Check Point NGFW Reviews

Our primary uses for the Check Point NGFW are network segmentation, identity awareness, and application control.

The most valuable features for us are identity awareness, IDS and IPS, and application control.

The speed of technical support is very slow and is something that should be improved.

We have been using Check Point firewalls for about 20 years.

There were times in the past when it wasn't as stable as it is now. However, with the current version, we have been running for the past year without any issues.

Our company has about 1,000 users that generate traffic that passes through the firewall. Beyond that, we haven't had much need to scale.

The technical support is very slow.

The two firewalls that we having implemented are Check Point and Fortinet.

I have also worked with Juniper but it does not have all of the advanced features that Check Point has, such as application control and identity awareness.

The initial setup is pretty simple. The amount of time required for deployment depends on the number of rules that need to be configured. The initial setup can be done in one day, and the post-setup configuration depends on the rules to be applied.

The initial setup was completed by a partner, who was a certified system integrator.

Our in-house team handles maintenance.

This product is not cheap and there are additional costs that depend on what model or package that you buy. If you need more features then you may have to buy additional modules. In our case, we knew what we wanted in advance so there were no additional costs.

Overall, I am pretty happy with Check Point firewalls. My advice for anybody who is implementing this product is to get somebody with experience to help choose the correct, stable version, and assist with the configuration. All of the new features take time to implement properly, but if the correct steps are followed then they won't run into problems when the system goes into production. 

I would rate this solution a nine out of ten.

We have a big environment with nearly fifteen multi-vendor clusters. We are using firewalls mainly for layer three access rules. But nowadays, application-layer-based security and threat prevention are also important. We are using IPS and antivirus blades actively, too.

In the Intrusion Prevention System blade, we are using a lot of different signatures and actions according to the impact, severity, and cost of the specified signature. The antivirus blade is also in the same logic as the Intrusion Prevention System.

Multilayered protection is provided thanks to Check Point. For instance, security is achieved both on the endpoint side, as well as the firewall side.

Another example is that we can prevent critical and high-risk applications from being reached through the internal network by utilizing the application blade.

All of the blades, except URL filtering, are in the same interface and provide big savings when leading the security operations.

Firstly, inline layer technology is helpful because it will classify the traffic according to different security groups. This means that we can isolate them totally and it will also prevent human error because you are limiting source, destination, service, and application parameters at the top of the inline layer rule.

Check Point is very administrator-friendly and the SmartDashboard is easy to use.

The Blades and security features are also very innovative and up-to-date.

With the IPS blade, the administrator can write signature-based exceptions for specific users. This provides flexibility to except specific connections from specific signatures.

The cloning and copy/paste operations are very useful.

The SmartUpdate interface is a little bit crowded if your company has a lot of software items.

As an administrator, one should know how to troubleshoot by issuing related CLI commands before or after upgrading gateways, or the management server, in case of a problem.

Hardware problems on Check Point devices, such as those related to NIC or disk problems, may occur at times. In cases such as this, the support team is available and does what is needed, including the RMA process if necessary.

We have been using Check Point for 10 years.

In my opinion, scaling is very important and it must be done ahead of time. I would suggest considering scale three years in advance, as opposed to just the present.

We did not use another solution prior to this one.

Licensing issues may be confusing at times.

We did not evaluate other products before choosing Check Point NGFW.

The primary use case is to enhance security by safeguarding the internet connection for both servers and users.

Its greatest asset lies in its user-friendly interface, making it exceptionally suitable and reliable for managing gateways.

When it comes to Check Point's small business gateway series, there might be a need for hardware upgrades, as configuring them can sometimes be a bit challenging.

I have been working with it for two years.

I would rate its stability capabilities eight out of ten.

I would rate its scalability abilities eight out of ten.

Seeking solutions from them can be quite challenging and often takes a while, which then impacts our workload. I would rate it seven out of ten.

Neutral

I have some experience with Juniper, WatchGuard, Cisco, and Fortinet.

The initial setup is relatively complex.

Deployment duration varies based on the customer's specific conditions. On average, an installation might take around twenty minutes.

The best solutions tend to come with a higher price tag. If something is inexpensive, it often implies a compromise in quality. The solution is indeed costly. I would rate it eight out of ten.

Overall, I would rate it eight out of ten.

The primary use case for this solution is to protect the devices under the firewall.

There is a customer who has many switches and routers in their network. They are only protected by an old Cisco ASA firewall. So, the customer instead finds a new vendor or service, and thus we install the Check Point Firewall.

Since the customer has many devices, it takes quite some time to move the Cisco ASA firewall rules to the Check Point policies. However, Check Point has a function to import the policies so it takes less time to do so. Still, the rules that were imported are a mess so we still need to check them one by one and fix the errors before installing them in the customer environment.

The Check Point NGFW has improved the organization by helping with multi-tasking.

The Check Point Firewall that we have is better than the previous Cisco ASA as the firewall has IPS, anti-virus, and anti-bot installed into it at the same time. The IPS is frequently updated so the rules are always new and in place. The firewall IPS and anti-virus can also get other threat intelligence from the web so that the firewall will always have good protection that is up to date. 

The anti-bot is good as it can prevent the firewall from being protected from DDoS without creating any rules as it automatically blocks IPs that are sending too much information to the servers.

The features I found most valuable are the import, logging, and IPS.

The import makes it easier for us to copy the rules without starting from scratch, which will take lots of time. The next thing I find most valuable is the logging. The logging which is called Smartview can distill the logs into simple reports which makes it easier to see all the attacks and issues the firewall faces without diving deep into the logs. Lastly, the IPS is always new and up to date so the attacks that happen are always blocked.

The firewall can improved to make it more user-friendly. The firewall is somewhat not user-friendly as it has many sections and makes it complicated for a layman to understand where to put the policies and rules. 

The firewall also doesn't save the policies immediately after you save them, which means you need to do one more extra step in order for the new rules or policies to take effect. During my first time handling it, I did not understand why the rules and policies I put in didn't work until I found out that you need to click the install button until it takes effect.

I am using Check Point NGFW in an internet-facing manner thanks to the advanced features and security, like the SAM database.

If anyone wants to use the firewall as internet facing, then Check Point NGFW is the best option.

Our organization gets many attacks on our server, so we have installed Check Point firewall for internet-facing scenarios,

The SAM database and advanced blade are the most valuable aspects of the product.

The Check Point architecture and packet are very good.

We need further protection from future critical cyber attacks, as cyber-attacks are growing day by day, and every day new attack is happening in the real world.

There is a huge amount of revenue lost in the financial/banking sector due to cyber attacks, so we need to have something that can highly concentrate on future cyber attacks.

Check Point should release some new technology that no vendor has ever done before.

Check Point NGFW helps me as a network security engineer as it is easy to troubleshoot the issue and also its easy to clear all vulnerabilities in Check Point after upgrading.

I have been using this solution for five years.

The stability is good. 

The scalability is good.

They are awesome. They offer a high level of support.

Positive

I have used Cisco, however, due to multiple vulnerabilities, I have switched to Check Point.

The initial setup is straightforward.

The ROI is good. 

They offer good quality, therefore, the pricing doesn’t matter.

I have compared many vendors, including Sophos and Fortinet.

We use Check Point NGFW as a perimeter firewall.

The most valuable feature of Check Point NGFW is the unparalleled distribution of the network traffic. The central management station they have allows you to manage everything from one place.

Check Point NGFW could improve by introducing machine learning and more modeling dividing the way they manage the ports. However, they have evolved over the last year.

I have been using Check Point NGFW for approximately 15 years.

Check Point NGFW is a stable solution. However, similarly to many other solutions, the stability comes from the engineer that deploys it. It requires a knowledgeable engineer to implement it in the correct way. If you undersize it, for example, you can experience instability.

Check Point NGFW is scalable. The hyper-scale platform can scale up or scale-out. You can buy different powers and stack them.

Check Point NGFW has the most mature technical support in the industry. 

The Check Point company has been around for approximately 30 years and they have everything well documented, similar to other vendors, such as Juniper and Powervault.

I have used other solutions in the past, such as Palo Alto and it has been more expensive. 

The implementation of Check Point NGFW difficulty level depends on the environment. For example, from the initial deployment, it can be easy, but you have to keep your teams learning, they have to consider their traffic size and many other factors. However, the configuration can be difficult, you need a lot of knowledge. Integrating Check Point NGFW with different networks requires a lot of knowledge about the infrastructure.

There are competitors that have more expensive solutions than Check Point NGFW, such as Palo Alto. There are times when Check Point NGFW can have good offerings with a three-year license. The presence of Palo Alto has been heavily invested in marketing. 

From Check Point's perspective, I am not sure how they compared with other vendors. I'm not heavily involved in the process of the quotations.

I have evaluated other solutions.

Check Point NGFW is trying to innovate in the market, but all the other vendors in the market are doing more the same.

I rate Check Point NGFW a nine out of ten.

We deploy solutions for customers. We don't engage in buying. 

We are both consultants and implementers.

We have not had any issues with the firewall.

Support is good and it's centralized architecture.

We are also working on load balancers. We don't have the option to work more with load balancers, we would like to see what else can come out of this in terms of security.

Technical support and scalability both require improvement.

I have been working with Check Point NGFW for the last ten years.

Check Point can scale but at times we have experienced some issues.

Palo Alto is better compared to Check Point. I would rate Palo Alto as superior support to Fortinet or Check Point.

We used to work with Fortinet for approximately five years, and the Palo Alto Appliances was some time back.

I believe the Palo Alto support is excellent, and it has more features than Fortinet. Many businesses, in my opinion, are choosing Palo Alto.

Palo Alto support is very good.

Fortinet's main issue is the support. We can't take it to the enterprise level because the Fortinet support is not very good.

Check Point has previously held a large market share, but perhaps not recently. I think that the price point in India is a bit different. Check Point offers options. I don't see that Check Point is very high, but it is geared more towards enterprises.

We have evaluated Palo Alto Networks VM-Series to see what was available, and recently, I researched the Azure VM series to know how it worked.

I'm leaning toward the now cloud. The appliance base has now been removed. We are now concentrating our efforts on the Azure Cloud, AWS, and other similar platforms. I believe that people must mature in order to work on it. That's where things stand. As a result, we must learn how this is implemented on cloud platforms.

I would rate Check Point a seven out of ten but NGFW a six out of ten.

I'm at a university in Queretaro, Mexico and it's used to protect our infrastructure: wireless, LAN, PCs.  Since the solution prevents attacks, we have the checkpoint in all our equipment, from the critical infrastructure to the directors' and employees' cell phones.

This is the best enterprise solution. Almost every university in Mexico has Fortinet or VXN, but our mission is to have the best cybersecurity protection for our information and our users. We're a private university and our clients and information are the priority. This is the reason why I chose Check Point NGFW.   

The solution interface is good. It has three different ones: the NGFW, the Endpoint, and Harmony Mobile.

I've been using this solution for five years.

It is very stable.

The scalability of this solution is good.

Because my employees work in other departments, we used the deployment consultant. The service was very good.

The setup was simple because we had the checkpoint expert support. The time it took was standard and once the installation was complete, there was no problem at all.

The setup was simple because we had our partner and checkpoint expert support.  The time it took was standard and once the installation was complete, there was no problem at all.

I would rate this solution a nine out of ten. This is a very good solution. It's complex because it's not too easy to use, but the brand and our partner help us with NG Firewall configuration issues or other solutions like Harmony.

The university is growing every year and with that, I purchase more endpoint licenses and Harmony Endpoint because the firewall works well on the dimension and capacity. Next year, we plan to integrate Harmony Email and Office. The solution also prevents threats to Office 365.