Share your experience using Ivanti Application Control

My main use case for Check Point Application Control is to allow necessary applications while blocking others, ensuring efficient usage.

Check Point Application Control has improved our organization by giving us greater visibility into application usage, enabling us to block risky or non-business applications, prioritize bandwidth for critical services, and enforce compliance policies more effectively, which has strengthened overall security and boosted employee productivity.

The best features Check Point Application Control offers are the ability to identify thousands of applications and sub-functions, for example, Facebook Chat or Facebook Post, and user and group-based policy integration with AD, which made it possible to apply different application rules per department or user role. For example, allowing YouTube only for the marketing group, but blocking it for others, and seamless integration with URL Filtering and threat prevention work together with other blades to provide both application control and security against malware or data leaks. Bandwidth and QoS prioritization and the ability to not only block but also prioritize business-critical applications, for example, Office 365 or VoIP, are also standout features.

The granular control offered by Check Point Application Control impacts my daily work and the organization as a whole by allowing our marketing team to access YouTube and Facebook for campaign work while other departments don't have that access. In the past, we either had to block everyone, causing friction and workarounds, or allow everyone, leading to productivity loss and bandwidth issues. With Check Point Application Control, we create a rule that allows YouTube and Facebook for the Marketing AD group but blocks these apps for all other users. Bandwidth for business-critical tools like Microsoft Teams and O365 is prioritized, and this helps us avoid a service impact. Marketing gets the access they need without raising tickets, while bandwidth-clogging from unnecessary video streaming is reduced, leading to fewer complaints for the IT team and better visibility into traffic.

Using Check Point Application Control has definitely improved productivity and saved time for my team. Before implementing the rules, our IT helpdesk was getting 5-7 user tickets per week from employees either requesting access to blocked applications or reporting slow network performance due to streaming. After rolling out rule-based access and bandwidth prioritization, those tickets dropped to 1-2 per month.

Check Point Application Control can be improved with faster updates for emerging applications. While the signature database is comprehensive, new apps or app features sometimes appear before signatures are updated. A faster update process or a community-driven signature model could help keep policies current. Additionally, simpler policy management for large organizations is needed, as the policy interface can feel complex in environments with hundreds of rules and multiple user groups. Features like bulk editing, smart suggestions, or policy templates could reduce admin workload. An improvement in reporting and analytics is also essential, as reports are detailed but sometimes hard to digest at a glance. More visual dashboards, trend analysis, or predictive insights would help the team spot operations and issues faster.

This is my first time using Check Point Application Control.

Check Point Application Control is very stable; I haven't encountered any special issues.

It's very scalable and has shown substantial improvement, making it a trusted solution.

I evaluated other options before choosing Check Point Application Control, and we tried using the Palo Alto firewall.

I have seen a return on investment with Check Point Application Control. Before granular application control, IT support saw 5 to 7 tickets per week related to blocked apps or network slowdown. After implementing rule-based access and bandwidth prioritization, that dropped to 1-2 tickets per month, saving 6 to 8 hours per month for our team. There is also risk reduction, as blocking risky or unauthorized apps, like file-sharing tools, minimizes the potential for data leaks and security incidents. Although it's harder to quantify in dollars, avoiding even a single data breach or compliance violation represents significant cost avoidance.

I can't say much about the pricing, setup cost, and licensing for Check Point Application Control, as I only know what the business management team discusses. Our team is focused on operations and technical aspects, so we're not privy to the detailed setup costs and pricing.

My advice for others looking into using Check Point Application Control is to consider its ability to balance security and productivity effectively.

One of the strongest points of Check Point Application Control is its ability to protect the network without overly restricting users. Granular rules let you target risky apps while still allowing business-critical access. Continuous monitoring and updates through regular reviews of app usage reports and keeping signatures up-to-date ensure policies remain effective as applications evolve. Scalability can be a consideration for growing organizations, as the solution works well for small deployments, but with hundreds of rules or multiple department policy management, it can become complex, so planning and regular cleanup are key.

On a scale of one to ten, I rate Check Point Application Control a nine.

The main use case of using Check Point Application Control is to provide visibility and control over web applications, web traffic, and user activity. It is for prioritizing bandwidth for business-critical applications like ERP and Office 365. It will also prevent the use of risky IT applications and helps in compliance with security standards.

The best features of Check Point Application Control are granular application and web control, user and group awareness, identity awareness, integration, SSL/TLS inspection, detailed visibility and reporting, and bandwidth management.

Bandwidth management with Check Point Application Control allows the organization to prioritize business-critical traffic such as Microsoft Teams, Office 365, and similar applications. This ensures that critical applications remain fast and reliable during peak hours. It also prevents the use of applications that consume too much bandwidth. In many organizations where employees depend on real-time applications such as voice, video conferencing, trading platforms, or healthcare systems, poor performance directly impacts productivity. This is where bandwidth management comes into the picture. It allows a smooth user experience, fair usage of network resources, and reduced business risk from downtime or lag.

Areas where Check Point Application Control could be improved are policy fine-tuning usability, reporting and analytics, application identification accuracy, and performance impact with SSL inspection. I would personally prefer to see more real-time, AI-assisted insights. For example, if an unusual app suddenly spikes bandwidth or starts behaving suspiciously, the system should automatically suggest a policy adjustment instead of waiting for the admin to dig into logs. That would make security more proactive and improve job efficiency.

The solution received an 8 out of 10 because it's a very strong solution with granular controls, user awareness, and deep visibility. However, they need to work on the customer support and false positive issues. Sometimes there are many false positives, which impacts user efficiency.

I have been using Check Point Application Control for the past one year.

Check Point Application Control improves both security posture and compliance. By controlling which applications are allowed and inspecting their traffic, the organization reduces the attack surface. That means fewer opportunities for malware, phishing, or data leakage. In terms of compliance, many standards such as PCI DSS, HIPAA, and ISO 27001 require visibility into application usage, data transfer, and prevention of unauthorized communication channels. Application control helps enforce those policies, generates audit logs, and demonstrates compliance during assessments.

We have implemented the solution for our clients and customers. We are not using the Check Point cloud application control for our own environment.

For organizations considering this solution, I recommend defining their application usage policy and compliance requirements. Regarding business relationships, we are a customer only. We don't have any additional relationship; we are not a reseller or partner. I was not offered any gift card or incentive for this review. Overall, Check Point Application Control is a reliable solution that strengthens security posture. We are not using any other tech products.

This solution receives an 8 out of 10 rating.