Check Point DDoS Protector Room for Improvement
It does not provide the capability to upload data for blacklisting/whitelisting in bulk. Rather, in cases where many IP addresses need to be blacklisted or whitelisted, either a single IP address has to be added or it needs to be done using a script.
It does not provide default server grouping such as default policy that can be enabled on a Web Server or Application Server IP address.
The dashboard is complicated.
It does not provide real-time traffic details; instead, it only provides logs for blocked traffic. During troubleshooting, a complete log file is required for forensics.
A PCAP file is not provided for individual IP, which is something that should be improved.View full review »
For a long time, there was no software version of R80.10 available for the Check Point DDoS Protector software appliances, and we had to stay on the quite outdated R77.30 version. I hope in the future, Check Point would release the relevant software version sooner.
In addition, it feels like there is no matching hardware platform in case we will need to switch from the "20" appliance. The next one available is "60", which is too powerful and much more expensive. We would prefer the systems to be modular, so the performance may be upgraded with some relatively cheap modules when there is a need.View full review »