Check Point Application Control Reviews

On our infrastructure, we installed the Check Point 6200 appliance as our primary firewall. It is deployed in a distributed mode, with the security gateway and management running on separate machines.

Our major purpose is to limit web access from internal networks.

Using application control, we blocked the use of peer-to-peer applications such as torrent from our networks and allowed only youtube.com from the media streaming category, resulting in a significant improvement in bandwidth.

Aside from these numerous categories, we blocked a large number of high-risk applications from access our network.

We can control bandwidth and high-risk application access from our network using application control.

We want our users to only be able to access certain websites during working hours. We accomplished this through application control by blocking social media, phonography, drugs, media sharing, and other sites.

We also restricted file sharing sites through application control and blocked file uploading, which helped us avoid data loss.

We set a usage limit for YouTube.com, giving us more bandwidth control.

The control options for an application are very specialized. We may thus ultimately decide what to access and what to prevent.

It is relatively easy to implement an application control policy, and it is made to integrate with the access policy.

The ability to see each application clearly in the logs is quite helpful.

Application control utilizes signatures similarly to how IPS does. It is an excellent feature.

It's pretty easy to schedule updates to the application control database. We can design a check for fresh updates every two hours.

Users can clearly understand the reasons for site blocking from the blocked message.

1 – Custom applications for internal applications must be defined frequently. This should be improved. It would be much better if Check Point could detect internal applications and automatically bypass them.

2- Without HTTPS decryption, the majority of App Control recognition features will be rendered ineffective, as everything has been encrypted thus far.

3-An application may have multiple category tags, which is confusing.

These areas should be improved. 

It satisfies all of our needs except for this. 

Check Point Application Control assists us in controlling bandwidth and restricting internet access for our infrastructure.

I've used the solution for almost two years.

Yes, we used a different solution. However, it did not satisfy us in terms of security. As a result, we decided to deploy Check Point NGFW for enhanced security.

Before migrating to Check Point firewall, we conducted market research and solicited feedback from my contacts who are already Checkpoint NGFW customers. We decided to use Check Point NGFW as a result of this.

Our ROI is that it increases the security precautions that prevent users from accessing websites that can harm our business. Additionally, it also reduces the use of the internet, which is often unrelated to business tasks.

Check Point's Application Control blade is a very powerful and useful tool. To use this tool we need to purchase a subscription for it or purchase a threat prevention package. 

Our primary use case is using Application Control with Identity Awareness feature to create granular policies for users, and groups. Hence, we can control access to applications according to our internet regulations and apply them to users/groups. With the combination, even wherever users/groups are in the organization, whenever they access, they are always under control

With Application Control, we can:

1. Block the applications with critical risks like proxies, malicious VPN tools, hidden IPs, hotspots, et cetera.

2. Save network bandwidth by blocking the downloading tools, P2P sharing, or limiting access to entertainment/IPTV/Social Networking (et cetera) that consume the bandwidth.

3. Increase work productivity by only allowing access to legal destinations while blocking unnecessary accesses like gambling, games, et cetera.

4. Control data loss risk through popular channels: Facebook upload, Instagram upload, public email services (Gmail, Yahoo, et cetera), file storage, and sharing.

5. Limit the usage of the application flexibly (like allowing users to log in to Facebook, and chat but cannot upload data, video, et cetera).

6. Create more granular policies.

We can combine Application Control with Identity Awareness and URL Filtering to create security policies for users/groups based on characteristics about security, productivity and network bandwidth. The most important thing is applying internet access regulations to the firewall system is easier than ever.

The Check Point database of Application Control is the largest library and is updated periodically.

Application categories in the SmartConsole are very clear and easy to search.

The application database is public in AppWiki. This helps to search the application information. This helps people that are considering what Check Point Application Control has before deciding to purchase.

All Check Point security features can run in a single gateway or gateway cluster.

It is expensive. The application control is a subscription type, not a perpetual license. Thus, to use this feature year-by-year, customers must purchase a renewal.

To use it effectively, you must turn on the HTTPS Inspection feature. Almost all the applications are running on encrypted connections. Without HTTPS Inspection, Check Point Gateway cannot detect the behaviors of the application. This leads to the gateway's CPU usage being degraded. In an environment of high connectivity growth or using multiple security features on the same appliance, having to handle more encrypted connections will be very stressful for the CPU.

We've used the solution for more than five years.

It is very exact in application detection.

The scalability of Application Control is based on Check Point Gateway. Check Point Gateway has ClusterXL that supports up to five appliances. With the developing Maestro technology, it's very easy to scale up on demand. Using this technology allows us to maximize hardware investment and appliance capacity.

The support team is very professional.

Positive

I used Fortinet before, however, Check Point Application Control is the best. Check Point has the largest database that no other vendor can compare. Besides, the Check Point appliance is very stable.

It's a bit complicated in terms of the setup if you are combining it with Identity Awareness and HTTPS Inspection.

Our K-12 school district is currently leveraging the Check Point 6800 Gateway hardware appliance, which is running version R80.30.   

The management station runs as a virtual machine in our VMWare environment with Cisco UCS & EMC (storage) hardware and Cisco networking architecture. In addition to the exceptional performance of the hardware and extensive Firewall abilities, we manage end-user traffic related to the applications. We use the solution primarily in the social media and entertainment arenas. This feature allows us to reduce unnecessary use of our already limited bandwidth.

Prior to the newer Application Control tools, from Check Point, we didn't have nearly as much in-depth access to manage traffic in the port 80 and 443 pathways.  

As a result, we were regularly pushing the high end of our already limited bandwidth. Though we did have web/URL filtering technologies deployed, our users still had quite a bit more access to media resources that presented a distraction in our environment. The Application Control, allows us to better manage bandwidth at a more granular level.

Being able to choose specific applications in our policy rule base in order to better manage access and bandwidth utilization has had a significantly positive impact on our environment and saved a lot of management time. This feature allows us to apply all the relevant protocols from a single application "package."  

In years past, we used to have to spend a lot of management time manually diagnosing the end-user traffic in an *attempt* to determine what sites, protocols, and ports were being used by the resource. Then, we would have to create specific rules to affect that traffic, before we could regularly monitor the traffic for any unexpected rouge behavior.

One of our continued challenges is having a more accurate, real-time view of how our bandwidth is actually being used at any given moment. A feature that could really offer a lot of insight into the live traffic would be a high-quality, real-time traffic graphical monitoring module. Administrators could then "mouse-over"  any point on the graph to reveal additional information at a very granular level. The information that could be presented would include data such as the service/app used, the specific network or IP, the date/time, etc.

I've used Check Point since the late 1990s. I've used this solution for several years.

We've had zero issues. It's a solid product.

My impression is that with all the recent features and abilities added to the application control section, it should be able to scale very nicely.  I would anticipate that managing traffic at the application level would be far more efficient than in the past, with the option of creating fewer rules to accomplish the same goal.  Being able to group or, "package," together a number of similar applications that contain all the relevant protocols, will be a big benefit over time.

As the product has performed well, we have had little interaction with Check Point's customer support. We have been reasonably satisfied, during the limited times of engagement.

Neutral

We have been using the Check Point firewall suite of products, since the floppy disk installation days.

We had the guidance and aid of a partner vendor and it was not overly complicated.

We have worked with a vendor for years and have been very pleased.

ROI is difficult to quantify in terms of money.  However,, we can easily say that our management time has decreased and end-user activities have been more on-task.

Pricing is a bit high for our K12 organization. The setup is not painful. That said, planning is crucial - as well as a thorough understanding of your network architecture and desired outcomes. 

We did not evaluate other options.

I'd advise users to go with Check Point.

Our use case for Check Point Application Control is to be able to filter and control all the categories of applications that we want to allow in our organization so that users have the necessary access and permissions and have security in using an application. 

We only allow members of the organization access secure applications, another benefit is that bandwidth can be limited by restricting applications and unnecessary downloads of applications that are not for business use by controlling the access of gateway apps

Check Point Application Control has provided us as an organization with the ability to prevent users from entering web pages that are not allowed or that can lead to many vulnerabilities that could result in the loss of sensitive information.

With this friendly, simple, and easy-to-use tool, we have been able to control all these inappropriate accesses. Most users cannot enter sites or applications that are not for work and with this, we have been able to monitor all these pages.

It also helps us implement changes very quickly and make people more focused on work.

All Check Point Application Control features are very granular and important. The most important depends on the need of the company this feature is used.

It also has flexibility where you can restrict certain areas of each page. For example, you can enter but not download or use a chat like in social networks. I can see them, however, not chat. This is a good thing as you can be flexible with your employees to have everything without access and allows us to be flexible with certain categories. I think that with this we can achieve a better tool

The tool has a number of features necessary for good business security. However, it is always good to add several features and maintain an open and adequate performance for the machines where said software is installed since it will be able to present high performance. However, so far, Check Point Application Control satisfactorily meets the needs of a company in security. At the moment I don't see the need to add new features. That said, you always have to be one step ahead.
They should focus on improving the guides since they are not very friendly or concrete to make a configuration in the interface.

This tool has been used for 2 years.

The solution is very stable. No problem has been presented.

The solution provides important scalability features

Since the product has worked well, we have had little interaction with Check Point's customer service.

Positive

Previously, we did not use another tool.

The implementation, like all Check Point products, is very interactive and easy to install and configure.

It was done with a vendor and it was very good in its work until now.

Our ROI is that our entire platform meets the necessary security requirements. Nothing happens in the company's infrastructure and this helps us avoid more expenses if not for having implemented a tool like this.

The price is in line with the competition. They maintain an accessible and competitive price.

Options were not evaluated since our infrastructure always used Check Point.

They continue to innovate. Check Point is an excellent tool in many areas.

Application control is part of the administration of Check Point management. We use it to provide protection and access to applications and sites in a safe way on the computers that are protected by our gateways.

The use of this feature has been very important for perimeter protection through our gateways, it is fairly simple to use for the protection of specific applications and sites. This is in addition to the fact that these controls can be applied in a granular way from a network to a specific host which is incredible for the security administration of any company.

Check Point Application Control is a powerful tool and has given us the protection that we needed for our business. We are now able to secure ourselves internally.

Without the use of this tool, we had suffered from the use of applications not allowed within the company. This generated the loss of effective time for our employees, in addition to generating major security problems due to the use of applications that generated cyber threats that affected the operation of the company.

Thanks to Check Point Application Control we are able to control these vulnerabilities and provide both greater employee productivity and greater perimeter security.

We loved Check Point Application Control for its granular control and ability to apply policies between groups, hosts and networks depending on the need.

On the other hand, the integration of our AppWiki with a large number of preloaded applications in segments helps to apply policies more easily and effectively.

The integration with Check Point Security Management and Check Point Security Gateway potentiates the company's perimeter security. This is a truly powerful feature and it is easy to implement.

Check Point is a fairly complete security vendor, however, we would like to have a better SLA for technical support issues, sometimes they take a long time to resolve customer issues.

On the other hand, the documentation is not always as clear as we would like it to be, it takes a long time to review it and implement solutions with the best practices of the manufacturer.

Finally, their costs are high, I think they could improve and make it more competitive against the competition, even if they are better protection tool.

Previously, we had only used applications that generated this protection as a test, however, they did not meet our expectations like Check Point.

Our recommendation to other clients is to have a partner that helps them with the company's requirements in addition to the costs.

We did validate proofs of concept from other manufacturers, but we liked the Check Point's protection more.

In our company, when acquiring CKPOINT products to be able to have perimeter protection for our teams, both cloud and on-premise.

we are able to carry out greater protection with Check Point's gateway, integrated with access control. It is a great help.

Check Point Application Control has been of great help in being able to provide access and granular security improvements for different departments with different profiles within the company. It is important to be able to do this in environments that deserve greater control in different areas.

We gained a lot in control, however, also through the reports it was possible to determine what was happening, and subsequently, make security improvements in the application control blade. Its use is really simple and intuitive, and when we have had doubts we have relied on the public documentation.

One of the advantages of Check Point Application Control is the large number of profiles included within the tool to be able to generate granular policies, in addition to permissions between servers or even web access.

Its implementation is simple. It is another great advantage. In our case, we use it with our R81 Check Point Gateway. It was implemented in Microsoft Azure, being a virtual device.

On the other hand, the log reports are very good for making validations and decisions.

Something important to mention is the improvement at the support level. It could be more advanced. Sometimes the responses are somewhat slow or based on a schedule that is not always the same as the companies. It's difficult to generate a session with them to better explain your needs.

We would also like the costs to be more comfortable. Although they are not different from other security tools, they could have improvements to provide greater interest to customers who are interested or loyal to Check Point's products.

In the company, we have made security improvements in recent years to be able to solve technological gaps in which vulnerabilities could greatly damage work continuity. Application control is a great help for our gateways.

Previously we had used Fortinet Gateways, however we liked what Check Point offered better at the level of modern security tools.

It is very important before implementing security improvements to have a test environment to evaluate correctly. I recommend taking previous implementations into account.

Before opting for Check Point, we validated and verified several demos with other manufacturers, however, we liked it better and it was better adapted to our internal needs.

Check Point Application Control enables my team to customize websites to fit our daily needs. It provides security measures that can be set in place to safeguard our content and internal information. 

It provides reliable tools for setting up HTTPS security policies that prevent security risks related to SSL protocol. The product provides real-time insights into the data traffic from the applications and their performance. 

The security protocols have enabled my team to set restrictions for accessing confidential information.

There is efficient protection of data and workflows from external interferences. This platform provides basic tools for protecting applications from cyber attacks and building strong websites. 

The SmartView tracker enables my members to monitor data traffic across the applications. It has provided a great opportunity for us to set up basic rules for interacting with applications. 

This product provides reliable data controls that monitor the performance and operational capability of all the applications within the company's networking infrastructure.

The central management system provides a reliable platform for application control and URL filtering. 

The security gateways have set comprehensive security tools for protecting data from malware attacks. 

The application library can run many apps and websites at the same time without functional complications. 

The application control system blocks internet sites and cyber attacks that can affect daily operations. 

SmartEvent Analysis provides capabilities for understanding application performance with charts and reporting analytics.

The most set features have enhanced the effective management of workflows. 

Malware threats can advance attacks when there are no timely measures to curb online phishing attacks. 

The solution needs an efficient monitoring platform that provides individual employee data, and performance will boost productivity in the organization. 

Most features perform well since there are few complaints. The security tools should be empowered more to fit daily demands and prevent our systems from advanced threats. 

I recommend the use of this platform to other organizations for reliable application performance.

I've used the solution for two years. 

The application security controls and monitoring tools are powerful.

I am impressed by its great performance.

The customer support staff has been reliable and committed to great service delivery.

Positive

I have not worked with a similar solution.

The initial setup was straightforward.

The implementation was done by the vendor team, and their level of expertise is excellent.

The recorded ROI has improved from 40% to 65% currently.

The setup cost and licensing terms are efficient.

I evaluated other application control products, however, Check Point Application Control was the best.

This is great system for monitoring application performance and I recommend to others.

The company-based applications have benefited from this software in the enhancement of security and performance acceleration. 

Check Point Application Control monitors all tools' performance and operations in all enterprise activities. 

The reported performance metrics help us allocate resources and unlock hidden business potentials. Over the past year, this product has boosted the end output of all applications and promoted efficient teamwork. Each tool can easily link and integrate with others with set task objectives.

Check Point Application Control has highly improved business operations with modern data control systems. 

It ensures that the health of each application can handle the set tasks and projects without any challenges. 

We have increased workflow performance and improved the service delivery to our clients. 

Data transfer with preferable security measures has enhanced better collaboration among teams. The connection of applications has enabled members to understand the data flow and set goals with real-time reports.

The set security measures integrated with applications help us to identify and set policies that can support our programs. 

It mitigates the security risks that can affect business tools and their implications on the overall production capacity. 

The workflow tracking capacity provides data on all employees working with certain tools and their contributions. 

Check Point Application Control can monitor the operations of many applications at the same time without low-performance experiences. There is increased revenue from the reduced cost of consolidating required security tools.

The set security features have increased the production efficiency of all applications. The new IT team monitoring this system requires proper training in order to execute the targeted goals effectively without failure. 

The set performance monitoring systems are complex to interpret and scale down their operations. 

The customer service team works tirelessly to ensure our teams are satisfied. Cloud network security has kept our assets secure since we deployed with a smooth continuation of other enterprise activities.

I've used the solution for one year and four months.

This product is stable and with high-performance capabilities.

I like the persistence of improving security across the organization from this application.

I have no words for the support team; I really congratulate them on the excellent job!

Positive

I have previously worked with AppDynamics - although the security models did not meet our targets.

It is easy to setup and learn how the product works.

The vendor team did the implementation.

The set targeted ROI has been achieved.

The setup procedure is good and the cost is suitable for most enterprises.

I evaluated operations and performance of AppDynamics.

Check Point Application Control is the best solution for security and performance controls.