are a partner of Check Point, so we have a business relationship with this vendor beyond just being a customer.

I use other tech products such as FortScout, FortiADC, and Netskope.

You can use my real name and company name when publishing my review.

On a scale of 1-10, I rate Check Point Application Control a 9.