Try our new research platform with insights from 80,000+ expert users

Check Point NGFW pros and cons

Vendor: Check Point Software Technologies

4.4 out of 5

324 reviews
96% willing to recommend

936 followers

Pros & Cons summary

Check Point NGFW provides robust security, including intrusion prevention and antivirus protection, with centralized management for seamless deployment. Its integration with cloud platforms enhances flexibility. Users highlight performance reliability in data centers, although technical support and pricing are concerns. Enhanced logging offers detailed threat insights. However, it lacks support for Apple MacBook Air, stability issues may occur, and antivirus updates need improvement. Buyers should consider these factors when evaluating Check Point NGFW.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.

Prominent pros & cons

PROS

Check Point NGFW has strong IPSec VPN capabilities that enhance network connectivity and security across different sites.

Its feature set includes advanced intrusion prevention and threat detection tools, helping prevent both known and zero-day threats.

The centralized management allows efficient handling of multiple firewalls from a single console, streamlining policy deployment and administration.

With excellent logging and monitoring capabilities, Check Point NGFW provides detailed logs and reports for effective troubleshooting and security assessments.

It offers scalability and robust architecture, catering to diverse security needs across various environments, including data centers and enterprises.

CONS

Check Point NGFW faces challenges with stability and frequent reboots are required.

Pricing is high, making it less affordable for mid-sized companies.

Technical support is slow and could be more efficient.

Licensing is complex and confusing due to multiple software blades.

Interoperability with third-party vendors is difficult, particularly for VPN setup.

Check Point NGFW Pros review quotes

PS

Pushkin Sawhney

Principal Network and Security Consultant at Vodafone

Sep 14, 2020

Check Point definitely has a great architecture, where you can just enable the software blades and deploy a secure service. Overall, it provides ease of deployment and ease of use.

Read full review

SV

Steve Vandegaer

Senior Engineer Security at NTT Security

Sep 6, 2020

The feature I like the most is their central management, the Smart controller which you can use to manage all the firewalls from one location... Being able to access almost everything in one location — manage all your gateways and get all your logs — for me, is the best feature to work with.

Read full review

BF

Senior IT Manager at a mining and metals company with 501-1,000 employees

Oct 9, 2020

The packet inspections have been a strong point. Our identity collectors have also been helpful. In many ways, Check Point has been a step up from our SonicWalls that we had in-house before that. There's a lot of additional flexibility that we didn't have before.

Read full review

Check Point NGFW

Free Report: Check Point NGFW Reviews and More

Learn what your peers think about Check Point NGFW. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.

859,687 professionals have used our research since 2012.

reviewer1425090

Network and Security Specialist at a tech services company with 51-200 employees

Sep 23, 2020

I love the interface of R.80.30. The R.80 interface is very nicely thought out with everything in one place, which makes Check Point easier to use.

Read full review

I.

Ifeanyi Onyiaodike

Network security engineer at Fidelity Bank

Sep 7, 2020

The most valuable feature for us is the VSX, the virtualization.

Read full review

AS

Technical Support Engineer at AlgoSec

Sep 6, 2020

The Anti-Spoofing has the ability to monitor the interfaces. Suppose any spoofed IP addresses are coming from an external interface, it won't allow them. It will drop that traffic. You have two options with the Anti-Spoofing: prevent or detect. If any kind of spoof traffic is coming through the external interface, we can prevent that.

Read full review

Director at Trend Micro

Jun 5, 2024

The solution's technical support is fine.

Read full review

reviewer1098015

Network Security Engineer/Architect at a tech services company with 1,001-5,000 employees

Sep 9, 2020

The most valuable features are the security blades and the ease of managing the policies, searching log for events, and correlating them.

Read full review

Network & Systems Administrator I at Department of Mental Health

Sep 2, 2020

The simplicity of the access control is the most valuable feature for us. It gives us the ability to easily identify traffic that is either being allowed or denied to our network.

Read full review

KK

Network Associate at a wireless company with 1,001-5,000 employees

Feb 17, 2021

We have between five and ten firewalls on-premises, and if we want to configure or push the same configuration to all of the firewalls, then the centralized management system is very helpful.

Read full review

Show 10 more reviews (out of 317)

Check Point NGFW Cons review quotes

PS

Pushkin Sawhney

Principal Network and Security Consultant at Vodafone

Sep 14, 2020

The area it needs improvement is the SandBlast Agent. It receives a file, or if it detects a Zero-day attack, it takes the file and analyzes it, either on-premise or in the Check Point Cloud, and then it reports back whether the file is secure or non-secure, or is unknown. That particular area definitely needs a bit more improvement, because there is a delay... where it needs improvement is where [SandBlast is] an appliance-based solution rather than a software or cloud-based solution.

Read full review

SV

Steve Vandegaer

Senior Engineer Security at NTT Security

Sep 6, 2020

The biggest improvement they could make is having one software to install on all three levels of their products, so that the SMBs, the normal models, and the chassis would all run the same software. Now, while there is central management, everything that has to be configured on the gateway itself works differently on the three kinds of devices.

Read full review

BF

Senior IT Manager at a mining and metals company with 501-1,000 employees

Oct 9, 2020

The VPN setup could be simplified. We had to engage professional services for that. That's not a problem, but compared to other products we've used, it was a little more complex.

Read full review

Check Point NGFW

Free Report: Check Point NGFW Reviews and More

Learn what your peers think about Check Point NGFW. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.

859,687 professionals have used our research since 2012.

reviewer1425090

Network and Security Specialist at a tech services company with 51-200 employees

Sep 23, 2020

The naming in the inline layers and ordered layers needs improvement. It makes things very complicated. I've seen quite a lot of people saying that. For audit policies, it is okay since it's very simple to see. However, this area is for very large organizations, which have too many policies, and they need to share all these policies. For small to medium-sized businesses, they don't need it. Even if somebody has 500 rules, if they try to use it, it can be very confusing.

Read full review

I.

Ifeanyi Onyiaodike

Network security engineer at Fidelity Bank

Sep 7, 2020

The VPN part was actually one of the most complex parts for us. It was not easy for us to switch from Cisco, because of one particular part of the integration: connecting the Check Point device to an Entrust server. Entrust is a solution that provides two-factor authentication. We got around it by using another server, a solution called RADIUS.

Read full review

AS

Technical Support Engineer at AlgoSec

Sep 6, 2020

For the user or anyone else who is using Check Point, they are more into the GUI stuff. Check Point has its SmartConsole. On the console, you have to log into the MDS or CMS. Then, from there, you have to go onto that particular firewall and put in the changes. If the management console could be integrated onto the GUI itself, that would be one thing that I would recommend.

Read full review

Director at Trend Micro

Jun 5, 2024

If you check each and every point from this part, you will find some flow in an area, or you will discover another flow in another area.

Read full review

reviewer1098015

Network Security Engineer/Architect at a tech services company with 1,001-5,000 employees

Sep 9, 2020

Debugging is very complex when compared to Fortinet, for example. That's the worst thing about Check Point. The deployment of the solution is harder than it is with the competitors. But after you've deployed it, the operation is easy.

Read full review

Network & Systems Administrator I at Department of Mental Health

Sep 2, 2020

I would like there to be a way to run packet captures more easily in the GUI environment. Right now, if we want to read packet captures, we have to do so from the command line.

Read full review

KK

Network Associate at a wireless company with 1,001-5,000 employees

Feb 17, 2021

The level and availability of training should be improved.

Read full review

Show 10 more reviews (out of 316)

Related questions

74

How does Check Point NGFW compare with Fortinet Fortigate?

133

Is Palo Alto Networks NG Firewalls better than Check Point NGFW?

32

Which would you recommend - Azure Firewall or Check Point NGFW?

19

Is Check Point's software compatible with other products?

63

What do you recommend for a corporate firewall implementation?

86

Comparison of Barracuda F800, SonicWall 5600 and Fortinet

411

Sophos XG 210 vs Fortigate FG 100E

122

Which is the best network firewall for a small retailer?

121

When evaluating Firewalls, what aspect do you think is the most important to look for?

38

Cyberoam or Fortinet?