Monitoring and reporting are the things that can be introduced in the future. For DDoS protection, it works fine. It takes some time to get all parameters correct for some parts of the traffic, such as DNS and HTTP, but when those parameters are set correctly, it works fine. So, when it comes to DDoS protection, all the basic functions work fine, but its reporting capabilities aren't that good. They can be improved in the future.

Check Point's support for DDoS Protector is not so good.

It does not provide the capability to upload data for blacklisting/whitelisting in bulk. Rather, in cases where many IP addresses need to be blacklisted or whitelisted, either a single IP address has to be added or it needs to be done using a script.

It does not provide default server grouping such as default policy that can be enabled on a Web Server or Application Server IP address.

The dashboard is complicated.

It does not provide real-time traffic details; instead, it only provides logs for blocked traffic. During troubleshooting, a complete log file is required for forensics.

A PCAP file is not provided for individual IP, which is something that should be improved.

Check Point DDoS Protector does not provide the ability to upload data for the blacklist/whitelist in bulk, which is one of the big points that need to be improved to facilitate configurations. 

Another point of improvement is that they should provide more details of the traffic in real-time. To be able to have more detail would be ideal. 

Also, it takes a long time to generate an update of the software version of R80.10. They should be generating updates a little more often to improve the tool since day by day everything is changing in security.

Currently, two of the things that I would like would be applications for Android and IOS where we can follow the events, and, if necessary, make changes. With teleworking and new emerging technologies, we must point to these new work dimensions. The solution must be one of the pioneers in solving new capacities in our day-to-day management. That is why I would like these characteristics to be considered for future designs. We'd like a simple mobility and management strategy.

The solution should greatly improve its interface. It could be a little more intuitive, easy to use, and improve some cracks in the interface to make it a little faster when loading. That said, it really is a solution that has allowed us to improve in guaranteeing efficiency against denial-of-service attacks. It's really very good in general. 

On the other hand, the topic of remote assistance or support is one of those that we need to also be available in Spanish. Today, many of the technicians who attend to us from the manufacturer are only able to communicate in English. 

The mitigation part could be improved. The capacity of the application layer needs to be better. Although it is one of the layers that are included, attacks at the application level should be improved if it is directed at a specific application or service instead of an underlying infrastructure below that number of layers. DDoS attacks generally indicate malicious situations attempting to exploit vulnerabilities in the application or service, which can lead to resource overload and service interruption.

For a long time, there was no software version of R80.10 available for the Check Point DDoS Protector software appliances, and we had to stay on the quite outdated R77.30 version. I hope in the future, Check Point would release the relevant software version sooner.

In addition, it feels like there is no matching hardware platform in case we will need to switch from the "20" appliance. The next one available is "60", which is too powerful and much more expensive. We would prefer the systems to be modular, so the performance may be upgraded with some relatively cheap modules when there is a need.

Check Point DDoS does not escape support issues; it is sometimes difficult to implement. You require support from your partner or Check Point support.

We would like this tool could also be cloud-based. Physical devices have a greater tendency to fail, which is why we would also like to have an improvement to a virtual device.     

It is an expensive tool for some companies. It would also be good to have an improvement in cost level and increase competition against other tools from other manufacturers.

The areas where the Check Point manufacturer in general needs to improve, including:

1-The support can provide improvements in the efficiency of the solution of cases, improvements in response times, and more hours of attention to be able to provide users with a more robust security service.

2- The public documentation is a detail that must be improved in order to have greater implementations with the best practices in this case of the Check Point manufacturer. Some found publicly are a bit advanced or the same result is not achieved in the implementation icon.

Some features are more advanced, however, using them is hard for us. The documentation is not as precise and does not have enough examples to understand how it works.

Advanced knowledge is required to be able to solve problems, otherwise, you need to hire support.

The Check Point support language is only in English. It creates problems for companies in Latin America that may not speak English as a first language.

Check Point should develop a DDoS solution because they don't have one and we need to use another solution, in our case, Imperva. This is a problem because we need to have two firewalls. We would like to only have one solution because it would improve the management, we would have fewer incidents, and we wouldn't need to talk to more than one person for support.