What is our primary use case?
We primarily use the solution for protecting the network perimeter and monitoring incoming and outgoing packets. Over the years, the product has evolved significantly by inspecting HTTPS and IPS and having antivirus and anti-bot capabilities. It has been interesting to observe how Check Point keeps pace with global security challenges and addresses them efficiently through policies on CloudGuard gateways.
How has it helped my organization?
In addition to blocking attacks and protecting the network, we benefit from the visibility into the logs, the simplicity, and the accuracy of reaching the events. All the capabilities are inside the solution. Unlike its competitors, it does not require extra licenses. It is well-integrated and very detailed. We can pinpoint the details to minutes, seconds, or milliseconds, and see what is going on. We can also see smart events and smart reports with pictures, graphs, etc. Through a single pane, we can see how our network environment is behaving. We can see any changes in the attack patterns, the number of logs, or any new events, which may give insights into an attack going on. We can also see if a new application was released by DevOps teams without telling us.
A big benefit of Check Point is that the same policy can be installed on-premises, on the cloud, with Kubernetes, with Dockers, etc. It works on huge devices or gateways on the cloud. It can work with Azure, Google Cloud, and others. The SmartConsole view helps handle all the environments with a single policy which makes it very easy. It enables working with a small team. A small team of five to ten people is enough for a global, worldwide network.
What is most valuable?
I found the access control policy through SmartConsole, which was formerly SmartDashboard, to be very valuable. It deeply explores source, destination, and port protocols. Competitors struggle to match this simplicity and effectiveness. The evolution of HTTPS inspections, threat prevention, and autonomous threat prevention are commendable. The consistent interface across versions ensures familiarity despite minor tweaks, maintaining a long-standing valid approach.
The visibility provided through logs, charts, and graphs, without requiring extra licensing, is excellent.
What needs improvement?
I believe that presentations on artificial intelligence indicate that analyzing logs via SmartEvent and SmartLog Security Event Information Management can offer insights into emerging trends and potential next steps. By correlating logs related to BYOD, BYOL, and Shadow IT, it will become easier to manage and hopefully mitigate or understand risks.
For how long have I used the solution?
I have used Check Point solutions since NGX R65, which was a lot of years ago.
What do I think about the stability of the solution?
In my experience, recent versions with recommended jumbo hotfixes offer remarkable stability. There have been no unexplained reboots reported by customers.
What do I think about the scalability of the solution?
While working with a customer using 561k gateways, handling 140 gigabits of peak traffic was successful. After that, they changed the product but maintained the same big picture while enhancing throughput and scalability. Adding more devices to security groups is straightforward. The complexity managed by Check Point developers is amazing. Check Point developers in Israel are ninjas. They have built a complete solution with amazing throughput and details. With a few clicks, there is elastic and protected network growth.
How are customer service and support?
Sometimes I find that the VPN teams provide exceptional service, identifying issues promptly. Occasionally, ticket handling delays arise due to repetitive questions despite detailed notes. However, overall, my experience is positive, achieving a more than 75% success rate. Issues are eventually resolved through hotfixes or innovative solutions, supported by a robust knowledge base.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
As an integrator and partner, we have the opportunity to see how other products work. SmartConsole itself is an excellent idea, and the management aspect of Check Point products significantly differentiates them. However, my opinion will be biased because I have been working with Check Point products for a long time, but I find Check Point's approach more simple and integrated. We do not need several devices or appliances to do verification at various layers. A simple gateway can deliver everything and secure the network.
On the perimeter of the network, it works as an employee hired to allow or deny based on the policies. It is able to follow the rules. There is simplicity. The capability of SmartDashboard to create rules, receive logs back from the gateway, generate all those insights, and pinpoint the events is amazing.
Compared to open-source solutions, there is more than 95% security. It does not handle only access controls; it has the capability of deep packet inspection to see what is going on and have insights into the intention of the malicious activity.
How was the initial setup?
Its deployment model is a mix-and-match. Sometimes it is better to have it on the cloud because of the elasticity, but sometimes it is better to have it on-premises due to regulations. With the single configuration on SmartConsole, it can deploy policies on the cloud and on-premises. Some customers use Azure, and some use AWS. Having a Check Point solution makes them more comfortable because they know that it is a robust and mature product. It is not something built by a startup six months or one year ago.
I can set it up with my eyes closed, though typing the IP address is necessary. I am very comfortable handling initial client configurations and cabling. Although some view configuration as tedious, the results are satisfying once complete.
What was our ROI?
I believe that the return on investment largely revolves around network protection. An investment, such as 10,000 euros, aims to prevent costly outages or security breaches, which could be more expensive than the solution itself. Despite views on cost, the value lies in maintaining operational integrity with zero downtime or incidents, facilitating secure, ongoing business operations.
What's my experience with pricing, setup cost, and licensing?
As a partner and solution provider for the last fifteen years, I have distanced myself from specific numbers. However, customer trust in the product is evident due to its comprehensive protective capabilities. Centralized appliances have mitigated previous CPU usage concerns, thanks to multi-threading and processing enhancements. Correct sizing assures minimal CPU usage, even at high traffic levels.
What other advice do I have?
I would rate the solution a nine out of ten. A ten might impede progress. They might relax and stop the progress. They should keep doing a good job.
Disclosure: My company has a business relationship with this vendor other than being a customer. Partner