Security Solution Architect at a computer software company with 11-50 employees
Real User
Top-notch when it comes to network security
Pros and Cons
  • "On the firewall side, the security efficacy is good."
  • "This solution requires management software that is sold separately; it's actually a different appliance altogether."

What is our primary use case?

We use this solution for perimeter security and data center security.

What is most valuable?

On the firewall side, the security efficacy is good. The interface for application filtering and application-based policies is also good. They have good roadmap on the cloud as well.

What needs improvement?

This solution requires management software that is sold separately; it's actually a different appliance altogether. For smaller customers or smaller environments, this becomes an added entity in the environment. Not to mention, they'll also have to invest a lot in the necessary management stations. If that came built-in, it would really benefit smaller businesses. 

The performance when you enable decryption could be improved. That's a CPU-intensive task. Many customers struggle if they try to implement decryption — it can really hamper the performance. It's probably something to do with the appliance or the hardware design. This needs to be examined further.

For how long have I used the solution?

I have been using Check Point NGFW for roughly five years. 

Buyer's Guide
Check Point NGFW
March 2024
Learn what your peers think about Check Point NGFW. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
757,198 professionals have used our research since 2012.

What do I think about the stability of the solution?

This solution is quite stable. Performance-wise, I have seen customers using this solution for years without issue. 

What do I think about the scalability of the solution?

There are different models available. Sizing can be done accordingly. They have a good range of versions available for small to large data centers. So, scalability is definitely there. 

How are customer service and support?

As I am not an end-user, I haven't really had any contact with support. Still, none of my customers have had any complaints regarding support.

How was the initial setup?

The initial setup was fairly easy. Still, compared to other vendors, the learning curve is a bit complex. 

What's my experience with pricing, setup cost, and licensing?

Compared with Palo Alto and Cisco, the price of this solution is quite fair. Compared to Fortinet and other vendors, it's probably a little bit on the higher side. Really, it all depends on what you get at the end of the day.

What other advice do I have?

Overall, on a scale from one to ten, I would give this solution a rating of eight. 

I would definitely recommend this solution. It's a good platform for perimeter security. In an enterprise, you need good security. There's endpoint security, network security, and cloud security. Check Point's strongest point is network security; they still need to catch up on endpoint and cloud security. If you're interested in integrating all of these tools, then there are better products available. However, as far as network security is concerned, Check Point is really good.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
PeerSpot user
Founder Director at digisec
Real User
Top 20
Well-established product with great flexibility and user-interface
Pros and Cons
  • "The features that I have found most valuable are its flexibility and user interface. This is already a well-established product in the market for quite a long time, more than 20 years. They've got a huge customer base."
  • "In terms of what could be improved, I would say the application control and the visibility. I'd like granularity where you can have all the levels of policies that are defined, including the intel threat. It depends on what kind of intel threat the company has."

What is our primary use case?

Our customers primarily buy the solution to protect the network from malware at the perimeter of the Network. The next-gen firewalls help the customer to have an application-level control of the traffic.

What is most valuable?

The features that I have found most valuable are its flexibility and user interface. This is already a well-established product in the market for quite a long time, more than 20 years. They've got a huge customer base.

What needs improvement?

In terms of what could be improved, I'd like granularity where you can have all the levels of policies that are defined. 

In additional feature that could be added to this solution in the future is micro-segmentation, like Palo Alto has on the firewall itself.

For how long have I used the solution?

I began using Check Point Next Generation Firewall very recently, about four or five months ago.

What do I think about the stability of the solution?

We have an internal team for maintenance.

What do I think about the scalability of the solution?

In terms of scalability, what we have seen is that it has a big deployment right now. So it all depends on what kind of environment the customer has. If he's already a Check Point user, it is easy for them, but if it is migrating from one platform to another, it is a little complex. One more thing is that the skillset availability required for Check Point is, in terms of implementation, a little less compared to others. The resources and the technical stuff are there for implementation. You find fewer people on Check Point compared to Sophos or Fortinet or any other platform.

How was the initial setup?

The installation process, if it is a greenfield opportunity, is easy. If it is a migration from one platform to another, you need to have expertise on both the technologies. Let's say for example you're migrating from Fortinet to Check Point, or from Sophos to Check Point or Check Point to any other, you need to have expertise on the platform, even though you should have good experience in terms of migrating and technologies.

What other advice do I have?

In my experience, Check Point provides both in-depth experience and cost-effectiveness compared to Palo Alto. So, Check Point is good for customers already using Check Point and Palo Alto is for anybody who wants to have the latest and most advanced features and has a good budget.

On a scale of one to ten, I would rate Check Point NGFW an 8.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Buyer's Guide
Check Point NGFW
March 2024
Learn what your peers think about Check Point NGFW. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
757,198 professionals have used our research since 2012.
System Analyst at a comms service provider with 51-200 employees
Real User
Good security and transparency but requires a better UI
Pros and Cons
  • "Newer versions are much more stable."
  • "It's my understanding that the initial setup is a bit complex. There's a bit of a learning curve if you're trying to set it up for the first time and you aren't familiar with the product."

What is our primary use case?

Primarily, we implement the solution at a couple of sites around the world and have created five site VPNs across it. We are running a pretty decent policy to make sure internally our infrastructure is secure.

What is most valuable?

The product offers excellent security. How open they are with new risks and new vulnerabilities is very helpful in the task of keeping our company safe from malicious attacks.

Newer versions are much more stable.

What needs improvement?

The UI could use some improvement. It's not as clean or seamless as it could be. 

It's my understanding that the initial setup is a bit complex. There's a bit of a learning curve if you're trying to set it up for the first time and you aren't familiar with the product.

Older versions were a bit unstable. 

For how long have I used the solution?

We've been using the solution for six or seven years so far. It's been a while. 

What do I think about the stability of the solution?

While this version seems to be quite stable, Check Point, in previous versions, had a lot of issues when we used to do firmware updates.

What do I think about the scalability of the solution?

We have 200 people on the solution currently. 

Which solution did I use previously and why did I switch?

I also have experience with Fortinet. I don't have too much, however. It's still very new to me, and therefore it's hard to compare the two solutions. 

How was the initial setup?

While I didn't directly participate in the implementation, from the people that participated, I've heard that it's complicated if you don't know the product very well.

What about the implementation team?

We hired a company to do the implementation. I don't remember the dynamics of the team. The last time it was set up, there were two people on the implementation team. 

What other advice do I have?

While we don't have a direct relationship with the company, we do have business relationships with both Fortinet and Checkpoint partners.

I'd rate the solution at a seven out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Senior Network Security Engineer at a tech services company with 51-200 employees
Real User
Top 5
The product is highly scalable and flexible, but the cost of add-on features is too high
Pros and Cons
  • "The product is flexible."
  • "The cost of add-on features is too high."

What is our primary use case?

We use the tool as a data center firewall. Some of our customers use it as a perimeter firewall. We are only using the security gateway.

What is most valuable?

The product is flexible. I like the product’s performance and throughput.

What needs improvement?

The cost of add-on features is too high.

For how long have I used the solution?

I have been using the solution for five to six years.

What do I think about the stability of the solution?

The tool is stable. We haven’t faced any issues after configuring and putting it in production.

What do I think about the scalability of the solution?

We have roughly 7000 appliances. The tool is scalable. I like the scalability of the solution. We have 10 to 20 customers.

How are customer service and support?

The technical support is good.

How would you rate customer service and support?

Positive

How was the initial setup?

The initial setup is easy.

What's my experience with pricing, setup cost, and licensing?

The pricing is moderate. The license cost is good. However, some features like VPN are costly.

What other advice do I have?

We use the solution for our clients. My recommendation depends upon the requirements. I do not recommend the product for an SMB. I recommend it for enterprises. It has good performance and throughput. Overall, I rate the solution a seven or eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: customer/partner
Flag as inappropriate
PeerSpot user
Senior Network Engineer at a retailer with 5,001-10,000 employees
Real User
Completely useless support, too many bugs, can't get anything to work, and too expensive for what you get

What is our primary use case?

Our primary use case of this solution is to use it as a security gateway. 

What is most valuable?

The visibility and the logging are the most valuable features. Also, their interface is second to none. The best thing about it is the interface but it crashes too often. If it can stop crashing that would be great. 

What needs improvement?

Their support is completely useless. They need to improve that and the stability. The main reason we are moving on from Checkpoint is because of their stability and their support. There are way too many bugs. You just can't get things to work properly.

They don't need to bring any more features. They need to focus on stability. They should stop trying to be funky and stop trying to develop new things to catch people's attention. Just focus on what they already have and make it work. It would be a good product. Just make sure it works. 

For how long have I used the solution?

More than five years.

What do I think about the scalability of the solution?

When it works, scalability is perfect. 

Which solution did I use previously and why did I switch?

Six years ago we were using a Fortinet solution. The reason we switched to Checkpoint was because of the central management. It can manage up to hundreds of devices without failing but in reality, it doesn't actually do that. Central management was better than Fortinet back then. That was several years ago. I don't know Fortinet now. The reason we chose Checkpoint was the central management. We needed to manage up to about 700 or 800 devices.

How was the initial setup?

The initial setup depends on how many features you want to turn on. If you just want a simple set-up, with not a lot of features, then it's easy. You can set one up very quickly, within a day. If you want to have a lot of features turned on and your environment is slightly more complex than standard, it can take up to a few months because you will always run into bugs. It's going to stop you from proceeding and you will be battling with it for a long, long time. Contacting support won't always help. You could potentially waste months of your time and not get any value from it. 

What about the implementation team?

We had Checkpoint support engineers for the implementation. The people are helpful. They support their product. The problem is that there were too many problems. Even their support can't fix it. They try their best to help but when the product isn't great, there's not much you can do.

What's my experience with pricing, setup cost, and licensing?

This solution is way too expensive for what it is worth, especially when it doesn't work. It's just pointless. It's time wasted.

What other advice do I have?

I would rate this solution a three out of ten. The reason I give it a three and not zero is because the visibility and the interface are great. Other than that, they're too much of a headache. We've had painful experiences that we never want to go back to. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Security Engineer at Tenece Professional services
Reseller
Enables us to complete the network compliance rules and has a great GUI
Pros and Cons
  • "We use Check Point to complete the network compliance rules."
  • "This product has room for improvement in technical support for Africa."

What is our primary use case?

The management of our company requires a firewall implementation. We use Check Point to complete the network compliance rules.

How has it helped my organization?

We use Check Point NGFW for compliance. The initial request leads to secondary requests. By the time you have recognition, there is recollection. For the main service, it's collection.

What is most valuable?

The feature we have found to be the most valuable is the management firewall. 

What needs improvement?

This product has room for improvement in technical support for Africa. There are some problems with African countries. We also need to provide excellent services. 

The additional feature I would most like to see included in the next release of this solution is removal management.

What do I think about the stability of the solution?

The stability of the solution is quite good. It has a great GUI and it's comfortable. I love the content. Of course, you also have great support.

What do I think about the scalability of the solution?

The new version is highly scalable. Now all of our users depend on the firewall. We have about 150 users. We require two staff for deployment and management.

Which solution did I use previously and why did I switch?

We previously used Sophos. We switched for more security. 

How was the initial setup?

The initial setup was straightforward. Our deployment took two or three weeks. Deploying the first one was two weeks, but the other ones were around one week.

What about the implementation team?

For the first setup, I used a consultant. For the second one, I didn't. We didn't need one.

What's my experience with pricing, setup cost, and licensing?

Licensing costs for this solution are on a yearly basis.

What other advice do I have?

On a scale from one to 10, I would rate this product a nine. Nobody's perfect.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
System Security Engineer at Ziraat Teknoloji
User
Great IPS and Antivirus features with responsive technical support
Pros and Cons
  • "The Blades work fine and the performance optimization is great."
  • "The upgrading process takes too much time."

What is our primary use case?

We primarily use the solution for security.

How has it helped my organization?

Check Point NGFW is a stable and user-friendly solution. It has increased the security level and stability within our organization. With the ATP solution, it works and is fully competent. It can catch many zero-day attacks and it fits NGFW well,

What is most valuable?

The most valuable features are IPS and Antivirus. 

The Blades work fine and the performance optimization is great.

What needs improvement?

In some features, it is not easy to use the Check Point firewall. 

The IPSEC VPN setup is not easy to configure. In some cases, if the VPN is not established, it is very hard to troubleshoot the configuration. It does not address the problem well. 

The upgrading process takes too much time.

For how long have I used the solution?

I've used the solution for seven years.

What do I think about the stability of the solution?

The stability is very good. I would rate it at a nine out of ten.

What do I think about the scalability of the solution?

The solution is scalable. I'd rate it at a nine out of ten.

How are customer service and technical support?

In most cases, they answer our ticket in one day. They are willing to solve the problems at hand.

How was the initial setup?

The initial setup is not easy, however, it is also not very complex. We have to use both the Gaia and smart console interface and it should be checked for some conf from the CLI.

What about the implementation team?

We did and their expertise was high. We did not face many problems.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Senior Technical Consultant at Ivalue Infosolution
Consultant
Feature-rich, easy to deploy, security oriented, and offers scalability and great throughput
Pros and Cons
  • "The most valuable feature is the Stateful Inspection, which was developed by Check Point."
  • "No product is perfect and there is always room for improvement."

What is our primary use case?

I am a Check Point distributor and the Next-Generation Firewall is one of the products that I am dealing with. My customers use this as part of their security solution that covers mobile devices, computers, their network, cloud, SD-WAN, IoT devices, IP phones, IP cameras, and others.

How has it helped my organization?

Checkpoint has provided Security to the entire data center. 

What is most valuable?

This is a feature-rich product and all of them are useful.

The most valuable feature is the Stateful Inspection, which was developed by Check Point.

The throughput is very good with Check Point. Checkpoint ThreatCloud is the largest threat intelligence database. 

Checkpoint management is a single pane of glass from where you can manage all the CP solutions from a single point be it on-prem or cloud or hybrid.

What needs improvement?

There is always room for improvement and CP Dev team is on right path.

For how long have I used the solution?

I have been working with Check Point firewalls for more than five years.

What do I think about the stability of the solution?

This is a stable firewall. It is very good.

What do I think about the scalability of the solution?

Scalability and throughput are very high. They have also launched a solution called Check Point Maestro, which provides cloud-level scalability on-premises. This makes it very scalable.

Which solution did I use previously and why did I switch?

My customers use firewall products from several vendors, including Sophos. Sometimes they replace their existing firewalls, and at other times, they run Check Point in parallel.

How was the initial setup?

The initial setup is very simple. This solution can be installed on-premises or on the cloud.

It takes between 30 and 45 minutes to deploy.

What about the implementation team?

Our in-house team does the installation for our clients. We also handle support, depending on what level of support the client has. Sometimes, they go directly to the OEM.

What other advice do I have?

Until earlier this year, the consolidated management was application-based and required installation. As of recently, they have launched web-based management, as well as cloud-based management. This is an upgrade that I had been waiting for because we no longer have to go to the dashboard. Instead, we just enter the IP into chrome and you get the dashboard on the web page, without having to install anything.

This is a very good product, although there is always room for improvement.

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Check Point NGFW Report and get advice and tips from experienced pros sharing their opinions.
Updated: March 2024
Buyer's Guide
Download our free Check Point NGFW Report and get advice and tips from experienced pros sharing their opinions.