Try our new research platform with insights from 80,000+ expert users
Senior Manager, Information Technology at a financial services firm with 10,001+ employees
Real User
We can add application signature in the same rule base & don't have to create a different policy for that
Pros and Cons
  • "Now we can add application signature in the same rule base & don't have to create a different policy for that."
  • "They should integrate all blades to use a single policy rather than multiple."

What is our primary use case?

The firewall is the primary use case of this solution & IPS is secondary use case of the solutions.

We are looking forward to Sandblast solutions.

We also use it for cloud expansions 

The Check Point NGFWs brought up the security level with the help of the advanced software blades - we use Application Control, URL Filtering, IPS, Anti-Bot, and Antivirus. The setup was simple, and the performance is great - we have significant resources to expand the environment in the future without disabling any blades and thus maintaining the security on the same, high level.

How has it helped my organization?

It has improved the security posture of the organization by implementing this solution.

Now we can add application signature in the same rule base & don't have to create a different policy for that.

Advanced networking and routing features - we use Proxy ARP to announced virtual IPs to ISP and bing domain names to it; BGP for dynamic routing over IPSec VPN tunnels to other environments, and Policy-Based Routing for connecting to two ISPs.

What is most valuable?

  • Easiness while working on all blade of firewalls 
  • Flexibility in NAT rules 
  • The new Policy Layers feature for building up the Access Control policy - the rules are now more understandable and efficient.
  • Also, even so, the new SmartConsole is declared to be unified starting from version R80.10, there are still some features that have to be configured in the old SmartDashboard (e.g. Mobile Access policy and Antivirus), or on the Gaia OS level (all the routing features).

What needs improvement?

  • Offline Sandblast solution, which should send malicious sources to other security solutions.
  • TAC Support level to be enhanced 
  • More details to be included while VPN troubleshooting, using GUI representation 
  • Integrate all blades to use a single policy rather than multiple.
Buyer's Guide
Check Point NGFW
June 2025
Learn what your peers think about Check Point NGFW. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
859,579 professionals have used our research since 2012.

For how long have I used the solution?

I have been using Check Point for more than 14 years.

Which solution did I use previously and why did I switch?

We are using Palo Alto and Check together.

What's my experience with pricing, setup cost, and licensing?

Cost is negotiable always & matches the expectations and licences are flexible and are added advantage. 

Which other solutions did I evaluate?

We evaluated other solutions.

Which deployment model are you using for this solution?

Private Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
PeerSpot user
Associate Consult at Atos
Vendor
The vulnerability assistance via report management detects host and network vulnerability
Pros and Cons
  • "Apart from it having very good features, I personally like the vulnerability assistance via report management which detects host and network vulnerability."
  • "Heavy load causes a higher CPU to peek which causes us to need to reboot the device. Malicious activity database corrupts the directory or path and restoring it takes a lot of time."

What is our primary use case?

Check Point leading industry provides a complete solution that is required to perimeter security along with deep packet inspection for network traffic.

Check Point not only acts as a traditional firewall but it provides you with complete security for users who work from home. Work from home users observed that Check Point gives 100 % functionality without any trouble.

It offers centralized management to customers where they have an IT member so there Check Point management can work properly. It is available in a smaller range to higher. Customers can get it at an affordable price. 

How has it helped my organization?

As we vendor, we deployed the Check Point firewall in many organizations and they are renewing its license as they trust the product and support.

Whatever feature they want is possible with Check Point and 80.20 later versions are coming in, that feature set was previously not available. Customers are satisfied. 

What is most valuable?

No other firewall provides a feature set in log monitoring and threat detection blades.

Apart from it having very good features, I personally like the vulnerability assistance via report management which detects host and network vulnerability.

Most customers need reports which define how many users are infected, how many viruses and malware there is, botnet traffic firewall deteted all this type of information. Check Point is in a very easy and understandable format based on logs history.

What needs improvement?

Sometimes the stability related application, URL filtering, and troubleshooting issues take longer than expected. I observed some feature set that is very easy to add from the deployment team but Check Point needs a longer procedure so customers relating those features with Check Point firewall and Palo Alto.

Heavy load causes a higher CPU peek which causes us to need to reboot the device. Malicious activity database corrupts the directory or path and restoring it take a lot of time .

We receive performance but sometimes there are stability-caused issues. 

For how long have I used the solution?

I have been using Check Point for three years. 

What do I think about the stability of the solution?

Check Point can defend Palo Alto if they work on stability.

How are customer service and technical support?

Tech support is very helpful and provides the right solution.

Which solution did I use previously and why did I switch?

We went from Sophos to Check Point.

How was the initial setup?

The initial setup was simple.

What about the implementation team?

We are only vendors.

What's my experience with pricing, setup cost, and licensing?

The pricing is really negotiable based on other competitor solutions.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Buyer's Guide
Check Point NGFW
June 2025
Learn what your peers think about Check Point NGFW. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
859,579 professionals have used our research since 2012.
Oleg P. - PeerSpot reviewer
Senior Network and Security Engineer at a computer software company with 201-500 employees
Real User
Our overall security of the environment has been greatly improved
Pros and Cons
  • "The overall security of the environment has been greatly improved by the Check Point NGFWs. Before implementing this solution we have to rely on the Cisco ACLs and Zone-Based firewall that we had configured on switches and routers, which in fact a simple stateful firewall, and currently not an efficient for protecting from advanced threats."
  • "The pricing for the Check Point products should be reconsidered - we found it to be quite expensive to purchase, and to maintain (the licenses and the support services need to be prolonged regularly)."

What is our primary use case?

Our company works in developing and delivering online gambling platforms. The Check Point NGFWs are the core security solution we use to protect our DataCenter environment located in Asia (Taiwan). The environment has about ~50 physical servers as virtualization hosts, and we have two HA Clusters consist of 2x5400 hardware appliances, managed by an OpenServer Security Management Server on a Virtual Machine (KVM), all running on R80.10 with the latest JumboHotfix. The Clusters serve as firewalls for both inter-VLAN and external traffic.

How has it helped my organization?

The overall security of the environment has been greatly improved by the Check Point NGFWs. Before implementing this solution we have to rely on the Cisco ACLs and Zone-Based firewall that we had configured on switches and routers, which in fact a simple stateful firewall, and currently not an efficient for protecting from advanced threats. The Check Point NGFWs brought up the security level with the help of the advanced software blades - we use Application Control, URL Filtering, IPS, Anti-Bot, and Antivirus. The setup was simple, and the performance is great - we have significant resources to expand the environment in the future without disabling any blades and thus maintaining the security on the same, high level.

What is most valuable?

1. Advanced logging capabilities - our support team on duty constantly monitors the security logs in the SmartConsole, and notifies the security team in case of major alerts.

2. Advanced networking and routing features - we use Proxy ARP to announced virtual IPs to ISP and bing domain names to it; BGP for dynamic routing over IPSec VPN tunnels to other environments, and Policy-Based Routing for connecting to two ISPs.

3. The new Policy Layers feature for building up the Access Control policy - the rules are now more understandable and efficient.

What needs improvement?

The pricing for the Check Point products should be reconsidered - we found it to be quite expensive to purchase and to maintain (the licenses and the support services need to be prolonged regularly). 

We also had several support cases opened for software issues (e.g. unstable BGP sessions over VPN tunnels), which, in our opinion, took too long to resolve - up to one month.

Also, even so, the new SmartConsole is declared to be unified starting from version R80.10, there are still some features that have to be configured in the old SmartDashboard (e.g. Mobile Access policy and Antivirus), or on the Gaia OS level (all the routing features).

For how long have I used the solution?

We have been using the Check Point Next-Generation Firewalls for about 3 years, starting from late 2017.

What do I think about the stability of the solution?

In general, the solution is stable, but we still have had some support cases opened and have to install the JumboHotfixes on a regular basis to fix the minor bugs. Please note that the current version of the software we use - R80.10 - is not the latest one (R80.40).

What do I think about the scalability of the solution?

The solution is scalable - we use the Active-Standby Clusters, but could switch to Active-Active and add additional Gateway nodes if needed.

How are customer service and technical support?

We have had several support cases opened. Some of the were resolved by installing the latest recommended JumoHotfix, some required additional configuration on OS kernel level (e.g. TCP MSS clamping). The longest issue took about one month to be resolved, which we consider too long.

Which solution did I use previously and why did I switch?

We relied on the ACLs and Zone-Based firewalls of the Cisco switches and firewalls, which doesn't provide sufficient security protection against the modern advanced threats. 

How was the initial setup?

The equipment has been delivered on time, without delays. The setup was straightforward. The configuration was easy and understandable. 

What about the implementation team?

In-house team - we have a Check Point Certified engineer.

What's my experience with pricing, setup cost, and licensing?

Use the Check Point Performance Sizing Utility to measure and estimate the hardware needed to purchase for your environment.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Manager for Operations, Security and Management at REN - Rede Energeticas Nacionais, S.A.
Real User
Identity awareness and application control features help secure our network
Pros and Cons
  • "The most valuable features for us are identity awareness, IDS and IPS, and application control."
  • "The speed of technical support is very slow and is something that should be improved."

What is our primary use case?

Our primary uses for the Check Point NGFW are network segmentation, identity awareness, and application control.

What is most valuable?

The most valuable features for us are identity awareness, IDS and IPS, and application control.

What needs improvement?

The speed of technical support is very slow and is something that should be improved.

For how long have I used the solution?

We have been using Check Point firewalls for about 20 years.

What do I think about the stability of the solution?

There were times in the past when it wasn't as stable as it is now. However, with the current version, we have been running for the past year without any issues.

What do I think about the scalability of the solution?

Our company has about 1,000 users that generate traffic that passes through the firewall. Beyond that, we haven't had much need to scale.

How are customer service and technical support?

The technical support is very slow.

Which solution did I use previously and why did I switch?

The two firewalls that we having implemented are Check Point and Fortinet.

I have also worked with Juniper but it does not have all of the advanced features that Check Point has, such as application control and identity awareness.

How was the initial setup?

The initial setup is pretty simple. The amount of time required for deployment depends on the number of rules that need to be configured. The initial setup can be done in one day, and the post-setup configuration depends on the rules to be applied.

What about the implementation team?

The initial setup was completed by a partner, who was a certified system integrator.

Our in-house team handles maintenance.

What's my experience with pricing, setup cost, and licensing?

This product is not cheap and there are additional costs that depend on what model or package that you buy. If you need more features then you may have to buy additional modules. In our case, we knew what we wanted in advance so there were no additional costs.

What other advice do I have?

Overall, I am pretty happy with Check Point firewalls. My advice for anybody who is implementing this product is to get somebody with experience to help choose the correct, stable version, and assist with the configuration. All of the new features take time to implement properly, but if the correct steps are followed then they won't run into problems when the system goes into production. 

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
mervemetin - PeerSpot reviewer
Network Security Engineer at Türkiye İş Bankası
Real User
User-friendly and offers multilayered, innovative, and flexible protection against a variety of threats
Pros and Cons
  • "Check Point is very administrator-friendly and the SmartDashboard is easy to use."
  • "The SmartUpdate interface is a little bit crowded if your company has a lot of software items."

What is our primary use case?

We have a big environment with nearly fifteen multi-vendor clusters. We are using firewalls mainly for layer three access rules. But nowadays, application-layer-based security and threat prevention are also important. We are using IPS and antivirus blades actively, too.

In the Intrusion Prevention System blade, we are using a lot of different signatures and actions according to the impact, severity, and cost of the specified signature. The antivirus blade is also in the same logic as the Intrusion Prevention System.

How has it helped my organization?

Multilayered protection is provided thanks to Check Point. For instance, security is achieved both on the endpoint side, as well as the firewall side.

Another example is that we can prevent critical and high-risk applications from being reached through the internal network by utilizing the application blade.

All of the blades, except URL filtering, are in the same interface and provide big savings when leading the security operations.

What is most valuable?

Firstly, inline layer technology is helpful because it will classify the traffic according to different security groups. This means that we can isolate them totally and it will also prevent human error because you are limiting source, destination, service, and application parameters at the top of the inline layer rule.

Check Point is very administrator-friendly and the SmartDashboard is easy to use.

The Blades and security features are also very innovative and up-to-date.

With the IPS blade, the administrator can write signature-based exceptions for specific users. This provides flexibility to except specific connections from specific signatures.

The cloning and copy/paste operations are very useful.

What needs improvement?

The SmartUpdate interface is a little bit crowded if your company has a lot of software items.

As an administrator, one should know how to troubleshoot by issuing related CLI commands before or after upgrading gateways, or the management server, in case of a problem.

Hardware problems on Check Point devices, such as those related to NIC or disk problems, may occur at times. In cases such as this, the support team is available and does what is needed, including the RMA process if necessary.

For how long have I used the solution?

We have been using Check Point for 10 years.

What do I think about the scalability of the solution?

In my opinion, scaling is very important and it must be done ahead of time. I would suggest considering scale three years in advance, as opposed to just the present.

Which solution did I use previously and why did I switch?

We did not use another solution prior to this one.

What's my experience with pricing, setup cost, and licensing?

Licensing issues may be confusing at times.

Which other solutions did I evaluate?

We did not evaluate other products before choosing Check Point NGFW.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
PeerSpot user
Head Of Technical Operations at Boylesports
Real User
Easy to manage, eliminates having to remove old hardware, and has multiple capabilities in a single box
Pros and Cons
  • "The best feature is the ability to increase the capacity of the solution by exactly what you add, not losing anything for High Availability."
  • "One of the biggest disappointments is the GUI."

What is our primary use case?

This is a complex high availability solution growing by over 100% per year. The complexity of the business environment made the ability to increase capacity without having to remove previous hardware much easier.

We have a large online presence with users needing realtor access to our environment. 

How has it helped my organization?

The improvements to our business are easy to explain. It is faster, easy to use, and there are multiple capabilities all in one box. The best examples are the endpoint and anti-virus options.

The ability to add more firewalls and increase the capabilities, rather than remove the hardware, is an exceptional step forward. No competitor was able to compete with this. Not having to continually replace hardware year after year was a massive driver in the decision-making process. The throughput going up by 100% with each added device is exceptional.

What is most valuable?

There are many features we have found good.

The best feature is the ability to increase the capacity of the solution by exactly what you add, not losing anything for High Availability. This feature alone will save us as we increase the number of devices in the stack.

Having so many top-end products in one box also assists in managing this device. URL filtering and anti-virus and other services are easy to deploy but assist in getting your company a good name.

The Infinity product seems amazing but we have a long way to go before saying it is successful.

What needs improvement?

One of the biggest disappointments is the GUI. I felt it was a little bit more clunky than some competitors. The screens don't flow as easily as they should. Improving user experience will further elevate this product.

The way the management console operates is not user-friendly, either. It needs to become less intrusive. The user experience is not as high as it should be due to the problems with the user interface. The newer products in the range seem to address my concerns, which I have had for even the older products.

For how long have I used the solution?

I have been using Check Point NGFW for six months.

Which other solutions did I evaluate?

Having leading-class firewalls with massive growth possibilities made the purchasing decision much easier. Having carried out a few PoCs, the obvious decision was the Check Point solution of Maestro and 6500s in a high availability environment.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
reviewer1266306 - PeerSpot reviewer
Deputy Manager - Cyber Security at a transportation company with 5,001-10,000 employees
Real User
Easy to manage from a single console and offers zero-day protection against advanced threats
Pros and Cons
  • "The most valuable feature is that we are protected against zero-day threats."
  • "Reporting has to be improved."

What is our primary use case?

We use this solution for our perimeter firewall to protect our web applications, systems, and network. We are running our complete business with Check Point.

The complete traffic is managed by Check Point. The Check Point threat emulation blade is enabled to protect zero-day attacks and it will detect and prevent attachments and other payloads from this type of attack.

How has it helped my organization?

We have been running Check Point for the last ten years and it protected our network, systems, and applications against the latest attack. Our organization is running 500 applications that are being protected.

The next-generation firewall will manage all of the traffic and prevent the latest & advanced threats from attackers. The latest operating systems R 80.20 is wonderfully designed and allows customers to manage everything with a single console.

What is most valuable?

The most valuable feature is that we are protected against zero-day threats.

Everything can be managed from a single console.

What needs improvement?

We would like to see the following improvements:

  1. Multiple ISP redundancy.
  2. CPU utilization.
  3. VPN traffic.
  4. HA concept, where if we apply the policy in the primary appliance that should be applied to HA appliance automatically.
  5. The number of bugs has to be reduced.
  6. The number of false positives should be reduced. 
  7. Threat emulation has to be improved.
  8. Reporting has to be improved.

For how long have I used the solution?

I have been using Check Point Next Generation Firewall for ten years.

How are customer service and technical support?

We are happy with Check Point technology and support.

What other advice do I have?

Both IN and OUT traffic is managed by Check Point. We are happy with Check Point technology including the protection, management, and the ability to secure the enterprise network against advanced threats.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Manegnet677 - PeerSpot reviewer
Network Manager at a retailer with 10,001+ employees
Real User
Easy to use with good monitoring features
Pros and Cons
  • "The solution is easy to use. I like the monitoring the most."
  • "All the advanced features of automation, especially the first installation of tunnels, need improvement."

What is most valuable?

The solution is easy to use. I like the monitoring the most.

What needs improvement?

All the advanced features of automation, especially the first installation of tunnels, need improvement. Also, in terms of configuration, in terms of tuning, and fine-tuning the system, I think they do make it a bit hard for users. Right now, we need to teach admins, the network and security admins about system fine-tuning in terms of load balancing between CPUs, assignment of processes. I don't think a network admin or a system admin should deal with it in terms of when we are speaking about the firewall or networking device. It should be automatic.

For how long have I used the solution?

I've been using the solution for five to six years.

What do I think about the stability of the solution?

It's a stable solution. There are about 15,000 users installed behind the firewall.

What do I think about the scalability of the solution?

It's a scalable solution. It's very good.

How was the initial setup?

It's easy to install Check Point, but not in the case of a large environment and multiple clusters. This is an ongoing project I can't tell you how long deployment takes. It's a huge network that I have. I have three people maintaining the solution.

What other advice do I have?

I have a basic network firewall and not the advanced feature, full feature security system. I think they are the best. Still, for instance, when installing a tunnel in Check Point vs installing a tunnel in Cisco, the difference is that in Check Point nothing makes sense, and in Cisco you have the duration capability, the hierarchy of the configuration.

I would rate this solution as 8 out of 10. Mostly because of configuration problems - problems with configuring VPNs, and panels, etc.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Buyer's Guide
Download our free Check Point NGFW Report and get advice and tips from experienced pros sharing their opinions.
Updated: June 2025
Buyer's Guide
Download our free Check Point NGFW Report and get advice and tips from experienced pros sharing their opinions.