Check Point IPS Reviews

Initially, the requirement was just to have a stateful inspection firewall to control traffic entering our network. Later, we needed deep packet inspection to look into packets deeply to identify any kind of malicious content. This led us to start using Check Point IPS to have visibility across all the seven layers of traffic entering the network.

The solution is consumed by our SOC to ensure we have visibility into traffic entering our network. With IPS's logs, we began to get a lot of visibility into the type of traffic flowing into our network. It fulfills our SOC's need and has become our standard for deep packet inspection, which is easy to deploy.

Check Point IPS is very easy to configure. It's part of Check Point's blade architecture, where firewall, VPN, and IPS configurations are identical, making the learning curve minimal. The feature can be enabled with a straightforward process, allowing default or customized configurations.

From the product perspective, there have been instances where the signature download caused issues. However, it happened only once, and some QA is needed on signatures. Overall, the product is robust.

I have had experience with Check Point IPS for ten years now.

The stability of the solution is excellent. There haven't been any issues after enabling certain features, and it hasn't caused outages in traffic. During certification, we considered exceptions to avoid IPS inspection for legit traffic.

Scalability depends on hardware platform certification. Check Point's Maestro solution allows up to thirty-four firewalls in a load-sharing configuration. Properly sizing the appliance for IPS makes it a scalable solution.

Customer service is a significant drawback. Support is challenging during weekends, and support personnel often require unnecessary details, slowing resolution processes.

Positive

We use both Check Point and Palo Alto. Palo Alto is more expensive, with a front-end focused design lacking on the CLI. Check Point provides flexibility with Linux commands, reducing deployment hassle.

Setup is straightforward, rated as ten on a scale of one to ten. Configuration involves enabling the IPS feature and publishing changes, identical to setting up a firewall.

Three engineering team members worked on solution certification. The operations team, supported by four to five people, ensured deployment across global firewalls during limited change windows.

The solution fulfills the SOC's need for visibility and easy deployment of deep packet inspection, with no operational impact reported.

As a global customer, we receive decent discounts and expand our infrastructure using the solution. There have been no pricing issues.

We also evaluated Palo Alto and previously worked with Juniper long ago. Palo Alto has a steeper learning curve with proprietary terms not aligned with industry standards. Check Point follows standard conventions, simplifying deployment.

Check Point IPS is a preferable solution for its price, stability, and deployment ease compared to more complex solutions.

Check Point IPS was implemented two years ago to protect our infrastructure from threats.

It began by being implemented in local environments with a reduced staff to carry out the corresponding tests and not cause a total company blockage. Once the tests were over, we gradually extended to different departments. We began to use Check Point IPS to be able to provide security of Internet to users using the IPS and anti-virus anti-bot modules, we also apply them to invite us to enter the company and thus monitor outgoing Internet traffic and thus avoid malicious users. Prevention and detection are one of the most valuable pillars of security.

This tool has allowed us to obtain complete reports of the applications' vulnerabilities, which helps us remedy these vulnerabilities presented by the organization. 

It helped us a lot to monitor the internal traffic keeping monitored each server or user that enters the platform in this way Check Point IPS. It has allowed us to proactively reduce any incorrect configuration of network access that results from delegation. 

One of the points where Check Point needs to improve is in the support they offer, since there we have had a few inconveniences.

The implementation of Check Point IPS brought a lot of value to our organization with all the characteristics that the tool shows, starting with great visibility in a single dashboard, which makes it much better. You don't have to go through different tabs. 

Another feature is that it allows you to create multiple rule profiles. We can block directly from the outside without waiting to look at the logs.

With these and other features, Check Point IPS manages risk categories very well and accordingly helps us protect each of our devices in real-time.

It is always important to be improving the product to be at the forefront of technology. 

One of the improvements that would be good is to improve the latency in the portal. When entering, it always takes a long time to load. Also, when the tool is already running, you feel a slight decrease in performance.

The application has many facilities when using the tool. The configuration of each of the policies should have filters. 

We need to be able to understand and detect each of the vulnerabilities.

This solution has been used for approximately two year in the company.

It's very stable. We never had any issues of it stopping to work. It's been very stable.

We have not observed any significant performance impact on the firewall gateway by enabling the IPS module.

The Check Point engineer we dealt with during setup had a lot of experience. His working knowledge helped us with the implementation.

Positive

It is the first time that we've implemented a tool of this type.

We implemented the product in-house with the aid of support as part of a POC.

A Check Point engineer who had a lot of experience helped us with the implementation.

We implement the product internally with the help of support.

Attacks are prevented and detected based on severity, helping our organization eliminate compromising attacks. When making an investment with these tools, you are taking care of an important aspect that will double your profits.

With Check Point, the IPS license could be included with the firewall product. Therefore the cost of the license is not huge.

Other solutions were not evaluated. We have always worked with Check Point products.

One piece of advice is to have the latest database. You want to be protected against the latest attacks.

The integration is a valuable feature.

The solution’s deployment could be easier.

I have been using Check Point IPS for three years.

There was no issue with the solution’s stability.

The solution is scalable.

We ask about issues with the technical support.

Positive

The initial setup is not easy. You have to configure the same type of menu for each channel and send it to the portal. You can verify the name from your website.

Check Point IPS is a brand and solution for protection.

Overall, I rate the solution a nine out of ten.

I use Check Point IPS to prevent attacks, such as malware, spyware, and any other malicious activity.

What I like best about Check Point IPS is that it can prevent attacks. I also like that it has a log feature.

The hardware-based version of Check Point IPS could be more scalable. Right now, it's not scalable.

I've been working with Check Point IPS for two to three years.

Stability-wise, Check Point IPS is eight out of ten.

Check Point IPS is a scalable solution if it's cloud-based, but if it's hardware-based, it isn't scalable. Scalability-wise, it's a six out of ten.

The Check Point IPS technical support is excellent portal-wise and callback-wise, so it's a nine out of ten.

Positive

Setting up Check Point IPS is straightforward.

Before I deploy Check Point IPS, I'll put it on IDS mode, and then I'll see the current user activity, any malicious activity, and the logs. I then switch to the IPS mode.

You can pay for Check Point IPS yearly, or you can go with a three-year license. There's no extra cost apart from the standard licensing fee.

My company has two hundred users of Check Point IPS.

I recommend Check Point IPS to others because it's scalable, reliable, and easily managed by all users.

My rating for Check Point IPS is eight out of ten.

We are using Check Point IPS for the detection and prevention of threats for our PCI firewalls where it's mandatory to use it.

The most valuable feature of Check Point IPS is the management of devices and policies.

Check Point IPS' main problem is it is mostly software based. The performance is dependent on the CPU power, and the limited number of patterns.

I have been using Check Point IPS for over five years.

Check Point IPS is stable.

The stability of Check Point IPS depends on too many factors. It always depends on the usage and the traffic. However, we did not have any issues with scalability.

We have approximately 40 to 50 people involved in using Check Point IPS, such as the firewall and IPS managing teams.

We have onsite engineers from the Check Point IPS directly on our site.

I rate the support from Check Point IPS a four out of five.

Positive

The initial setup of Check Point IPS is straightforward because there are security profiles with default recommended configuration. However, these were beneficial at the time when produced but they are not that helpful anymore. 

It can take some time to do verification because there are some protocols where you know that there could be problems. For example, for some of the sharing features, you have to be careful. Those there are the profiles you can use for the setup, you do have to do a lot of manual work to have everything work correctly.

I rate the setup of Check Point IPS a two out of five.

We did the implementation of Check Point IPS in-house.

There is a license needed to use the Check Point IPS which is not expensive. However, the Check Point IPS device is expensive.

We are replacing the IPS from Check Point with a different solution, which is related to the IPS functionality. The reason for the replacement is because Check Point IPS are at their end of life and are not creating or not using the security policy for the traffic, it mostly acts as an IPS.

We are planning on using Trend Micro. It will be better because there will be a dedicated device that is doing only the IPS. The performance will be better and it has a larger number of patterns updated weekly.

I have a very long and extensive experience with the Check Point ISP. It is a good solution, but sometimes it's causing issues, but it's a general problem for all the networks and security devices.

I rate Check Point IPS a nine out of ten.

The company needed to improve its compliance with traffic risk management before all the company employees went full WFH. 

This has turned into a more efficient operational control of internal traffic, where numerous threats had been identified while working in the office as most malware is somehow admitted by someone with access to the company network, either unintentionally or not. This actually drove revenue growth as fewer resources had to be spent from the IT department to fight cyber threats.

We've seen how this firewall has operated on real-time threats to both cloud and physical servers by detecting, neutralizing, eliminating, and then patching against malware. 

We can test these patches post-deployment in less than one day. We'll then generate reports that include the activity for the time we desire and gauge the performance of the software. 

From all this data, the IT department can determine future precautions, what kind of traffic will be blocked, and what users will be restricted.

We've been able to monitor all the devices in the network after activating and configuring the software blades. This shows us who's connected and who's not and how many disconnections there have been. 

The firewall picks up malware traces that may have affected other users and networks and notifies when a particular site has been the source of infection. 

There's less admin burden to detect these threats as Check Point IPS will do it all for you and suggest the best preventive actions to protect the network.

When exceptions need to be done for certain profiles, it is easy to get them done, however, implementation on some general ones may cause some extra work as the IPS is not easy to overwrite. 

There are updates that have been scheduled that have been delayed more than expected, which impacts the performance of the firewall when the traffic is high. This can cause false positives and release alerts for harmless traffic, which results in a deviation of the attention from the security administrator when it's not relevant.

We've used Check Point's complete protection package for our network for more than two years.

We primarily use Check Point to provide visibility into our network. It lets us see the east-west traffic, and it gives us a lot of information to work on as far as what kind of traffic was passing through.

Overall, it give me a lot of insight into my network that I didn't have before.

It lets us know about anomalous behavior and it provides alerts regarding activity on certain ports. It lets me decide, for example, whether something is a valid connection, or causes me to question why a certain port is open.

The pain point that I have with this solution is contacting technical support.

I have been working with Check Point IPS for more than a year.

Stability-wise, this product is great.

The scalability comes from the fact that this is an on-premises device that ties into a cloud service. It's a hybrid application. Once you have it installed, it's collecting information. You put it right there in front of your input into the network, and it picks up all of the traffic.

Sometimes, technical support takes a long time to get back to you.

I used Check Point Endpoint Security, as well as the Network Detect and Response (NDR) appliance.

I am currently using Darktrace and Vectra in addition to Check Point. I've been using all three and I find that Check Point is the one where I get the most information from. I will stop using Vectra this year but I will retain Darktrace, as long as they keep it at a certain price.

Darktrace takes a lot more configuration; unlike Check Point, there are a lot more changes that need to be made. When it's fully integrated, it requires a lot of time and it may end up being as useful as the Check Point.

The reason I keep all three is because they all give me a different kind of view. They all give me different information. If they gave the same information, it'd be useless to keep them.

With respect to similar security products, I have demoed CrowdStrike, worked with Symantec, and am also using Check Point.

Check Point was fairly usable out of the box.

I am using an on-premises appliance that ties into a cloud service.

Pricing for this solution is negotiable and I'm happy with our pricing.

I suggest negotiating either at the end of their fiscal year or at the end of every quarter. At the end of the quarter, they have an incentive to lower the prices to sell as many units as possible in order to meet their end-of-quarter quota.

If I could only keep one of my security solutions, it would be Check Point. To me, it provides the most valuable information.

I would rate this solution a nine out of ten.

The Check Point Intrusion Prevention System can block traffic from any source workstation inside our local network and facilitates the analysis of outbound traffic to check if there is any risk in the internal network in order to protect our clients and servers. With this product, we're creating a secure zone. We currently are using this blade in our hybrid environment and it's integrated with our secure gateway. Most of the time, our NOC team continuously monitors traffic in order to find any suspicious activity.

Now that the Check Point Intrusion Prevention System has improved our environment, we feel that we are more protected in our network. By implementing the recommendations that Check Point has given us, we have an optimal security environment now that provides almost real-time detection and prevention. We are protected by the Intrusion Prevention System and can go back and select any period or severity in order to display the latest statistics.

Check Point Intrusion Prevention System has great profiles, and we can continuously create, modify, activate, deactivate or configure any specific setting to allow the profile to focus on just one thing or for certain attacks. I also like that profiles can be applied to groups of workstations that need to be more protected from possible attacks. Each profile that we create has activated protections and some instructions of what the IPS should do with the traffic.

At the moment, I do not see what else can be added to this service. In my experience, I've seen that it has what we need without something additional being required. 

It is easy to use, easy to configure, and practically updates itself without the need to intervene as an administrator of the appliance. We are happy with this platform since it allows us to have security and control over the connections almost in real-time. There are many different services that Check Point Intrusion Prevention System has that are quite useful.

I've been using the solution for about four years.

I've found the stability to be good.

The scalability is great.

Technical support has been great,

Positive

I did not previously use a different solution.

The initial setup was not complex. 

We handled the implementation process in-house.

I've witnessed a 40% ROI.

The cost is a bit high but it is worth it.

I did evaluate other options before choosing Check Point.

So far, I have no regrets about choosing this solution.