Check Point Application Control Reviews

We had the need to control and be able to manage rules in a granular way for maintaining the security and control of the data, management by teams, identity, and applications grouping them by category and thus being able to defend ourselves from threats and malware that wants to enter our infrastructure while  reducing the operating cost.

Something that we need and want is an inspection of the data. We must see what the different users and applications of our network are sharing, and that is where the control solution brings us that administration value.

As our need is great, and we not only have a single organization yet also have several subsidiaries. It is there where we are integrating a centralization under well-managed control. It is where application control gives us the possibility of generating rules, and policies that are adjusted and flexible. We need the solution to be able to be adapted to the business and to be modified and scalable according to the need and evolution of our organization. It offers a powerful administration and a great catalog.

The best value we have is their actionable reports on user analytics, events, and activity that are extracted from their database. This technology allows us to present reports on the control and management of event policies against applications, locations, IoT, and Identity. Having all this data available generates a control layer that strengthens a security posture. Its best feature will forever be the generation of tangible reports of every actionable activity found and stopped by the solution.

I would like this layer to be faster to install in the future. The evolution of its equipment and appliances where the solution is executed has improved a lot, however, it is necessary to increase that capacity. Some competitors do it just as well and in that layer, are faster to apply their changes. These would give greater value and would be a differentiator. Among other things, I would like this integrated solution to manage from mobile devices in an optimized way and be able to administer from anywhere in the world.

I've used the solution for two years.

The solution is very stable and has regular updates.

It is fast and easy to scale and manage.

Their cost is based on their appliances, and they offer equipment with the highest licensing.

Check Point Application Control is a one-stop shop for providing the strongest security to an organization's business verticals in the most efficient and effective manner. 

It eases the business working as it enables smooth flow of information and helps businesses to create micro-managed accurate, granular policies, and helps in strengthening the organization's security by blocking and restricting the unknown and unsecured phishing widgets and applications across multiple integrations. 

It limits the usage and utilization of any unknown malware attempts from any application

Check Point Application Control improved the productivity of our workforce by reducing the coordination time and efforts involved in strengthening the system's security through a traditional manual way or path. 

It improved the performance outcome for all our verticals due to more automation in system security, which helped in the identification and blockage of malware-affected applications and widgets.

It helps in categorizing the basis of the application, its types, security level, the usability of resources, and its implications on productivity as a whole.

The solution is great at blocking and stopping unidentified and malware-affected applications.

The next-gen firewall system is inbuilt and is highly efficient in restricting terminated and unsecure applications.

It ensures smooth and secure API integrations with other system firewalls and applications due to advanced next-gen identification of malware-affected applications. 

Unauthorized and unsecured applications would not pose any risk to the organization's effectiveness if carried out efficiently by application control security.

In my view, more efforts are required with the business development and customer service team to create more and more awareness across businesses of all sizes on the benefits of deploying the Check Point application control security across all business verticals and improving the performance outcomes for the organization.

More and more product specifications should be infused with new incumbent features in the market to stay relevant and concurrent with the organization's needs.

They need more and more secure integration features should be included with less cost so that the adoption rate can be increased multifold amongst new business users.

I've been using the solution for over six months now.

The product is stable and highly recommended.

The solution is highly scalable and replicable across multiple platforms and systems.

We get great support and services from business and corporate customer service teams.

Positive

An in-house solution was utilized for application security previously.

The product is easy to comprehend and deploy.

We implemented the product through the vendor only.

We've seen an ROI of over 80%.

To every business out there, I strongly recommend trying Check Point Application Security and analyzing the utilities independently. It's one of the best security application software with advanced features to strengthen security with integrated applications and other platforms.

We evaluated McAfee and Trend security applications before making a final selection.

I'd advise users to go for its mandatory trial and explore the gamut of facilities on their own.

Our primary use case of Check Point Application Control is to filter which application categories we want to allow our organization members to have access to so that they are secured. 

For example, we don't allow access to malicious applications and some categories that could be threats. We only allow organization members to access secure applications and applications that are aligned with the company's strategy. 

The user interface is easy and dynamic. You can drag objects around the screen to facilitate their use. Besides, it is quite easy to understand and apply changes.

It also enables us to save internet bandwidth by filtering applications that are not work-related and helps us to easily create granular policies based on users to identify the usage of applications.

We can easily switch from a classical firewall to a next-gen firewall using application security. 

We implemented application control at MDM global security policies, which helps us set general security standards for all managed devices. 

Identity awareness module integration is to be used for user/group-based controls.

Application control and having features like completeness and validity, identification, authentication, and granularity with unified layers is awesome. The most important aspect is that it allows users to define policies based on source IP and user role, quickly identifying traffic flow with SAML.

You can allow or block traffic coming or going out to the internet for specific applications or websites.

It offers user notifications for blocked access, time-defined policies, and bulk categorization of malicious applications.

Sometimes, documentation is not accurate and with the support issue we have to wait a long time for an engineer to understand the errors. I would like to see if they can help with the issue of service and more qualified staff. They need to have good service with Check Point products.

The load balancer functionality for application traffic might be a better option.

Configuration and deployment are a little bit difficult. 

This product works only when the user is in traffic flow through NGFW. 

Sometimes there are more than one category tag to an application which can be tricky.

We have been using the product for more than 12.5 years.

We are satisfied with the stability.

We are satisfied with the scalability.

The product provides the largest database about application control and we can create granular policies to identify the usage. Overall it's been a very good experience, working with this product.

Positive

We didn't use any solutions previously. Check Point Application Control is easy and user-friendly. We're able to control and manage all applications with it.

The initial setup is straightforward.

The help we had was excellent.

The pricing has to be more economical.

Not all of the company's web traffic goes through Check Point, however, on the significant web traffic side, we solve security needs with Check Point. 

Especially if you are going to give broad permissions, you need to block dangerous applications at the very beginning of your rule set. In this context, we use Check Point to block on an application basis. Sometimes there are general accesses. Like Azure, we can only give access by selecting the relevant applications. Check Point is a very good solution because these applications are constantly updating the IP lists on the backend.

It does not require a lot of work to be activated and used. It is quite simple to open the application layer blade and activating it means you are ready to use it. 

The concept of NGFW is actually used exactly for this feature and I can say that it does justice. Once you are ready to use it, you can optimize your rule set by selecting the desired application name in the rule. Since the objects used are updatable, the need for you to return and update is very rare. This structure really saves you time.

First of all, to use this layer, you don't need to struggle and make changes to your structure. It is enough to have a firewall with NGFW support and turn on the application layer filtering blade. Apart from that, the objects in the rules you wrote have very little margin of error. In other words, the accesses of the application you put are passed or blocked as necessary. In fact, some applications have separate objects for download and installation, so you can write the rule set you have in mind more easily.

The objects found now have large applications or general category definitions that are completely determined and organized by Check Point. It would be nice if there was a platform and small application owners could come and send their own applications' name and IP information from there. If we could use application objects directly in our rule sets in Check Point in those small companies, that would be ideal. A few more layered objects could be created for Azure in large applications. It would be nice if firewall administrators could see parser information such as IP behind these objects.

I've been using it for the past six years in different companies.

On our infrastructure, we installed the Check Point 6200 appliance as our primary firewall. It is deployed in a distributed mode, with the security gateway and management running on separate machines.

Our major purpose is to limit web access from internal networks.

Using application control, we blocked the use of peer-to-peer applications such as torrent from our networks and allowed only youtube.com from the media streaming category, resulting in a significant improvement in bandwidth.

Aside from these numerous categories, we blocked a large number of high-risk applications from access our network.

We can control bandwidth and high-risk application access from our network using application control.

We want our users to only be able to access certain websites during working hours. We accomplished this through application control by blocking social media, phonography, drugs, media sharing, and other sites.

We also restricted file sharing sites through application control and blocked file uploading, which helped us avoid data loss.

We set a usage limit for YouTube.com, giving us more bandwidth control.

The control options for an application are very specialized. We may thus ultimately decide what to access and what to prevent.

It is relatively easy to implement an application control policy, and it is made to integrate with the access policy.

The ability to see each application clearly in the logs is quite helpful.

Application control utilizes signatures similarly to how IPS does. It is an excellent feature.

It's pretty easy to schedule updates to the application control database. We can design a check for fresh updates every two hours.

Users can clearly understand the reasons for site blocking from the blocked message.

1 – Custom applications for internal applications must be defined frequently. This should be improved. It would be much better if Check Point could detect internal applications and automatically bypass them.

2- Without HTTPS decryption, the majority of App Control recognition features will be rendered ineffective, as everything has been encrypted thus far.

3-An application may have multiple category tags, which is confusing.

These areas should be improved. 

It satisfies all of our needs except for this. 

Check Point Application Control assists us in controlling bandwidth and restricting internet access for our infrastructure.

I've used the solution for almost two years.

Yes, we used a different solution. However, it did not satisfy us in terms of security. As a result, we decided to deploy Check Point NGFW for enhanced security.

Before migrating to Check Point firewall, we conducted market research and solicited feedback from my contacts who are already Checkpoint NGFW customers. We decided to use Check Point NGFW as a result of this.

Our ROI is that it increases the security precautions that prevent users from accessing websites that can harm our business. Additionally, it also reduces the use of the internet, which is often unrelated to business tasks.

It is one of the main solutions that we have applied in our offices for the administrative control of access to specific services social networks within the corporation, viewing of videos or services that in some way distract the worker from their activities. It's also facilitated us with the ability to separate the databases by a gateway which makes the administration and the permissions granted to the end-users much easier.

One of the ways it's helped us improve was in the administration and the permissions for specific services. This was very useful to us when making a database per gateway and configuring them through layers to have better visualization, control, and administration of the rules, which allows new administrators to have a better scope and understanding of the organization. This has undoubtedly been the newest thing for us as gateways administrators.

One of the aspects of the solution that has given us more value is the integration of a domain controller with the firewall through the dashboard which allows that through inline layers, LDAP.

The visualization of users, the administration, and the permissions that we can grant to users makes our configuration a more dynamic environment since, as organizational units of an active directory, we can grant permissions to users to specific applications allowed through the URL filtering or application control within the dashboard.

With Check Point we are more protected, however, one of the issues is the cost. They are expensive products due to the fact that we have to buy blades for each solution that we want to integrate into our corporate. Without a doubt, it is worth it, however, it is an important point that could be considered. 

Likewise, nowadays a 2MFA solution could be integrated to Check Point since nowadays remote connections made with remote workers are required to protect the extension from the office to your home through a VPN connection.

I've used the solution for about three years.

The Check Point solution is very stable, however, the installation of JHF at least once a month is somewhat annoying since that could be interpreted as not being a stable solution.

In terms of scalability, my impressions have always been good since there is a lot of scalability in this service. For example, you can integrate several solutions to a centralized administration.

They have an excellent support team. They are fast and it is easy to escalate any situation.

Positive

We did not previously use a different solution.

The setup was straightforward.

We handle the implementation in-house.

We've seen a 40% ROI.

Despite the somewhat high cost, based on the blades, it is a reliable solution.

We didn't evaluate other solutions.

Check Point has provided us with a Check Point management server tool where we manage our Gateways. It helped us limit the applications, sites, and different actions that are part of the users' daily lives. We can limit with granularly the applications that users access.  

Segmentation is key. We managed to divide everything by department to be able to generate the security that each one requires. Now, managers have greater flexibility.

This product or feature included in our security admin has helped us a lot to be able to control our users. It helps us with effectiveness since users can use laptops correctly, being more productive.

It has also been possible to avoid modern threats that can enter and attack user equipment, servers, and the business network. These attacks would affect work continuity in addition to company data that could be affected.

The most important characteristic is granularity, which allows our teams to have different security profiles depending on the department to be protected.

There is also a list of applications pre-loaded in the systems to be able to have blocks or permissions to use different applications.

Finally, the licensing of our Check Point gateways, which are not licensed separately, provides an advantage.

Check Point licenses are somewhat expensive, in addition to the fact that it is difficult to validate their costs without a Check Point partner - which is why it is difficult to validate them.

Support is only available in the English language, which affects some regions where Check Point products will be used.

The SLAs of checkpoint products are sometimes not met since the cases created are sometimes attended to very late after opening them.                     

We have used this solution for at least five years in its different versions. It has helped us a lot with business security.

We have not previously used any product like this.

The costs should be reviewed with a partner of Check Point. As for the implementation, it is really simple.

Several proofs of concepts were carried out, and Check Point was the best.

This is an excellent product.

With the growing technological advances that the organization is having and the data that the company needs to protect is no longer just at the perimeter area. We also need to protect the applications that are being developed, and we need to develop, grow, and deliver tailored services for different companies. We have looked for a line of security that could contemplate establishing and securing each of the lines of fire that could possibly be attacked at the moment that we made available a new application and a new service for each user or customer. They have come to have great importance in our company.

Check Point Application Control has allowed us to integrate more capabilities by limiting the use of applications. Categories can classify things so we can segment each of the features to control granularity and integrate next-generation firewall security. This allows us to consolidate security controls by reducing the costs that the company will have to invest in when it comes to having Next Generation security. This is one of the best reasons why we have invested in solutions of this type because they give us the ability to have less expense with greater security, having first-world innovation and security.

Among the features that we have used, we like being able to identify the identity of the user who is doing transactions. Thanks to that, we have greater control, and management, and have the possibility of establishing limits and controlling each of the actions that the user will establish in the application. Based on the control and capabilities of the solution, we can say today that the added value and capabilities of its features make it the ideal security solution for any company.

Seeing the capabilities and features that we are using today, we can say that we could expect an additional feature that could allow us to integrate this management and even security with APIs. Establishing passwords, communicating, and all the traffic of command data services could be established through this type of connection, and we could take advantage of secure and stable connections. This gives us the possibility to establish, place and secure the data in a safer way.

The company has been around for about a year. For a few months, we have been implementing the solution to protect and control the issue of applications in the Next Generation firewalls.