Try our new research platform with insights from 80,000+ expert users
Sr. Network Engineer at a tech services company with 1,001-5,000 employees
Real User
Provides us with more security features than our previous solution and everything is managed from a central device
Pros and Cons
  • "There are also additional features, compared to a Layer 4 or Layer 3 firewall, such as AV signatures and devices, which are very helpful for securing the company's network."
  • "The only thing which I think should be improved is that training should be increased. In my position I also interview potential employees and I haven't found many people in the market, nowadays, who are familiar with the Check Point firewall. They are more familiar with Palo Alto and Cisco ASA and they are more comfortable with them."

What is our primary use case?

We use Check Point firewalls to secure our internal network from the outside world and to provide a good, comfortable, and secure environment for our employees.

We have various models from the R80 series, such as the R80.10 and the R80.30.

How has it helped my organization?

Before, we were using firewalls from Palo Alto. The benefit of the Check Point firewall is that it has more security features. It has antivirus signatures and additional features for which we should require additional hardware devices in the firewall. It also gives us a central management system, which was not present in the Cisco ASA.

What is most valuable?

Check Point's Next Generation Firewall has many good features. It has a central management system, and that means we do not have to go to each and every firewall to configure it. We can manage them with the central device. 

There are also additional features, compared to a Layer 4 or Layer 3 firewall, such as AV signatures and devices, which are very helpful for securing the company's network.

What needs improvement?

The only thing which I think should be improved is that training should be increased. In my position I also interview potential employees and I haven't found many people in the market, nowadays, who are familiar with the Check Point firewall. They are more familiar with Palo Alto and Cisco ASA and they are more comfortable with them. Check Point is one of the good firewalls and training should be increased by the company so that more people are familiar with it and with their switches.

Buyer's Guide
Check Point NGFW
April 2025
Learn what your peers think about Check Point NGFW. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
851,371 professionals have used our research since 2012.

For how long have I used the solution?

I have been using Check Point's firewalls for the last three-and-a-half years.

What do I think about the stability of the solution?

The stability is very good. The updates we get for the antivirus and the URL filtering sites are also very nice and happen very often. That is a good thing because there are various new attacks coming out but we get their updates on time. 

What do I think about the scalability of the solution?

In terms of the scalability, it is very easy to extend the utilization of Check Point firewalls. We did so in the past. We extended our environment in our organization and it was very easy to extend it.

We have around 4,000 to 5,000 people who are using the Check Point firewalls directly or indirectly. They are passing their traffic through it. Expansion of our usage completely depends on the organization. If they want to do so they will tell us and, if that happens, we will definitely go for Check Point firewalls.

How are customer service and support?

We have used Check Point TAC to resolve our issues. We have had good support. They have good engineers there.

Which solution did I use previously and why did I switch?

We were using Palo Alto and Cisco before and we replaced them with Check Points.

We used Palo Alto in a  few of our sites, but we found Palo Alto was more expensive and its updates and services were also more expensive compared to the Check Point firewall.

Cisco is a very basic firewall in the market, and it has a limited set of features, compared to Palo Alto and Check Point. Palo Alto has rich features, but it is one of the more expensive firewalls in the market. The Check Point firewall is not too expensive, but it is also a third-generation firewall.

The drawback of the Check Point firewall is the lack of training materials. That should be increased.

How was the initial setup?

We have a team of seven to eight people who have all installed and configured environments so the initial setup, for us, was a very straightforward process. And these are the people who handle maintenance of the firewall and manage it, during different shifts. They are all network engineers.

It took us between nine and 12 months to do the implementation. We have Check Point hardware so we followed the recommended, three-level architecture, in which there is a SmartConsole, the hardware security gateway firewall, and the central management device.

What's my experience with pricing, setup cost, and licensing?

The pricing is good. It is less than Palo Alto's firewalls. Check Point has the same features as Palo Alto, but the licensing and cost of these firewalls are not too expensive. It is one of the best firewalls in the market in this range.

What other advice do I have?

Check Point firewalls have many features. Before configuring it in an environment, you should know each and every feature of the firewall. You should also follow the three-level hierarchy which is recommended by Check Point.

There are a few add-on features for Check Point firewalls. I only learned that by using the firewalls. I'm very happy with the way Check Point is progressing. They continue to work on their firewalls even after making their name. That is something we should follow in our lives as well: Once we have made our name, we should not stop there. We should further build the reputation of the company and product.

We are very happy with the Check Point firewalls. The only thing missing, as I mentioned earlier, is that training should be increased for the firewall by the organization. Otherwise, we are very happy with investment in this solution.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Network security engineer at Fidelity Bank
Real User
Enabled us to virtualize multiple firewalls on one machine
Pros and Cons
  • "The most valuable feature for us is the VSX, the virtualization."
  • "The VPN part was actually one of the most complex parts for us. It was not easy for us to switch from Cisco, because of one particular part of the integration: connecting the Check Point device to an Entrust server. Entrust is a solution that provides two-factor authentication. We got around it by using another server, a solution called RADIUS."

What is our primary use case?

We use it for VSX virtualization and we use it for normal firewall functions as well as NAT. And we use it for VPN. We don't use a mobile client, we just use the VPN for mobile users.

How has it helped my organization?

We are able to virtualize about four firewalls on one machine. Before, we needed to have four firewall hardware devices, physical devices, from Cisco. We had four appliances, but now, with Check Point, we just have one. We can manage them, we can integrate them, and we can increase connections using one and the other. It has broken down connection complexities into just a GUI.

Also, previously we had downtime due to memory saturation with our old firewalls. We were using Cisco ASA before. During peak periods, CPU utilization was high. Immediately, when we switched to Check Point, that was the first thing we started monitoring. What is the CPU utilization on the device? We observed that CPU utilization stayed around 30 percent, as compared to 70 percent with the Cisco we had before, although it was an old-generation Cisco. Now, at worst, CPU utilization goes to 35 percent. That gives us confidence in the device. 

In addition, the way Check Point built their solution, there is a Management Server that you do your administration on. You have the main security gateway, so it's like they broke them down into two devices. Previously, on the Cisco, everything was in one box: both the management and the gateway were in one box. With Check Point breaking it into two boxes, if there's a failure point, you know it's either in the management or the security gateway. The management is segmented from the main security gateway. If the security gateway is not functioning properly, we know that we have to isolate the security gateway and find out what the problem is. Or if the management is not coming up or is not sending the rules to the security gateway, we know there's something wrong with it so we isolate it and treat it differently. Just that ability to break them down into different parts, isolating them and isolating problems, is a really nice concept.

And with the security gateway there are two devices, so there's also a failover.

What is most valuable?

  • The most valuable feature for us is the VSX, the virtualization.
  • The GUI is also better than what we had previously.
  • The third feature is basic IP rules, which are more straightforward.
  • And let's not forget the VPN.

The way we use the VPN is usually for partners to connect with. We want a secure connection between our bank and other enterprises so we use the VPN for them. Also, when we want to secure a connection to our staff workstations, when employees want to work from home, we use a VPN. That has been a very crucial feature because of COVID-19. A lot of our people needed to work remotely.

What needs improvement?

The VPN part was actually one of the most complex parts for us. It was not easy for us to switch from Cisco, because of one particular part of the integration: connecting the Check Point device to an Entrust server. Entrust is a solution that provides two-factor authentication. We got around it by using another server, a solution called RADIUS.

It was very difficult to integrate the VPN. Until now, we still don't know why it didn't work. With our previous environment, Cisco, it worked seamlessly. We could connect an Active Directory server to a two-factor authentication server, and that to the firewall. But when we came onboard with Check Point, the point-of-sale said it's possible for you to use what you have on your old infrastructure. We tried with the same configurations, and we even invited the vendor that provided the stuff for us, but we were not able to go about it. At the end of day they had to use a different two-FA solution. I don't if Check Point has a limitation in connecting with other two-FAs. Maybe it only connects with Microsoft two-FA or Google two-FA or some proprietary two-FA. They could work on this issue to make it easier.

Apart from that, we are coming from something that was not so good to something that is much better.

For how long have I used the solution?

I have been using the Check Point Next Generation Firewall for 10 months.

What do I think about the stability of the solution?

The stability of Check Point's firewall, for what we use it for now, is pretty good. Especially, with the licensing of blades and the way they script it down into different managers. You have a part that manages blades, you have the part that manages NAT, and you have the part that manages identity. The VSX is another one on its own. So it is very stable for us.

When we add more load to it, when we go full-blown with what we want to use the device for, that will be a really good test of strength for the device. But for now the stability is top-notch.

What do I think about the scalability of the solution?

They scale well.

All information passes through the firewall. We have about 8,000-plus users, including communicating with third-party or the networks of other enterprises that we do business with.

How are customer service and technical support?

We've not used technical support. We asked our questions of the vendor that deployed and he was quite free and open in providing solutions. Anytime we call him we can ask. He was like our own local support.

There is also a Check Point community, although we've not really been active there, but you can go and ask questions there too, apart from support.

How was the initial setup?

The initial setup was pretty straightforward.

It took a while about a month, but it was not because of the complexity. It was because we gave them what we already have on the ground. We were on Cisco before and they had to come up with a replica of the configurations for Check Point. When they got back to us we had to make some corrections, and there was some back-and-forth before everything finally stabilized.

Four our day-to-day administrative work, we have about four people involved.

What about the implementation team?

We used a Check Point partner for the installation. I was involved in the deployment, meaning that while they were deploying I was there. They even took us through some training.

What was our ROI?

We have surely seen ROI compared to the other vendors I mentioned, in terms of costs. And we tested all the firewall features to see if it is doing what it says can do. And so far so good, it's excellent. It's a good return.

What's my experience with pricing, setup cost, and licensing?

Check Point offers good solutions, but it won't kill your budget.

Going into Next-Generation firewalls, you should know what the different blades are for, and when you want to buy a solution, know what you want to use that solution for. If it's for your normal IP rule set, for identity awareness, content awareness, for VPN, or for NAT, know the blades you want. Every solution or every feature of the firewall has license blades. If you want to activate a feature to see how that feature handles the kind of work you give, and it handles it pretty well, you can then move to other features.

Which other solutions did I evaluate?

We evaluated Palo Alto, Fortinet FortiGate, and Cisco FirePOWER.

Check Point was new to the market so we had to ask questions among other users. "How is this solution? Is it fine?" We got some top users, some top enterprises, that said, "Yes, we've been using it for a while and it's not bad. It's actually great." So we said, "Okay, let's go ahead."

What other advice do I have?

I would recommend going into Check Point solutions. Although Check Point has the option of implementing your firewall on a server, I would advise implementing it on a perimeter device because servers have latency. So deploy it on a dedicated device. Carry out a survey to find out if the device can handle the kind of workload you need to put through it.

Also, make it a redundant solution, apart from the Management Server, which can be just one device. Although I should note that up until now, we have not had anything like that.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Buyer's Guide
Check Point NGFW
April 2025
Learn what your peers think about Check Point NGFW. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
851,371 professionals have used our research since 2012.
reviewer2563050 - PeerSpot reviewer
President of the Advisory Board at a computer software company with 201-500 employees
Reseller
Top 20
Reliable core firewall enables secure and efficient transactions
Pros and Cons
  • "Check Point's solutions allow organizations to operate securely with a reliable core firewall in place, ensuring that transactions proceed smoothly."
  • "The user interface could be more user-friendly."

What is our primary use case?

We are using the solution for the perimeter. It's used as a core firewall, with almost all transactions passing through the firewall. For instance, in a cellular phone company, all transactional authorizations pass through the firewall, while in a bank, authorizations for branches and ATMs go through the firewall. The main customers are in the BFSI, telcos, industry manufacturing, and other large enterprise sectors.

How has it helped my organization?

Check Point's solutions allow organizations to operate securely with a reliable core firewall in place, ensuring that transactions proceed smoothly.

What is most valuable?

The Check Point firewall is used as a core firewall offering high reliability with at least two synchronized data centers, creating a fault-tolerant configuration. It is considered a very stable platform with minimal bugs.

What needs improvement?

Technically, there is no need for improvement. That said, they need to be more aggressive and protect more of the channels on the commercial side. Additionally, the user interface could be more user-friendly.

For how long have I used the solution?

We have been using Check Point solutions for over twenty-five years, since the very beginning.

What do I think about the stability of the solution?

The firewall is highly stable, being described as one of the most reliable, with a stable platform and few bugs.

What do I think about the scalability of the solution?

Using the Maestro technology, the firewall has good scalability. It allows for flexibility and growth by stacking clippings without needing to change the chassis.

How are customer service and support?

Customer service is generally good. With Diamond or Diamond Plus service for banks, the support level meets customer expectations. The internal team of Check experts also ensures issues are resolved efficiently.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We are familiar with and have supported other solutions like Fortinet, Palo Alto, and Cisco yet primarily do business with Check Point.

How was the initial setup?

Initial setup can be complex, especially in large or redundant deployments. Expertise is required to manage configurations, especially with complex operations and a high volume of users and VPNs.

What about the implementation team?

The implementation team has around 20 people, with a total group including maintenance and support numbering 60.

What was our ROI?

Monetizing the risk is complex, and despite having software for calculating ROI in security, traditional calculations like the FAIR methodology do not apply efficiently in Latin America.

What's my experience with pricing, setup cost, and licensing?

Check Point and Palo Alto solutions are among the more expensive options, but once a platform is adopted, switching is difficult. Clients tend to stay with the same brand for extended periods.

Which other solutions did I evaluate?

We have evaluated solutions from Fortinet, Palo Alto, and Cisco, however, the main offering is Check Point.

What other advice do I have?

I'd rate the solution eight out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
PeerSpot user
Defense protection study manager at Ministère de la Défense
Real User
Top 10
Reliable platform providing ease of management
Pros and Cons
  • "The interface allows us to quickly adapt to new security requirements and maintain compliance with organizational policies."
  • "The platform's technical support services need enhancement."

What is our primary use case?

We primarily use Check Point NGFW for network segmentation and traffic control. It effectively segments our network into zones, allowing us to manage and secure traffic flows between different segments.

What needs improvement?

The platform's technical support services need enhancement. 

What do I think about the scalability of the solution?

The product is highly scalable and crucial for our large-scale deployment needs. Its scalability is a ten out of ten.

How are customer service and support?

The technical support is generally responsive, although there have been occasional delays in accessing specialized assistance tailored to our needs.

How would you rate customer service and support?

Positive

How was the initial setup?

The deployment was handled by dedicated experts within our organization, ensuring a smooth setup. While I didn't oversee the technical aspects directly, our team found the process straightforward, minimizing operational disruptions.

What was our ROI?

The product is on the higher end of the cost spectrum, but the investment is justified by its high-quality performance and reliability, which are paramount for our security infrastructure.

What other advice do I have?

Check Point NGFW has consistently provided stable operation which is critical for our organization's security needs.

Managing firewall rules and policies is intuitive and efficient. The interface allows us to quickly adapt to new security requirements and maintain compliance with organizational policies.

I highly recommend it for organizations seeking robust network security.

Overall, I rate it an eight. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Saurabh Lahoti - PeerSpot reviewer
Network Engineer at Worldline Global
User
Top 20
Intuitive with a user-friendly management interface and is accessible to non-technical staff
Pros and Cons
  • "Check Point firewalls have significantly improved our ability to detect and prevent threats."
  • "It requires enhanced automation tools for regulatory compliance to ease the burden of compliance reporting and auditing."

What is our primary use case?

The implementation of Check Point firewalls has been a transformative experience for our organization. It has significantly improved our cybersecurity posture, enabling us to detect and prevent threats more effectively, streamline management, and stay agile in the face of evolving security challenges. 

With Check Point, we are not just securing our data, we are also protecting our brand and reputation. The value they bring to our organization is immeasurable, making them an essential component of our overall cybersecurity strategy.

How has it helped my organization?

In today's ever-evolving digital landscape, cybersecurity is paramount for any organization. For our company, the implementation of Check Point firewalls has proven to be a pivotal moment in our ongoing quest to bolster our cybersecurity defenses. These firewalls have not only improved our security measures but have also positively impacted our overall business operations.

In our industry, adhering to stringent compliance regulations is paramount. Check Point firewalls help us ensure compliance with industry-specific regulations and standards, such as HIPAA, GDPR, or PCI DSS. This compliance assurance has eased the audit process and instilled trust among our clients.

What is most valuable?

Check Point firewalls have significantly improved our ability to detect and prevent threats. The robust threat intelligence capabilities, coupled with real-time monitoring, have allowed us to swiftly respond to potential security breaches. As a result, we have experienced a noticeable decrease in security incidents and data breaches, which ultimately translates into cost savings and a bolstered reputation.

As our organization grows, so does the volume of data we need to protect. Check Point firewalls have proved scalable and can handle increased traffic and the addition of new services without compromising performance. This scalability ensures that our security measures are always aligned with our business growth.

One of the standout features of Check Point firewalls is their user-friendly management interface. This intuitive platform has streamlined firewall management, making it accessible to both our in-house IT team and non-technical staff. This has resulted in a more efficient use of resources and time, allowing our IT personnel to focus on other critical tasks.

What needs improvement?

The product needs comprehensive reporting and analytics capabilities to help organizations gain insights into their security posture and demonstrate compliance to stakeholders.

It requires enhanced automation tools for regulatory compliance to ease the burden of compliance reporting and auditing.

The solution needs to tighten security by facilitating easy integration with MFA solutions to enhance user authentication.

It needs to integrate automation and orchestration capabilities to streamline incident response and automate routine security tasks, reducing the workload on security teams.

As containerization and microservices become more prevalent, it needs to provide security solutions that protect these modern application architectures effectively. Features like runtime protection and security scanning for containers can be beneficial.

For how long have I used the solution?

I've used the solution for almost five years now.

What do I think about the stability of the solution?

Check Point firewalls are quite robust and resilient.

What do I think about the scalability of the solution?

Check Point firewalls have proved scalable and can handle increased traffic and the addition of new services without compromising performance.

How are customer service and support?

The technical support is recommended. I'd give them an A++++.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I did not previously use a different solution. 

How was the initial setup?

The initial setup was straightforward.

What about the implementation team?

We deployed the solution using Check Point's PS Support. Their team is highly experienced and professional.

What was our ROI?

It's worth the cost.

What's my experience with pricing, setup cost, and licensing?

Initially, the cost of the investment might seem high compared to other vendors. However, in the long run, it might prove to be economical and cost-efficient.

Which other solutions did I evaluate?

I also evaluated Fortinet and Cisco ASA.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer9814083 - PeerSpot reviewer
Flat Earth Networking, Inc. at Cyber Security Engineer
User
Top 10
Good logging and searchability with useful free trial licenses
Pros and Cons
  • "Being able to search in clear text is simple for the customer and for troubleshooting an environment."
  • "It's too expensive for mid-market companies."

What is our primary use case?

We have multiple customers that use this product.  Integrated logging is the best around.  

It's clear and does the job it's supposed to do.  

We typically install this as the network edges and encourage our customers to have one at each location. Some prefer to backhall the smaller sites to the main branch where it handles all the inspection and rules.  

We also set up multifactor SSL VPN solutions at the main location which allows visibility into remote worker traffic. Overall, it's used mostly by small to medium businesses.

How has it helped my organization?

We have been able to sell this product for a long time as it's highly rated and has a deep feature set. We have probably sold millions of dollars worth of Check Point products over the years.  

When the customer comes to us wanting the most protection we typically suggest Check Point first. Our engineers enjoy being able to quickly deploy a solution and have the familiarity with the product to be able to troubleshoot it quickly once it's deployed. For the most part, we train our customers to be able to manage it themselves.

What is most valuable?

Mostly the logging features of the Check Point NGFW are the most valuable.  Being able to search in clear text is simple for the customer and for troubleshooting an environment. 

I also like that you can get trial licenses for just about every product solution.  This allows us to suggest a feature, implement it, and then show the customer that it has value. We tend to retain the customer on that product for the long term once it has been deployed and they are able to see what it's doing to protect them.

What needs improvement?

The only thing holding it back is the price. It's too expensive for mid-market companies. There are other platforms that have emerged that have a similar feature set, however, are more difficult to deploy. This is really only a problem for the engineers as the customer doesn't care how many hours the engineer has to put in to make it work in their environment. If the Check Point product came in at a lower price point it would make it easier for the customer to see the value in cost, thus making it easier for us to sell.

For how long have I used the solution?

I've used the solution for seven years.

What do I think about the stability of the solution?

It has been the most stable for a long time.  That track record is something that you can show the customer. 

What do I think about the scalability of the solution?

The product is highly scalable especially if you integrate the orchestration solution. 

How are customer service and support?

Support is hit or miss lately. They have lost too many good reps to other companies. 

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We have used other solutions, however, we continue to use Check Point NGFW.

How was the initial setup?

The initial setup is simple once you have the appropriate infrastructure setup.  Once Check Point gets away from the central management solution and allows for on-box management it will make small businesses happier. 

What about the implementation team?

I am part of the vendor team. We do a good job implementing it, although sometimes it takes too much time to deploy a product. 

What was our ROI?

We tell the customer that the ROI is the protection they are receiving and the stability of the product.  

What's my experience with pricing, setup cost, and licensing?

We tell customers truthfully it's the best product, however, it has the highest cost and you'll pay for each license.  

Which other solutions did I evaluate?

We are always evaluating other solutions for our customers. Palo Alto and Fortigate are the top two others at the moment.

What other advice do I have?

They just need to get the pricing down or do a better job of bundling the licensing.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: We are a reseller
PeerSpot user
SamirPaul - PeerSpot reviewer
Sr. Security Consultant at a computer software company with 10,001+ employees
Consultant
Top 10
A robust cybersecurity capabilities with significant upgrade downtime
Pros and Cons
  • "They utilize various gateway features, including Identity as a Service (IDaaS), anti-spam, antivirus, and other security measures, effectively creating a robust defense against a wide range of potential risks."
  • "To enhance the user experience, Check Point should consider adopting an incremental upgrade approach, similar to competitors like Palo Alto or Fortinet, as it would help minimize downtime and streamline the upgrade process, making it more efficient and user-friendly."

What is our primary use case?

The customer's use case involves employing it to safeguard their internal applications from external threats. They utilize various gateway features, including user identity-based policy, anti-spam, antivirus, IPS, anti-BOT, and other security measures, effectively creating a robust defense against a wide range of potential risks.

How has it helped my organization?

The primary focus is on safeguarding the customer's internal applications, especially for traders. When it comes to security, the main advantage lies in risk mitigation, akin to insurance.

What is most valuable?

The most valuable feature is its unique inspection model, which was initially a basic firewall inspection. Over time, they've developed and refined this model to cater specifically to trade-related intelligence. It is now a crucial and central component of their security infrastructure.

What needs improvement?

From an administrative perspective regarding Check Point NGFW, there are two key suggestions to improve efficiency. Firstly, administrators should be able to create a unified policy which means that when administrators set up policies in Check Point, they should have the flexibility to configure different security profiles and other security parameters all within the same access policy, simplifying the process. Secondly, the upgrade process for Check Point Firewalls currently involves extended downtime as it often requires a fresh installation. This downtime can last up to around sixty minutes, causing disruptions to business operations. To enhance the user experience, Check Point should consider adopting an incremental upgrade approach, similar to competitors like Palo Alto or Fortinet, as it would help minimize downtime and streamline the upgrade process, making it more efficient and user-friendly.

For how long have I used the solution?

I have been working with it for about ten years.

What do I think about the stability of the solution?

It provides good stability features. I would rate it six out of ten.

What do I think about the scalability of the solution?

Scalability is achievable in the cloud environment. By following the appropriate processes, you can configure automated scanning and other necessary functions to ensure it.

How are customer service and support?

From a technical support perspective, there is room for improvement in Check Point's services. They have increasingly outsourced a significant portion of their support, primarily to third parties. This outsourcing has raised concerns, as it often results in longer resolution times and troubleshooting processes. In my experience, working with Level 3 engineers is more satisfactory and efficient, whereas Level 1 and Level 2 support can sometimes fall short of expectations and extend the time required to address issues.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

When comparing Check Point to Fortinet and Palo Alto solutions, there are several advantages and disadvantages to consider. One key advantage of Check Point is its robust logging capabilities. Administrators can access detailed traffic flow information, providing valuable insights into network activity. Another strength is the trust associated with Check Point. They pioneered the concept of "stateful firewall," which has established a strong foundation for trust in their security solutions and is built on their extensive experience and history in the field.

How was the initial setup?

The initial setup is a medium-level complexity task.

What about the implementation team?

When deploying on AWS cloud, I typically opt for CloudFormation templates to facilitate the setup of Check Point. This approach offers the advantages of infrastructure as code. When it comes to on-premises deployments, the process is manual and involves tasks such as physical cable connections, configuring interfaces, setting up routes, and defining network policies. For a typical mid-sized project, a single person is usually sufficient for the cloud deployment, taking no more than two hours if the implementation plan is well-defined and the design is in place.

What's my experience with pricing, setup cost, and licensing?

The cost can vary depending on the specific model and feature set requirements, as well as the unique value it offers to the organization. The price may be perceived as relatively high when compared to the features and capabilities they provide.

What other advice do I have?

My advice for anyone considering it would be to begin by thoroughly understanding their specific needs and requirements. It's crucial to assess budget constraints and security priorities. If an organization has a sufficient budget and prioritizes a robust security posture, I would recommend considering Fortinet. They often provide a more comprehensive security exposure when compared to Check Point. For organizations with legacy systems or a strong preference for Check Point's Endpoint solutions, my advice is to segregate the management and gateway components. Avoid running both on the same platform to prevent complexity and potential issues. Separating these functions can lead to a smoother and more efficient operation. Overall, I would rate it six out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Senior Systems Engineer at Upper Occoquan Service Authority
Real User
Provides great protection from threats, comes with good support, and scales very well
Pros and Cons
  • "The console or the single interface on the blades is most valuable."
  • "The only thing that we've seen is instances where console and administrative interfaces get locked up or freeze, and we have to get the machine rebooted."

What is our primary use case?

We are using Firewall Intrusion Prevention and URL Filtering, and we just purchased the Endpoint Protection package for our workstations.

It is deployed on-premises. We have two Check Point systems in place. We have one that's between our business network and the outside world, and we also have one that's between our business network and our internal SCADA system.

We haven't updated to version 81, so we're still at version 80.

How has it helped my organization?

It has provided us with great protection from threats. I've been here 30 years, and we've had two incidents, and none of them were within the time we've used Check Point.

What is most valuable?

The console or the single interface on the blades is most valuable.

What needs improvement?

The only thing that we've seen is instances where console and administrative interfaces get locked up or freeze, and we have to get the machine rebooted.

For how long have I used the solution?

I have been using this solution for probably 10 years.

What do I think about the stability of the solution?

I would rate it a nine out of 10 in terms of stability.

What do I think about the scalability of the solution?

Its scalability is very good. Our entire force is about 190 people, and most of them use it at some point just because they are going out to the internet and have that protection for the workstations. 

It is being used extensively. Everyone is using it, and we do have plans to increase the functionality on the device.

How are customer service and support?

They provide really good support. I would rate them a five out of five. 

Which solution did I use previously and why did I switch?

I can't remember the product, but what we had initially was an entry-level device. It was a single-purpose firewall. We went up to an enterprise solution that had additional features.

How was the initial setup?

It was pretty simple to transfer the old firewall configuration to the new one. So, it was pretty straightforward and easy. I would rate it a four out of five in terms of effortlessness.

It took over a month. We ran two systems. We built a new system for a couple of weeks before switching over completely.

What about the implementation team?

We used a consultant. Our experience with them was very good.

For deployment and maintenance, we have five people on our staff. We have to do some maintenance on it. It's pretty much scheduled to rotate between us so that we keep our skills fresh.

What was our ROI?

We've not done an initial study on any kind of ROI. We rarely do. In positives, we try to perform a yearly risk assessment of our systems, and we find very few vulnerabilities. So, it is doing what it's supposed to. It is keeping us safe.

What's my experience with pricing, setup cost, and licensing?

Its cost is a little higher than other products.

Which other solutions did I evaluate?

We evaluated other options, but I don't remember their names. We basically went to the consultant we deal with for security-related things and said, "What's out there? What do you recommend?" He gave us three and recommended that the Check Point was probably the lead one.

What other advice do I have?

I would advise comparing it to the other products.

I would rate it a nine out of 10. It has served us very well and given us very few headaches.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Check Point NGFW Report and get advice and tips from experienced pros sharing their opinions.
Updated: April 2025
Buyer's Guide
Download our free Check Point NGFW Report and get advice and tips from experienced pros sharing their opinions.