Try our new research platform with insights from 80,000+ expert users
IT Manager at Gainwell Technologies
User
Easy to use and manage with helpful support
Pros and Cons
  • "Check Point NGFW has helped us to significantly reduce our risk of cyberattacks by providing comprehensive protection against a wide range of threats, including malware, viruses, ransomware, phishing attacks, and zero-day threats."
  • "It can be expensive, especially for small businesses."

What is our primary use case?

Check Point NGFW is a critical component of our security infrastructure. It provides comprehensive next-generation firewall (NGFW) security for our perimeter and DMZs, protecting us from a wide range of cyber threats, including malware, viruses, ransomware, phishing attacks, and zero-day threats.

Check Point NGFW uses a variety of advanced technologies to protect our network, including intrusion prevention, application control, and threat intelligence. It is also able to detect and block sophisticated cyberattacks that traditional firewalls cannot.

How has it helped my organization?

Check Point NGFW has helped us to significantly reduce our risk of cyberattacks by providing comprehensive protection against a wide range of threats, including malware, viruses, ransomware, phishing attacks, and zero-day threats. 

It has also improved our network performance and reliability by optimizing traffic flow and reducing latency. 

We are confident that Check Point NGFW will continue to protect our network from the latest cyber threats due to its advanced security features and its team of experts who are constantly monitoring and updating the product.

What is most valuable?

As a security professional with over ten years of experience, I've seen firsthand the devastating impact that cyberattacks can have on organizations of all sizes. That's why I'm so passionate about using the best possible security solutions to protect my clients.

One of my favorite security solutions is Check Point NGFW. It provides comprehensive protection against a wide range of cyber threats, including malware, viruses, ransomware, phishing attacks, and zero-day threats. It is also designed to deliver high performance even in the most demanding environments, and it can be scaled to meet the needs of organizations of all sizes.

I've also found Check Point NGFW to be very easy to use and manage, even for users with limited IT expertise. This is important to me because I want to make sure that my clients can focus on their business without having to worry about complex security solutions.

Overall, I highly recommend Check Point NGFW to any organization that is looking for a comprehensive and effective security solution.

What needs improvement?

There are a few areas where Check Point NGFW could be improved. First, it can be expensive, especially for small businesses. Second, it can be complex to configure and manage, especially for users with limited IT expertise. Finally, its licensing model can be complex and confusing.

Despite these areas for improvement, I still highly recommend Check Point NGFW to any organization that is looking for a comprehensive and effective security solution. I am confident that Check Point will continue to improve its products in the future, and I am excited to see what new features and capabilities they come up with next.  

One thing I would like to see in the next release is an AI-powered threat detection and prevention system that can automatically identify and block new and emerging threats.

Buyer's Guide
Check Point NGFW
June 2025
Learn what your peers think about Check Point NGFW. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
859,579 professionals have used our research since 2012.

For how long have I used the solution?

We've been a Check Point customer for over 21 years, and we've always felt that they are a trusted partner in our cybersecurity efforts.

What do I think about the stability of the solution?

Overall, I'm very impressed with the stability of Check Point NGFW. It's a powerful security solution that can meet the needs of organizations of all sizes.

What do I think about the scalability of the solution?

One of the things that I appreciate most about Check Point NGFW is its flexibility. It can be deployed in a variety of ways, including physical appliances, virtual machines, and cloud-based instances. This makes it easy to scale your security infrastructure up or down as needed.

How are customer service and support?

I've always been impressed with the responsiveness and expertise of Checkpoint's customer service and support team.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We have never used a different solution. We have been using Check Point NGFW since we first launched our network 21 years ago, and we have been very satisfied with its performance and reliability.

How was the initial setup?

The complexity of the initial setup of Check Point NGFW depends on the size and complexity of your network, as well as the features and capabilities that you need.  

If you have a large enterprise with a complex network or need to configure all of the features and capabilities of Check Point NGFW, I would highly recommend that you engage Check Point Professional Services to help you with the setup process.

What about the implementation team?

We have always used Check Point Professional Services to assist with our implementation.  They are very knowledgeable and can save you a lot of time and frustration.

What was our ROI?

To maximize the ROI of Check Point NGFW, it is important to choose the right deployment model, use Check Point's security services, and keep the software up to date.

What's my experience with pricing, setup cost, and licensing?

There are a few areas where Check Point NGFW could be improved. First, it can be expensive, especially for small businesses. Second, it can be complex to configure and manage, especially for users with limited IT expertise. Finally, its licensing model can be complex and confusing.

Despite these areas for improvement, I still highly recommend Check Point NGFW to any organization that is looking for a comprehensive and effective security solution. I am confident that Check Point will continue to improve its products in the future, and I am excited to see what new features and capabilities they come up with next.

Which other solutions did I evaluate?

We evaluated Cisco ASA Firewall before choosing Check Point NGFW.

What other advice do I have?

A few months ago, one of my clients was targeted by a sophisticated ransomware attack. Check Point NGFW was able to detect and block the attack before it could cause any damage. My client was very grateful for Check Point NGFW's protection, and I was relieved that I was able to help them avoid a costly and disruptive attack.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Vasilis Evgeniou - PeerSpot reviewer
IT Security Pre Sales Engineer at Westnet S.A.
Real User
Top 10
A scalable and easy-to-deploy solution that enables organizations to see what their employees are downloading from the internet
Pros and Cons
  • "Sandboxing is the most valuable feature."
  • "The support team should be faster."

What is our primary use case?

We use the solution to configure sandboxing features for enterprises. We also use it for policy-level configurations and VPNs.

What is most valuable?

Sandboxing is the most valuable feature. A majority of the configurations are very accurate. We can find what an organization's user is downloading from the internet.

What needs improvement?

The support team should be faster.

For how long have I used the solution?

I have been using the solution since 2016.

What do I think about the stability of the solution?

All products have some bugs. However, we had a minimum bug experience with Check Point. I rate the tool’s stability an eight out of ten.

What do I think about the scalability of the solution?

The product is scalable. Everyone in our company uses the product. We are 100 users. We have an on-premise firewall. We use it every day.

How are customer service and support?

I have contacted the support team. I have had good conversations with the engineers. Sometimes, it takes a little bit of time to solve some issues. If it's a complex issue, we need to start from scratch and escalate to a bigger tier of support.

How would you rate customer service and support?

Positive

How was the initial setup?

The initial setup is very easy.

What's my experience with pricing, setup cost, and licensing?

The product is not that expensive for what it is offering, but it could be cheaper. Nowadays, all the vendors are increasing their prices. Suggesting the product to the customers will be easier if it is a little cheaper. The tool offers good attributes.

Which other solutions did I evaluate?

Palo Alto is also a good vendor. We chose to go with Check Point as well for our enterprise solution as distributors, and we suggest it to our customers.

What other advice do I have?

I was an engineer for AT&T. I helped customers with configurations. The vendor is taking care of the user side of security with Check Point Harmony. It is a very good product. Check Point Harmony must provide administrators the ability to manage external programs remotely. Some customers want such features, and other vendors provide them. I would recommend the solution to others. The vendor has been investing a lot of money and effort to prevent zero-day attacks. Overall, I rate the tool a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer. Partner
PeerSpot user
Buyer's Guide
Check Point NGFW
June 2025
Learn what your peers think about Check Point NGFW. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
859,579 professionals have used our research since 2012.
kenyan_reviewer - PeerSpot reviewer
Works at Pevans EA Ltd
User
Great IPS and VPN with useful management blades
Pros and Cons
  • "The edge security posture has dramatically improved as we can now detect and prevent threats from the public internet."
  • "The Check Point TAC support has, in recent years, deteriorated."

What is our primary use case?

The Check Point firewalls are used to protect both the edge and datacenter firewall environment.

The firewalls have been deployed in a high availability design and are virtualized using Check Point VSX VSLS. This means we have multiple virtual firewalls protecting different parts of the data center (e.g., DB, Edge, WAN, pre-production.)

We have activated multiple software blades, including firewall, VPN, URL filtering, Application Control, compliance, reporting, and threat emulation, to name a few.

A similar design has been deployed at the DR with a similar set of firewalls.

How has it helped my organization?

The following has been improved:

1) The edge security posture has greatly improved. We are now able to detect and prevent threats coming from the public internet. The firewall is able to block know threats using the inbuild Intrusion Prevention blades.

2) We can connect with other organizations using site-to-site VPNs to enable inter-organization communication.

3) Check Point comes with a strong management solution that allows us to monitor and track threats that are detected and prevented. It also helps us be in compliance with industry standards.

What is most valuable?

The following features have been valuable:

1) IPS - The edge security posture has dramatically improved as we can now detect and prevent threats from the public internet. The firewall can block know threats using the inbuild Intrusion Prevention blades.

2) VPN - We can connect with other organizations using site-to-site VPNs for inter-organization communication.

3) Management Blades - Check Point comes with a strong management solution that allows us to monitor and track detected and prevented threats. It also helps us be in compliance with industry standards.

What needs improvement?

The following can be improved:

1) The management solution is currently using a desktop client for administration purposes. This should be improved by ensuring configuration on the firewalls can be done 100% using a web-based approach. This is currently a work in progress in R81.X, yet should be fast-tracked.

2) The Check Point TAC support has, in recent years, deteriorated. Getting support is usually a pain as the TAC engineers don't seem to understand our issues fast enough and are not readily available. This is in contrast to the amount of money paid for the support.

For how long have I used the solution?

I've used the solution for five years.

How are customer service and support?

A lot of improvement is required in how checkpoint TAC engineers handle their assigned cases. Tickets can be opened for very long without clear solutions.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

We previously used Cisco ASA 5585 Firewall.

How was the initial setup?

The setup was fairly easy as the team is well trained.

What about the implementation team?

We worked with Check Point professional services.

What's my experience with pricing, setup cost, and licensing?

This is a premium enterprise product, hence the price is very high.

Which other solutions did I evaluate?

We looked at FortiGate Firewalls.

What other advice do I have?

Check Point should review their pricing models especially for the African market.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Jonathan Ramos G. - PeerSpot reviewer
Cloud Engineer at ITQS
Real User
Great rule management, VPN configuration, and SSL features
Pros and Cons
  • "We can decipher the activity of each connection and see what is inside it."
  • "Something worth mentioning is the need for Spanish support and better representation for teams in the Latin American area."

What is our primary use case?

At the organizational level, we needed to protect the security of our organization. This is where a much broader need arises. We must protect each of the branches that our company has - in some cases larger than other branches. We took on the task of implementing a next-generation firewall from Check Point which allows us to have valuable equipment that adjusts to the needs of each of the branches according to their size and organizational demand by the number of users. This equipment is designed for infinity architecture. 

How has it helped my organization?

The designs, including Check Point next-generation firewall equipment, have allowed us to have all branches interconnected with the same brand and the same site-to-site communication service. We can encrypt the traffic through these VPNs and ensure communication in all directions, solving transactions and access to applications and services within our organization and outside of it. Additionally, we have a content filtering robot that ensures that users and applications are reached solely and exclusively by our networks and users. 

What is most valuable?

The most outstanding feature of Check Point is the possibility of having more than 60 indicating services within it. Among the most outstanding in keeping safe is its rule management, VPN configuration, SSL, and, above all, HTTPS Inspection, which is a solution that allows us to see what users do. We can decipher the activity of each connection and see what is inside it. In this way, we ensure that the data is not violated or violated by third parties outside our organization and we validate the internal and timely security. 

What needs improvement?

The Next Generation Firewall (NGFW) Configuration Guides in XL cluster are very complex and other guides should be reviewed to validate configuration references. They should be updated for new versions.

Something worth mentioning is the need for Spanish support and better representation for teams in the Latin American area. There is a growing demand for these IT services and new technologies.

Its guides are identical to the existing ones. It would be more pleasing that these guides be updated and improve their design.

Give it a try, and it will help you more in these times when users are more remote than local.

For how long have I used the solution?

I've used the solution for two years.

What do I think about the scalability of the solution?

It is quite scalable. That said, it is complex to integrate cluster services from the same equipment.

Which solution did I use previously and why did I switch?

I was testing WatchGuard and Fortinet. In the end, it was easier for me to integrate Check Point.

What's my experience with pricing, setup cost, and licensing?

The cost is quite high. That said, it must be understood that it is not only a firewall, it is a solution that integrates more solutions within it.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Fabian Miranda - PeerSpot reviewer
Cloud computing at Tech Data Limited
Real User
Helpful management console with a good security posture and protects from threats
Pros and Cons
  • "Admins and executives are more at ease with the compliance engine within the software as it measures how many of the security requirements we're compliant with, making their work much more accessible from that standpoint."
  • "VMware is not supported by the platform."

What is our primary use case?

We have different cloud platforms within the organization and needed a solution that would allow us to control different aspects of them from one single platform, which has allowed us to manage and apply policies across all different locations. 

It has allowed us to be more efficient with compliance and maintenance of all different platforms; management of the users is now tighter, and fewer resources have to be invested in applying all the needed policies and levels of access based on company roles.

How has it helped my organization?

The product provides a full security posture for our cloud environment. We get complete visibility of all the workload hosted across all different platforms and all traffic coming in/ out of these cloud platforms. These policies are on 24/7 from any device, say desktop, laptop, mobile, etc. 

All this is pretty easy to set up and notifies any anomaly as soon as it arises for immediate attention/ correction; some of these issues will be addressed automatically and just let you know it was identified and solved.

What is most valuable?

The management console offers excellent visibility of all security options and configurations, also showing all the traffic from each user. 

Once you're working on a specific action, the interface will pop relevant information around past actions contradicting the new policy, showing you strictly where potential threats may come from. 

Admins and executives are more at ease with the compliance engine within the software as it measures how many of the security requirements we're compliant with, making their work much more accessible from that standpoint.

What needs improvement?

This is something that doesn't directly affect us. However, I know VMware is not supported by the platform. 

Also, it seems that plenty of features you may not know even exist unless you do some extensive, deep digging as they're not coming up in the initial configuration, so you have to go through the documentation to realize their existence. 

Support is really good, so you may rely on them to learn more about these coded features I'm talking about, also to make the proper calibration for the rules/policies you're applying as they may not turn the results expected from the first config.

For how long have I used the solution?

We've used the solution for +2 years now.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
reviewer1895619 - PeerSpot reviewer
Information Technology Security Specialist at AKBANK TAS
User
A good firewall with useful app and URL filtering
Pros and Cons
  • "The fact that these can be separated and made in different layers provides excellent convenience for the administrators who regulate the rules."
  • "When you want to open the gateway by double-clicking on the interface, sometimes it can cause silly problems such as freezing."

What is our primary use case?

The product is basically for completing a firewall task. On top of that, the aim is to find a comprehensive solution with the innovations from next-gen. We made an isolated zone in a small part of the company. Here, we aimed to provide basic security features with few security devices. In this context, we ran the Check Point appliance by opening almost all the blades on it. The Check Point software architecture was able to provide quite good results because it ran on its own OS. It's pretty good as a VM. At a point where we wanted to isolate VM devices, we provided a solution with a VM series of Check Point.

How has it helped my organization?

It has similar features to other competitors in standard sizes, so it's not a subject where it differs much. It provides us with a layer of security as a firewall. With the new blades that are opened as an extra, it can provide solutions that are needed today, such as IPS and URL filtering. 

You can do app and URL filtering through a separate policy layer. The fact that these can be separated and made in different layers provides excellent convenience for the administrators who regulate the rules. In object searches, object explorer is very easy and fast.

What is most valuable?

In my company, there have between ten and 15 firewalls on-premises, and if I want to configure or push the same configuration to all of the firewalls, then the centralized management system is easy and very helpful. 

It is difficult to convey the end-user experience. However, in general, administrators can get used to the interface and start working quickly. Especially after Revision 81.10, I can say that everything became more stable and faster in terms of management. It should be said that it does quite well on the DDOS side.

What needs improvement?

There are parts that are still on the SmartDashboard screen and that condemn you to use it, which should be removed and moved to the SamartConsole interface, which is the main screen. 

In addition, when you want to open the gateway by double-clicking on the interface, sometimes it can cause silly problems such as freezing. To fix these problems, Check Point needs to get rid of the SmartDashboard screen completely. Also, there is a need for performance improvements in the interface so that when the data and rulesets are large, there is a need for performance improvements in the next versions.

For how long have I used the solution?

I've used the solution for about six years.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
nickospot - PeerSpot reviewer
Assistant Manager at a government with 501-1,000 employees
User
It's easy to set rules and policies, which has greatly simplified cleanup and management.
Pros and Cons
  • "Check Point's rule management helped us simplify access control. At one point, we had more than 1,000 access control policies, and it was challenging to manage them all. We cut it down to 300 policies using Check Point's management features, and we are still working on reducing this further to achieve the best way to manage policies. Its logging and monitoring enable us to trace and investigate suspicious traffic."
  • "Check Point doesn't warn us when rules are about to expire. It was also inconvenient that we had to change hardware when we upgraded. It would be nice if they made the new version compatible with current hardware or if it only required a minor upgrade."

What is our primary use case?

We're using Check Point NGFW for network security, intrusion detection, intrusion prevention, application control, DDoS attack protection, sandblast, mobile device management, identity-based access control, reporting, access control policy, scalability, state-of-the-art security gateway, support, threat prevention, accelerated policy installation, concurrent security policy installation, advanced routing, easy upgrading, logging and monitoring, smart events, and smart console.

How has it helped my organization?

Check Point has improved our organization's security posture, especially the IBAC, application control, IPS, and IDS. It's easy to set policies on the firewall, which has greatly simplified cleanup and management.

We recently upgraded from R80.10 to R40, and we've had an overwhelmingly positive experience with this version. Our visibility of threats and vulnerabilities has improved. Check Point added new features and revamped its reporting and analysis.

What is most valuable?

Check Point's rule management helped us simplify access control. At one point, we had more than 1,000 access control policies, and it was challenging to manage them all. We cut it down to 300 policies using Check Point's management features, and we are still working on reducing this further to achieve the best way to manage policies. Its logging and monitoring enable us to trace and investigate suspicious traffic.

What needs improvement?

Check Point doesn't warn us when rules are about to expire. It was also inconvenient that we had to change hardware when we upgraded. It would be nice if they made the new version compatible with current hardware or if it only required a minor upgrade.

I would also like it if Check Point cut the number of steps needed to upgrade from R77 to R81. They should also make it possible to convert access control policies from the firewall to the management server and to downgrade from a higher version to a lower one. 

For how long have I used the solution?

I've been using Check Point NGFW for six years.

What do I think about the stability of the solution?

The solution has been stable, and Check Point promptly delivers patches and updates.

How are customer service and support?

I rate Check Point support nine out of 10. When we need help, they're always fast and efficient. Check Point's customer service is one of the major reasons we've stuck with this solution.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We adopted Check Point because of the cost and support.

How was the initial setup?

If you have the right training, you can set up Check Point with minimal supervision.

What's my experience with pricing, setup cost, and licensing?

Before you buy, check which features you need, and if possible, I recommend signing up for at least a three-year license.

Which other solutions did I evaluate?

We considered several vendors, including Fortinet, Cisco, Huawei, Sophos, and Barracuda.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
reviewer1718715 - PeerSpot reviewer
Network Engineer II at Baptist Health
Real User
Good antivirus protection and URL filtering with very good user identification capabilities
Pros and Cons
  • "The scalability is very good."
  • "I'd like to see more use of applications and URLs in security policies moving forwards."

What is our primary use case?

The primary use case for these firewalls is to protect our perimeter from unwanted traffic in and out of our network as well as to control the flow of data to comply with our company security policies. 

It also plays an integral part in restricting or granting access at a granular level for certain users or vendors allowing us to monitor and protect end-customer data as well as protecting our users and network from malware, bots, ransomware and other bad actors that could disrupt our business operations.

How has it helped my organization?

Check Point NGFW products have improved the operation of our organization by allowing us to secure our perimeter from attacks, probes, malware, DDoS, bots and general bad actors. It also allows us to secure outbound traffic from our users. 

It allows us to fine tune how we allow users to access resources both in our DMZ and externally. This helps us to secure customer and user data in order to prevent privacy issues, prevent loss of operations or downtime which we cannot accept. 

Being able to use the products in redundant pairs has also allowed us to provide a more stable network.

What is most valuable?

There are several useful features that we utilize that are now valuable assets in terms of protecting the network. These would include user identification (ID Collector), IPS, antibot, antivirus, application, and URL filtering as well as the standard firewall security rules. They all work together to provide layers of security to protect both inbound and outbound traffic in order to minimize loss of private data as well as to ensure our network is free of bad actors attempting to use malware or ransomware against us.

What needs improvement?

Check Point could improve its products by working on stability. Overall, it is a stable platform, however, at times we have issues with 'quirks' and bugs that cause issues for our end users and typically are not straightforward to fix. 

Another issue that presents itself is upgrading. Small hot fixes are not problematic. That said, updating to a new version of the OS has been an absolute nightmare and caused significant downtime and a number of issues - not to mention wasted engineering time. Simplify the upgrade process and they may regain confidence in this area!

I'd like to see more use of applications and URLs in security policies moving forwards.

For how long have I used the solution?

I've worked with the solution for seven years across two different companies.

What do I think about the stability of the solution?

The stability is good, yet it could use some improvement.

What do I think about the scalability of the solution?

The scalability is very good.

How are customer service and support?

It has always been slow and difficult to use technical support. It depends on a case-by-case basis, however, you have to chase and manage the case yourself or it will go nowhere. This likely comes down to a lack of experienced agents.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

We previously used Cisco ASA. We switched due to the fact that Cisco's product was very hard to manage and lacked any real intelligence.

How was the initial setup?

The initial setup is complex. A very large and multifaceted environment will always be complex to configure.

What about the implementation team?

We used vendor support and account teams and in-house technical engineering.

What's my experience with pricing, setup cost, and licensing?

It's expensive, however, compared to the cost of not protecting the network properly, it's worth the cost.

Which other solutions did I evaluate?

We looked at Palo Alto, Fortinet, and Cisco.

What other advice do I have?

Carefully consider the vendor before making a leap. It's very difficult and costly to change vendors at a later date.

Which deployment model are you using for this solution?

On-premises

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Buyer's Guide
Download our free Check Point NGFW Report and get advice and tips from experienced pros sharing their opinions.
Updated: June 2025
Buyer's Guide
Download our free Check Point NGFW Report and get advice and tips from experienced pros sharing their opinions.