Adrian Cambronero - PeerSpot reviewer
Consultant at ITQS
Reseller
Top 5Leaderboard
Issue-free with good granularity and is easy-to-use
Pros and Cons
  • "It also helps us implement changes very quickly and make people more focused on work."
  • "At the moment I don't see the need to add new features. That said, you always have to be one step ahead."

What is our primary use case?

Our use case for Check Point Application Control is to be able to filter and control all the categories of applications that we want to allow in our organization so that users have the necessary access and permissions and have security in using an application. 

We only allow members of the organization access secure applications, another benefit is that bandwidth can be limited by restricting applications and unnecessary downloads of applications that are not for business use by controlling the access of gateway apps

How has it helped my organization?

Check Point Application Control has provided us as an organization with the ability to prevent users from entering web pages that are not allowed or that can lead to many vulnerabilities that could result in the loss of sensitive information.

With this friendly, simple, and easy-to-use tool, we have been able to control all these inappropriate accesses. Most users cannot enter sites or applications that are not for work and with this, we have been able to monitor all these pages.

It also helps us implement changes very quickly and make people more focused on work.

What is most valuable?

All Check Point Application Control features are very granular and important. The most important depends on the need of the company this feature is used.

It also has flexibility where you can restrict certain areas of each page. For example, you can enter but not download or use a chat like in social networks. I can see them, however, not chat. This is a good thing as you can be flexible with your employees to have everything without access and allows us to be flexible with certain categories. I think that with this we can achieve a better tool

What needs improvement?

The tool has a number of features necessary for good business security. However, it is always good to add several features and maintain an open and adequate performance for the machines where said software is installed since it will be able to present high performance. However, so far, Check Point Application Control satisfactorily meets the needs of a company in security. At the moment I don't see the need to add new features. That said, you always have to be one step ahead.
They should focus on improving the guides since they are not very friendly or concrete to make a configuration in the interface.

Buyer's Guide
Check Point Application Control
March 2024
Learn what your peers think about Check Point Application Control. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.

For how long have I used the solution?

This tool has been used for 2 years.

What do I think about the stability of the solution?

The solution is very stable. No problem has been presented.

What do I think about the scalability of the solution?

The solution provides important scalability features

How are customer service and support?

Since the product has worked well, we have had little interaction with Check Point's customer service.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

Previously, we did not use another tool.

How was the initial setup?

The implementation, like all Check Point products, is very interactive and easy to install and configure.

What about the implementation team?

It was done with a vendor and it was very good in its work until now.

What was our ROI?

Our ROI is that our entire platform meets the necessary security requirements. Nothing happens in the company's infrastructure and this helps us avoid more expenses if not for having implemented a tool like this.

What's my experience with pricing, setup cost, and licensing?

The price is in line with the competition. They maintain an accessible and competitive price.

Which other solutions did I evaluate?

Options were not evaluated since our infrastructure always used Check Point.

What other advice do I have?

They continue to innovate. Check Point is an excellent tool in many areas.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Jonathan Ramos G. - PeerSpot reviewer
Cloud Engineer at ITQS
Real User
Top 5Leaderboard
Great for control and management with good granularity
Pros and Cons
  • "The best value we have is their actionable reports on user analytics, events, and activity that are extracted from their database."
  • "I would like this layer to be faster to install in the future."

What is our primary use case?

We had the need to control and be able to manage rules in a granular way for maintaining the security and control of the data, management by teams, identity, and applications grouping them by category and thus being able to defend ourselves from threats and malware that wants to enter our infrastructure while  reducing the operating cost.

Something that we need and want is an inspection of the data. We must see what the different users and applications of our network are sharing, and that is where the control solution brings us that administration value.

How has it helped my organization?

As our need is great, and we not only have a single organization yet also have several subsidiaries. It is there where we are integrating a centralization under well-managed control. It is where application control gives us the possibility of generating rules, and policies that are adjusted and flexible. We need the solution to be able to be adapted to the business and to be modified and scalable according to the need and evolution of our organization. It offers a powerful administration and a great catalog.

What is most valuable?

The best value we have is their actionable reports on user analytics, events, and activity that are extracted from their database. This technology allows us to present reports on the control and management of event policies against applications, locations, IoT, and Identity. Having all this data available generates a control layer that strengthens a security posture. Its best feature will forever be the generation of tangible reports of every actionable activity found and stopped by the solution.

What needs improvement?

I would like this layer to be faster to install in the future. The evolution of its equipment and appliances where the solution is executed has improved a lot, however, it is necessary to increase that capacity. Some competitors do it just as well and in that layer, are faster to apply their changes. These would give greater value and would be a differentiator. Among other things, I would like this integrated solution to manage from mobile devices in an optimized way and be able to administer from anywhere in the world.

For how long have I used the solution?

I've used the solution for two years.

What do I think about the stability of the solution?

The solution is very stable and has regular updates.

What do I think about the scalability of the solution?

It is fast and easy to scale and manage.

What's my experience with pricing, setup cost, and licensing?

Their cost is based on their appliances, and they offer equipment with the highest licensing.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Check Point Application Control
March 2024
Learn what your peers think about Check Point Application Control. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.
reviewer1626546 - PeerSpot reviewer
Network Head at SUKARNE
User
Stable with good automatic updating and effective filtering capabilities
Pros and Cons
  • "The automatic updates of new applications and signatures guarantee protection at all times without the need to apply a change manually."
  • "It's important that there is the option to validate the policies before applying them."

What is our primary use case?

Before using this solution, I needed to have other network components that would allow me to block or restrict access to unauthorized sites, which generated a very high cost in terms of licensing and maintenance. Now, I can control authorized and unauthorized access to my end-users, and I can control bandwidth and assign a defined bandwidth to guarantee the operation of my company. 

With this solution, I was able to establish and guarantee the security of my end-users using the categories and definitions within the solution. I'm able to easily identify high-risk sites, as well as sites not allowed for explicit content.

How has it helped my organization?

In the beginning, I did not have control of the content that my users had access to, which put the integrity of my company at risk. With this solution, I was able to create explicit policies that would adhere to the rules that we established for access to applications. 

Previously, I had 2 appliances from another brand to control the traffic of applications and to control bandwidth. It is a very simple product to administer with amazing potential endowed within a large database of applications and is constantly updated.

What is most valuable?

The automatic updates of new applications and signatures guarantee protection at all times without the need to apply a change manually. This has been largely beneficial to my organization and only on a couple of occasions have I had a problem with legacy applications being applied to a filter incorrectly. We've solved this by documenting them in the Check Point portal to ensure they are not listed as a malicious application or IP. There is a large database of applications that have been incorporated together with the traffic control tool assigning a defined bandwidth for certain applications.

What needs improvement?

It's important that there is the option to validate the policies before applying them since it is very annoying and causes a waste of time to apply a new policy or rule and afterward receive an error that the policy has failed. 

It is important that, if you are being notified of the modifications in the automatic policies that were updated, it's clear in terms of the content that is included as well as the applications that have been modified for being malicious or not. 

Without a doubt, these would be contributions that would greatly benefit the solution's operation within my company.

For how long have I used the solution?

I've worked with the solution for 5 years.

What do I think about the scalability of the solution?

In some equipment, the scaling is very good, however, it depends on the equipment that is purchased and if there is correct sizing.

Which solution did I use previously and why did I switch?

Yes, I made the change because I tried a demo and it seemed like a great product.

What was our ROI?

It is a very safe and stable product.

What's my experience with pricing, setup cost, and licensing?

The licensing is very good. We always rely on an authorized dealer to ensure proper operation and sizing.

Which other solutions did I evaluate?

Yes, I evaluated Cisco, Palo Alto, and Fortinet.

What other advice do I have?

Not at this time. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Support at a security firm with 51-200 employees
User
Top 5Leaderboard
Good granularity, helpful blocking capabilities, and helps with segmentation
Pros and Cons
  • "The most important characteristic is granularity, which allows our teams to have different security profiles depending on the department to be protected."
  • "Check Point licenses are somewhat expensive."

What is our primary use case?

Check Point has provided us with a Check Point management server tool where we manage our Gateways. It helped us limit the applications, sites, and different actions that are part of the users' daily lives. We can limit with granularly the applications that users access.  

Segmentation is key. We managed to divide everything by department to be able to generate the security that each one requires. Now, managers have greater flexibility.

How has it helped my organization?

This product or feature included in our security admin has helped us a lot to be able to control our users. It helps us with effectiveness since users can use laptops correctly, being more productive.

It has also been possible to avoid modern threats that can enter and attack user equipment, servers, and the business network. These attacks would affect work continuity in addition to company data that could be affected.

What is most valuable?

The most important characteristic is granularity, which allows our teams to have different security profiles depending on the department to be protected.

There is also a list of applications pre-loaded in the systems to be able to have blocks or permissions to use different applications.

Finally, the licensing of our Check Point gateways, which are not licensed separately, provides an advantage.

What needs improvement?

Check Point licenses are somewhat expensive, in addition to the fact that it is difficult to validate their costs without a Check Point partner - which is why it is difficult to validate them.

Support is only available in the English language, which affects some regions where Check Point products will be used.

The SLAs of checkpoint products are sometimes not met since the cases created are sometimes attended to very late after opening them.                     

For how long have I used the solution?

We have used this solution for at least five years in its different versions. It has helped us a lot with business security.

Which solution did I use previously and why did I switch?

We have not previously used any product like this.

What's my experience with pricing, setup cost, and licensing?

The costs should be reviewed with a partner of Check Point. As for the implementation, it is really simple.

Which other solutions did I evaluate?

Several proofs of concepts were carried out, and Check Point was the best.

What other advice do I have?

This is an excellent product.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Network Engineer at Fujairah Port
User
Top 5
Great for access control and site blocking with the capability to restrict file sharing
Pros and Cons
  • "We can control bandwidth and high-risk application access from our network using application control."
  • "Custom applications for internal applications must be defined frequently."

What is our primary use case?

On our infrastructure, we installed the Check Point 6200 appliance as our primary firewall. It is deployed in a distributed mode, with the security gateway and management running on separate machines.

Our major purpose is to limit web access from internal networks.

Using application control, we blocked the use of peer-to-peer applications such as torrent from our networks and allowed only youtube.com from the media streaming category, resulting in a significant improvement in bandwidth.

Aside from these numerous categories, we blocked a large number of high-risk applications from access our network.

How has it helped my organization?

We can control bandwidth and high-risk application access from our network using application control.

We want our users to only be able to access certain websites during working hours. We accomplished this through application control by blocking social media, phonography, drugs, media sharing, and other sites.

We also restricted file sharing sites through application control and blocked file uploading, which helped us avoid data loss.

We set a usage limit for YouTube.com, giving us more bandwidth control.

What is most valuable?

The control options for an application are very specialized. We may thus ultimately decide what to access and what to prevent.

It is relatively easy to implement an application control policy, and it is made to integrate with the access policy.

The ability to see each application clearly in the logs is quite helpful.

Application control utilizes signatures similarly to how IPS does. It is an excellent feature.

It's pretty easy to schedule updates to the application control database. We can design a check for fresh updates every two hours.

Users can clearly understand the reasons for site blocking from the blocked message.

What needs improvement?

1 – Custom applications for internal applications must be defined frequently. This should be improved. It would be much better if Check Point could detect internal applications and automatically bypass them.

2- Without HTTPS decryption, the majority of App Control recognition features will be rendered ineffective, as everything has been encrypted thus far.

3-An application may have multiple category tags, which is confusing.

These areas should be improved. 

It satisfies all of our needs except for this. 

Check Point Application Control assists us in controlling bandwidth and restricting internet access for our infrastructure.

For how long have I used the solution?

I've used the solution for almost two years.

Which solution did I use previously and why did I switch?

Yes, we used a different solution. However, it did not satisfy us in terms of security. As a result, we decided to deploy Check Point NGFW for enhanced security.

Before migrating to Check Point firewall, we conducted market research and solicited feedback from my contacts who are already Checkpoint NGFW customers. We decided to use Check Point NGFW as a result of this.

What was our ROI?

Our ROI is that it increases the security precautions that prevent users from accessing websites that can harm our business. Additionally, it also reduces the use of the internet, which is often unrelated to business tasks.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Edwin Solano Salmeron - PeerSpot reviewer
Soporte técnico superior at Acobo
Real User
Top 5Leaderboard
Helps define policies, integrates with third-parties, and offers good threat detection
Pros and Cons
  • "One of the greatest capacities and the benefits it gives us is the ability to control applications based on defining access or denial policies in specific applications, groups, or category profiles."
  • "The guides used today are a bit complex, and we need efficient and simple access to them so that any administrative or technical person can solve, analyze, and configure each of the rules and identities seamlessly."

What is our primary use case?

We needed to allow, control, block, and access specific applications based on the policies that the institution has as a baseline. Given this need, we have tried, analyzed, and tested various solutions that could comply with said internal directive. We have sought solutions that allow us greater visibility and control over applications on the network, improving the protection of applications and the security of the organization in general. We've validated the software's great potential at detecting malicious events on unauthorized applications or resources. 

How has it helped my organization?

Check Point Application Control has offered us the possibility of achieving several important organizational pillars that were required to cover. We had application identification, application control, and protection based on known or unknown threats. 

These capabilities have allowed us to discover known or unknown threats by detecting them under the identity of users. We managed to include a malware intrusion detection index based on the identity of the users in order to protect them. 

What is most valuable?

One of the greatest capacities and the benefits it gives us is the ability to control applications based on defining access or denial policies in specific applications, groups, or category profiles. Compared to other products, it has offered us a unique combination by allowing the integration of third-party services or brand-owned services, which gives us a chance to insure, protect ourselves, and generate scalable, comprehensive protection. 

What needs improvement?

One of the improvements that we need is in the manual services. The guides used today are a bit complex, and we need efficient and simple access to them so that any administrative or technical person can solve, analyze, and configure each of the rules and identities seamlessly. We need clear directions to help us configure effectively. It's important to be able to have this documentation available to make the many available features easy to configure and allow us to promote defense tactics in depth against all available threats. 

For how long have I used the solution?

I've used the solution for two years.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Software Engineer at Doddle
User
Top 5
Mitigates security risks, has workflow tracking capacity and offers increased workflow performance
Pros and Cons
  • "It ensures that the health of each application can handle the set tasks and projects without any challenges."
  • "The set performance monitoring systems are complex to interpret and scale down their operations."

What is our primary use case?

The company-based applications have benefited from this software in the enhancement of security and performance acceleration. 

Check Point Application Control monitors all tools' performance and operations in all enterprise activities. 

The reported performance metrics help us allocate resources and unlock hidden business potentials. Over the past year, this product has boosted the end output of all applications and promoted efficient teamwork. Each tool can easily link and integrate with others with set task objectives.

How has it helped my organization?

Check Point Application Control has highly improved business operations with modern data control systems. 

It ensures that the health of each application can handle the set tasks and projects without any challenges. 

We have increased workflow performance and improved the service delivery to our clients. 

Data transfer with preferable security measures has enhanced better collaboration among teams. The connection of applications has enabled members to understand the data flow and set goals with real-time reports.

What is most valuable?

The set security measures integrated with applications help us to identify and set policies that can support our programs. 

It mitigates the security risks that can affect business tools and their implications on the overall production capacity. 

The workflow tracking capacity provides data on all employees working with certain tools and their contributions. 

Check Point Application Control can monitor the operations of many applications at the same time without low-performance experiences. There is increased revenue from the reduced cost of consolidating required security tools.

What needs improvement?

The set security features have increased the production efficiency of all applications. The new IT team monitoring this system requires proper training in order to execute the targeted goals effectively without failure. 

The set performance monitoring systems are complex to interpret and scale down their operations. 

The customer service team works tirelessly to ensure our teams are satisfied. Cloud network security has kept our assets secure since we deployed with a smooth continuation of other enterprise activities.

For how long have I used the solution?

I've used the solution for one year and four months.

What do I think about the stability of the solution?

This product is stable and with high-performance capabilities.

What do I think about the scalability of the solution?

I like the persistence of improving security across the organization from this application.

How are customer service and support?

I have no words for the support team; I really congratulate them on the excellent job!

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I have previously worked with AppDynamics - although the security models did not meet our targets.

How was the initial setup?

It is easy to setup and learn how the product works.

What about the implementation team?

The vendor team did the implementation.

What was our ROI?

The set targeted ROI has been achieved.

What's my experience with pricing, setup cost, and licensing?

The setup procedure is good and the cost is suitable for most enterprises.

Which other solutions did I evaluate?

I evaluated operations and performance of AppDynamics.

What other advice do I have?

Check Point Application Control is the best solution for security and performance controls.

Which deployment model are you using for this solution?

Private Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Hugo Alexis Espinoza Naranjo - PeerSpot reviewer
Perimeter Security Administrator at a security firm with 51-200 employees
Real User
Top 5Leaderboard
Good blocking and filtering but needs more of a knowledge base for users
Pros and Cons
  • "The most outstanding feature is the Check Point APK wiki."
  • "The blocking characteristics for filtering content currently are not so customizable."

What is our primary use case?

We needed a solution that would allow us to protect the applications that we were constantly developing. Those applications needed to be classified by categories, including integrity, risk level, and productivity issues, as well as identity per user. We needed all these characteristics to safeguard a library, repository, or platform that could allow us to manage it in a secure, fast, and scalable way. We tried more than one solution that would allow us the required granularity in the teams and management so that we could implement it according to the regulations that we had internally.

How has it helped my organization?

At the time of implementation, we had a great feeling of satisfaction with the solution as it allowed us to have granularity across types of applications - by the network, identity, social networks, the function of the application, et cetera. We were able to do more than what we really needed, and this gave us that feeling that we now had the internal compliance that we did not have before. The libraries are much larger and grouped by application in categories to protect us from attacks or threats.

What is most valuable?

The most outstanding feature is the Check Point APK wiki, which is a product that is incorporated into the solution that allows us to naturally and dynamically apply internal applications to the application database. It is continuously updated, which allows us to have constant detection capabilities and more than 8000 different applications at different sites. It allows us to be more dynamic and have greater control. Additionally, it has blocking via content filtering or HTTPS inspection, which we can combine with identity. That gives us a more centralized correlation and management for more granular policies and more expeditious control over each activity from the users.

What needs improvement?

The blocking characteristics for filtering content currently are not so customizable. I would like to be able to modify them a bit. I hope that customization will be incorporated in the future. Right now, we must educate the users who are constantly violating or in fear of violating an issue. We would like to be able to incorporate filtering with notifications in a learning portal so users can be educated and will no longer have a lack of experience. A portal will help make better, more educated, and knowledgeable users. 

For how long have I used the solution?

I've used the solution for two years.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Check Point Application Control Report and get advice and tips from experienced pros sharing their opinions.
Updated: March 2024
Product Categories
Application Control
Buyer's Guide
Download our free Check Point Application Control Report and get advice and tips from experienced pros sharing their opinions.