Check Point IPS Reviews

We use the Check Point IPS for intrusion prevention. It was installed inline. This solution enabled us to stop all threats and intrusion activities across the data center. The IPS uses a signature-based approach to control traffic, allowing only authorized traffic to flow outside. However, it can also identify the traffic behavior and enforce the policy based on that behavior, protecting against even new and unknown threats.

The docking of the IPS engine can be improved.

I have been using Check Point IPS for three years.

The product is stable.

I rate the solution’s stability an eight out of ten.

I rate the solution’s scalability a five or six out of ten.

Technical support is awesome.

I’ve used Cisco. It is very hard to configure and manage the day-to-day operation. It was entirely controlled by the CLI, like the command line interface. Compared to Check Point, it was wholly managed using the GUI. We can finetune and customize the signature. This feature is available in the Check Point.

The initial setup is not so difficult. It takes two and a half months to complete.

I rate the initial setup a six out of ten, where one is difficult, and ten is easy.

I recommend using the out-of-path installation of this tool. Then, find the desired signature and fine-tune the exception based on your specific environment, including the port involved. Once done, bring the tool line into the traffic. Finally, enable the signatures one by one instead of relying on a single group containing older signatures.

The solution has the inherent complexity of managing IT infrastructure and configuring Check Point IPS. The Signature Management requires manual customization to adapt to your network traffic conditions. Building and customizing signatures is a complex and demanding task.

Overall, I rate the solution a seven out of ten.

We primarily use Check Point to provide visibility into our network. It lets us see the east-west traffic, and it gives us a lot of information to work on as far as what kind of traffic was passing through.

Overall, it give me a lot of insight into my network that I didn't have before.

It lets us know about anomalous behavior and it provides alerts regarding activity on certain ports. It lets me decide, for example, whether something is a valid connection, or causes me to question why a certain port is open.

The pain point that I have with this solution is contacting technical support.

I have been working with Check Point IPS for more than a year.

Stability-wise, this product is great.

The scalability comes from the fact that this is an on-premises device that ties into a cloud service. It's a hybrid application. Once you have it installed, it's collecting information. You put it right there in front of your input into the network, and it picks up all of the traffic.

Sometimes, technical support takes a long time to get back to you.

I used Check Point Endpoint Security, as well as the Network Detect and Response (NDR) appliance.

I am currently using Darktrace and Vectra in addition to Check Point. I've been using all three and I find that Check Point is the one where I get the most information from. I will stop using Vectra this year but I will retain Darktrace, as long as they keep it at a certain price.

Darktrace takes a lot more configuration; unlike Check Point, there are a lot more changes that need to be made. When it's fully integrated, it requires a lot of time and it may end up being as useful as the Check Point.

The reason I keep all three is because they all give me a different kind of view. They all give me different information. If they gave the same information, it'd be useless to keep them.

With respect to similar security products, I have demoed CrowdStrike, worked with Symantec, and am also using Check Point.

Check Point was fairly usable out of the box.

I am using an on-premises appliance that ties into a cloud service.

Pricing for this solution is negotiable and I'm happy with our pricing.

I suggest negotiating either at the end of their fiscal year or at the end of every quarter. At the end of the quarter, they have an incentive to lower the prices to sell as many units as possible in order to meet their end-of-quarter quota.

If I could only keep one of my security solutions, it would be Check Point. To me, it provides the most valuable information.

I would rate this solution a nine out of ten.

The primary use cases include application security control, comprehensive security management, and proactive protection against a wide range of threats. It serves as a crucial component for safeguarding applications and ensuring overall security effectiveness. It contributes to proactive protection and plays a pivotal role in firewall protection strategies.

The focus is on safeguarding the departmental environment, and it is effectively fulfilling its role in environmental protection.

It offers robust protection with features such as Next Generation firewall capabilities, mobile solutions, and proactive threat prevention.

Enhancements are necessary for the proficiency of notifications in the event of a Social Security incident, whether through email or alternative channels such as SMS.

I have been working with it for ten years.

It offers excellent stability. I would rate it ten out of ten.

I would rate its scalability abilities nine out of ten. Currently, 1,800 users within our organization actively use it.

I would rate its customer service and support nine out of ten.

Positive

The initial setup can be somewhat intricate, involving coordination with the OEM and service provider. I would rate it a six out of ten.

For the deployment, we conducted a refresh last year, which took approximately two to three weeks to complete. It is essential to have at least two individuals involved in the process, with one requiring additional expertise. This team typically consists of a Check Point specialist, an expert, and an administrator.

The pricing is quite reasonable.

It is highly efficient and it provides a mobile solution for various devices, including cell phones and iPads, catering to mobile workflows. The system is not only efficient but continually improving. I would certainly recommend it. Overall, I would rate it eight out of ten.

Check Point IPS was implemented two years ago to protect our infrastructure from threats.

It began by being implemented in local environments with a reduced staff to carry out the corresponding tests and not cause a total company blockage. Once the tests were over, we gradually extended to different departments. We began to use Check Point IPS to be able to provide security of Internet to users using the IPS and anti-virus anti-bot modules, we also apply them to invite us to enter the company and thus monitor outgoing Internet traffic and thus avoid malicious users. Prevention and detection are one of the most valuable pillars of security.

This tool has allowed us to obtain complete reports of the applications' vulnerabilities, which helps us remedy these vulnerabilities presented by the organization. 

It helped us a lot to monitor the internal traffic keeping monitored each server or user that enters the platform in this way Check Point IPS. It has allowed us to proactively reduce any incorrect configuration of network access that results from delegation. 

One of the points where Check Point needs to improve is in the support they offer, since there we have had a few inconveniences.

The implementation of Check Point IPS brought a lot of value to our organization with all the characteristics that the tool shows, starting with great visibility in a single dashboard, which makes it much better. You don't have to go through different tabs. 

Another feature is that it allows you to create multiple rule profiles. We can block directly from the outside without waiting to look at the logs.

With these and other features, Check Point IPS manages risk categories very well and accordingly helps us protect each of our devices in real-time.

It is always important to be improving the product to be at the forefront of technology. 

One of the improvements that would be good is to improve the latency in the portal. When entering, it always takes a long time to load. Also, when the tool is already running, you feel a slight decrease in performance.

The application has many facilities when using the tool. The configuration of each of the policies should have filters. 

We need to be able to understand and detect each of the vulnerabilities.

This solution has been used for approximately two year in the company.

It's very stable. We never had any issues of it stopping to work. It's been very stable.

We have not observed any significant performance impact on the firewall gateway by enabling the IPS module.

The Check Point engineer we dealt with during setup had a lot of experience. His working knowledge helped us with the implementation.

Positive

It is the first time that we've implemented a tool of this type.

We implemented the product in-house with the aid of support as part of a POC.

A Check Point engineer who had a lot of experience helped us with the implementation.

We implement the product internally with the help of support.

Attacks are prevented and detected based on severity, helping our organization eliminate compromising attacks. When making an investment with these tools, you are taking care of an important aspect that will double your profits.

With Check Point, the IPS license could be included with the firewall product. Therefore the cost of the license is not huge.

Other solutions were not evaluated. We have always worked with Check Point products.

One piece of advice is to have the latest database. You want to be protected against the latest attacks.

This tool seals any loopholes that could be detected by ransomware attackers and may lead to data loss. It has protected the organization from potential vulnerabilities affecting operations and the slowdown of workflows. It ensures that the applications are performing efficiently based on the set objectives. It delivers many signatures that enable teams to ascertain the security situations in various departments. It saves the organization a lot of costs since it is less costly and more powerful than many versions in the market.

Digital transformation has been efficient and productive thanks to the operation of this great product. After the implementation of IPS, there is increased production, and teams can easily focus on more productive tasks without fear of being attacked by cybercriminals. We have accelerated operations with the modern data management models that come with this application. It is easy to detect threats in advance and plan effectively how to eliminate them. Our organization has been secure since we deployed this tool without cases of external attacks.

Most features in this platform have been of great importance in the organization. The unified system controls the security situation in any system, reducing the total cost of ownership. Real-time protection has blocked most threats that could affect system operations. It can detect and prevent the entry of known and unknown data vulnerabilities. 

The customer support services are efficient and have always helped us achieve most goals. The platform provides continuous cyber security reports that enable us to plan and make informed decisions.

The set features have played important roles in transforming the organization to meet the basic security standards. 

The cost is high. That said, depending on the company's size, there can be a mutual agreement for efficient licensing terms. We are satisfied with the set performance parameters that have enhanced the smooth running of workflows. 

The team should focus more on timely updates and configuration processes that sometimes may fail. I like the performance of this product and the achievements we've made so far.

I've used the solution for eight months.

It is stable, and I recommend it.

I am impressed by the performance.

The customer support staff is always supportive.

Positive

I have not used a different solution.

The initial set up was not complex.

Implementation was done through the vendor.

There is increased ROI.

The setup cost is good.

I have not evaluated other options.

The security measures are effective and I'd recommend the product to companies seeking great performance.

One of the needs that we had within our organization was the need to solve and support the prevention of zero-day attacks or vulnerability attacks within the network. We needed to be as proactive as possible to focus on solving any incident or gap that could be opened in the future within our organization. With this product, we were able to implement IPS solutions. IPS gives us the ability to detect and be proactive against many attacks - even if they are very new. The solution can detect old and new signatures. 

Check Point IPS services give our organization peace of mind. We know that the solution will be running and constantly updated thanks to the integrated Check Point services. It ensures stability. We have a solution that covers us all the time, day and night. In the configuration process, the solution has provided us with detection regarding what is stable. It is scalable and will allow us to grow according to the demand and the need. The service is well-maintained and functional.

The solution with the most organizational value is its 360° view, which has allowed us to integrate it well and speed up the view of records. It is dedicated 24/7 to detecting any attack. Vulnerabilities or incidents be flagged. It has the capability to give us alerts and offers good productivity to ensure that the services and data of our organization are always secured. 

Some of the features for views and visualization are already predefined as default files. This helps us to be proactive and not have to define any search or specialty of the services.

The service that we want to see in the future is a capacity to segment the IPS services by equipment. We'd like to see the integration of the communication of the services in the next-generation firewall and the other solutions that it has, such as Harmony. It would be great if they could start creating interoperability with both technologies. Integrating these solutions with the lighthouses could generate more complex and complete interoperability. That said, we'd want the solutions to be acquired and administered as one solution. 

We have been using the service for about two months.

They are one of the blades that we get to try or use more when we start using Check Point Firewall products. They give us the power of protection and security accompanied by other characteristics and solutions that together become the best in the market. It's uniting all that computing power with the cloud and thus giving organizations greater peace of mind and closing our security gaps in applications or services. Something that we love is that it can be enabled in any gateway, and therefore that saves us implementation time. 

It came to help us in many ways. The most outstanding was being able to have broad visibility and being able to make threats visible in real time. We are able to integrate it with smart events, which allows us at the SOC level to have a complete and reliable panel that saves time for security in visualizing and responding to events of this nature. 

Among its great features is the ability to detect outgoing malware or extraction of compromised data and stop it, thus safeguarding us by isolating the network, the equipment, or the identity of the affected users. 

The IPS feature is available in all appliances that we are going to use as a firewall, and that is how we have a blade that helps at all times. We have both a firewall and also a complete solution with multiple new-generation features that can be physical or virtual and where more advanced analytics can be integrated, for example, in the Infinity Check Point cloud. Among those characteristics is its coverage of updates in real-time and constantly. This is done without an administrator's intervention. 

What I want as a new feature is to be able to bring these solutions to public clouds. However, today, we can do this. We are taking our datacenters, these next-generation places. These technologies evolve at an unparalleled pace. This solution will soon be in mobile services, and it is here that the new equipment management lines will be managed in the future. We want the solution to continue to move towards cloud-based and portability focused for telecommuting users. 

I've used the solution for about two years.

We deployed the Check Point 6300 series firewall for protection of our internal and external servers, and various in-out traffic as well. 

We have Windows-based servers, Linux-based servers, and other appliances which are connected through a Check Point firewall. These devices have many vulnerabilities. To secure our infrastructure we activated the IPS Blade on the Check Point firewall.

The IPS has helped us to block many known and zero-day attacks on our network. IPS is one of the best solutions from Check Point firewall

Check Point IPS has helped us to prevent attacks on our servers and user traffic as well. We have many Windows-based servers has many vulnerabilities. After Check Point IPS is implemented, we blocked those signature-based attacks on our network. Many times I found logs, and IPS has blocked many windows-based signature attacks.

We scheduled IPS updates as per our IT policy and new signature updates are set to monitor mode until a particular period to avoid conflicts after checking the behavior we set back to prevent mode.

The switch IPS prevent and monitor mode is a good feature that helps us to avoid any unnecessary impacts on our network.

It is simple to activate, configure, implement and assign profiles and rules to security gateways.

The Check Point IPS database is huge. Signature updates are satisfied. Every two hours, the database receives an automatic update that keeps it current and protects against zero-day vulnerabilities.

IPS logs enable complete visibility and reporting through the smart console. This was a big help to us.

I am pleased with it as it seems to be in order. I don't have much to say, however, there were a few things I noticed about the behavior of the Check Point IPS.

First, sometimes I have issues with scheduled IPS updates.

The impact on performance when opening the IPS blade is challenging while the firewall is operating under severe demand is the second, which is pretty common. I only note it here. 

There is no standalone IPS appliance available. Only the IPS blade needs to be enabled on the security gateway that Check Point provides.

I've used the solution for more than two years.