Check Point NGFW Reviews

We are using the new version of Check Point NGFW. 

We use the solution for web page protection to provide the security service which is lacking in Bolivia, a poverty ridden country. 

I like the facility of the product configuration. The ease with which the solution can be put into production makes it easy for my employers and for me to provide client support. 

The interface could be better. There is much equipment that is involved in the monitoring of many clients in a single interface. 

With other platforms, such as WatchGuard, it is very simple to manage four, five or six of these. We are talking about a lot of clients. The platforms for doing monitoring should be addressed. 

The solution boasts good stability. 

The solution boasts good scalability. 

I have not had need to make use of technical support. 

The initial setup is easy. 

When it comes to the deployment and maintenance, there are two people involved, one for the deployment and the other for monitoring, consisting of an engineer and a technician. 

I feel that the clients are very satisfied with the product.

I don't have any particular advice when it comes to the deployment process. This will depend on the client's needs. 

I rate Check Point NGFW as an eight out of ten. 

Check Point has strong security features as well as some decent monitoring and management capabilities.

My customers complain that the interface isn't user-friendly.

I have been using Check Point for eight years.

Check Point stable. I've had no problems.

Check Point is scalable.

Check Point support is good.

Check Point's setup process isn't very user-friendly.

Check Point is a little more expensive than FortiGate.

I rate Check Point nine out of 10. I work with both Check Point and FortiGate. Each has its advantages and disadvantages. Check Point is more secure than FortiGate. However, Fortigate is more affordable and user-friendly. FortiGate offers seamless solutions to customers, so If they want a solution that's easy to use, they go with FortiGate.

I am using this solution for perimeter security in the company. Our firewall security is centralized under one management. Also, we use this firewall to manage some of the VPN clients and the employees' access across the company. 

Each firewall is capable of using the VPN client, but we only use two. We have five in total, but we only use two for these issues.

I am using the firmware version for the operating system. The blades are firewalled for IPS and mobile access.

Last year, we used the Check Point Identity Awareness Software Blade. Now, we only use a normal firewall with IP address rules, address destination, and services. Then, we can filter by users. So, my boss has access to these things by user. Even if it's connected with the Active Directory, we can filter by user name, or in this case by server name, and it works perfectly. This is very valuable for our company.

The most valuable features about Check Point are the API and automation process.

Using the GUI, you can add comments from your PC or the client server. If I want to check the firewall rules, I can send one line of command to determine if it is configured or not. 

Its implementation and integration with the rest of the network are better than its competitors.

The stability needs improvement for its version releases. They have a feature called Inline Layer as part of the R80.10 release. In the last version, it still had bugs and is not working very well. I would like the developers to release a version that is more stable, because if you start to use the latest release and try to use this newest feature, I'm not 100 percent sure that it will work very well. After six months of development, it might start working better. However, at the beginning, it's not a good choice to implement in your company with your first attempt. But one or two releases later, it might be better. 

If you only have one vendor and they are downgraded or no longer a leader in their industry, then you need to change the entire solution, making it more expensive. For example, Check Point's components are not interchangeable with other vendors.

Around four years.

The stability of the firewall is nice if you use the legacy mode, because the new mode is not good. Things worked in version 77, which is older. It was more stable. When they jumped from version 77 to 88, sometimes things didn't work that used to work in the earlier version.

The scalability of the firewall depends on the model. In terms of the implementation, it's really easy.

We have about 25 users for the entire solution. We have two engineers who work on deployments and implementation. We have another 18 engineers who do support and operations. They have responsibility to monitor the firewall 24/7.

It protects the core network and ISP: the routing, switching, and APM backbone. This is around 8,000 pieces of equipment. 

We don't have plans to increase our usage right now.

I would rate the technical support as a seven out of 10. Sometimes, it's difficult to get them to understand what the issue is. Sometimes, the issue is not resolved, then we solve it by ourselves with Check Point's documentation, which can be useful. When you open a case with Check Point, they can be a little slow. Sometimes, they don't solve things.

In the beginning, we used Fortinet, Juniper, and Cisco. Now, we only use Check Point for firewalls. 

Last year, we changed the Fortinet firewall to the Check Point firewall. The Check Point API let me make 100 net rules in just 10 minutes, which saved us time.

The administration is awful in Fortinet. They have the FortiGate portal on an HTTP portal. Therefore, if you want to make a change, you can make a change. But if you do the change, then it's directly applied on the network, and we don't want to do that. We configure and change the policy and routing. We only apply the changes in the night. However, with Fortinet, you need to configure and apply the changes at the same time. So, it's not useful for our operations.

With Fortinet, you need to duplicate the rules from the DMZ to the Internet and the Internet to the DMZ. In Check Point, you only use one rule, which works on both sites.

The initial setup is really easy. You can do it in 30 minutes. Setting up an environment for a firewall and its management with a licensed demo took me an hour last week, and that includes the time for configuring the rules. The whole installation is 30 minutes and the configuration is another 30 minutes.

If you are implementing from another vendor, Check Point has a program called SmartMove. Then, all you need is the configuration of the previous firewall. Once you do some optimization, then you are ready for the integration. This might take a month overall.

We consulted with one partner of Check Point, who is our provider. If the issue is really big, then we open a case with Check Point directly via the partner. My experience with them was really nice. It was the best experience that I had ever had.

They have amazing engineers. Their expertise is unbelievable. They do integrations really well. They could improve on routing and networking, but the product is what is important for me. 

The firewall is only for protection. It is not used to sell services.

The pricing and licensing are expensive. If you compare it with Fortinet, then it is cheaper on a yearly basis. However, Check Point is the most expensive firewall right now in terms of licenses and its appliance. My recommendation is if you want a long-term investment, then you should use an open server. If you use an open server, then the latency is really low. If you pay for a full appliance, it's more expensive.

Check Point's web administration is not complete. If you compare it to Fortinet's web administration, Check Point's web administration is not nice. However, Check Point's full solution, including SmartConsole, is better than Fortinet's solution.

If you use Apple computers or Linux, the product may not be a good choice for you.

I would rate the solution as a seven point eight out of 10. They can improve some things. They can make it more flexible in terms of its software. It is a good solution, and I like it. For me, it's the best firewall solution.

We use this product as firewall protection.

We are a utility company, so we need efficient antivirus protocols. The firewall support is extremely important to our organization. Checkpoint helps us protect our company from outside threats.

It is easy to configure and it is a valuable antivirus protection. I especially like the IPS feature of this product.

The presentation of the reports need to be more user-friendly. 

Sometimes we have problems. In those cases, we just need to reboot the system.

The scalability of the solution is not great for us because we have old equipment. With newer equipment, I think the scalability would be much better. It is no fault of the solution itself. 

The Checkpoint tech support takes a long time to resolve problems. 

Prior to Checkpoint, we considered Cisco. 

It was a complex setup. We had a partner configure the equipment. 

The price is high in comparison to other solutions. 

We are currently considering Fortinet as another possible option. 

After much evaluation, we have decided to change our firewall.

I have certain customers who make use of the solution for providing security in respect of internet access. I am aware only of the solution acting as a firewall. 

My customers cite performance and ease of configuration as two of the solution's most valuable features. 

The price is middling. It's much more expensive than Fortinet, although not so expensive when compared with Palo Alto. 

The solution is significantly more expensive than Fortinet, although this holds true to a lesser extent when compared with Palo Alto. 

The solution is significantly more expensive than Fortinet, although this holds true to a lesser degree when compared with Palo Alto. 

I do not have much familiarity with Check Point NGFW, although I do have several customers who make use of it. I can mainly comment based on what I have come across in user reviews in magazines.

I know the solution to be one of the top players in the world at the moment. 

As Check Point NGFW does not compare favorably price-wise with Fortinet, I am inclined to deduct a point from its rating and rate it as a nine out of ten.

We primarily use it for security.

The most valuable features for us are the solution's identity awareness and intrusion prevention.

The solution is very stable.

We have found the solution to be scalable. 

Technical support is very good.

The complexity could be fixed. It's a bit complex to set up, for example. They could make it a streamlined and easier process. 

In a future release, it would be nice if they added web administration capabilities. 

I've been using the solution for about 20 years. It's been two decades at this point. I've used it for quite a while. 

The stability of the solution has been excellent so far. There are no bugs or glitches and it doesn't crash or freeze. It's reliable. 

The scalability of the product is very good. If a company needs to expand it, it can. It's not hard. 

We have found the technical support to be very helpful and responsive. We are satisfied with the level of support we get from them.

The initial setup is not easy. It's a bit complex. 

We're a partner.

I'd recommend this solution to other users and companies. We've been happy with its capabilities. 

I'd give the solution a rating of nine out of ten.

We are a system integrator and the Check Point Next-Generation Firewall is one of the solutions that we implement for our clients. It is primarily used for data protection, VPNs, and sandboxing. We also use it in our own data center.

The most valuable features are application control, regulation, and threat prevention.

Compliance and centralized management can be improved.

I have been using the Check Point NGFW for perhaps ten years.

This firewall runs 24 hours a day and it is stable.

It scales okay because they are SCADA compliant and follow the industry standards. It is best suited to enterprise-level organizations.

Technical support is located in Prague, Israel, and America. The support is good and they are quick.

We have also worked with Fortinet a little bit. We switched to Check Point because our team is a perfect fit for it. We know the solution well.

The length of time required for deployment depends on the size of the environment. Our largest solution took us between 10 and 20 days.

We have a contract with the vendor to implement and deploy this solution for customers. There are three engineers on the staff who are responsible for maintenance and support, including dealing with tickets.

In total, working with this solution, we have four engineers and two junior administrators.

It is quite an expensive product, although security is a top priority. For people who want security, the price is not a problem, and everything is included in the price of the license.

This is the number one, best firewall on the market. My biggest complaint is that the centralized management has to be improved.

I would rate this solution a ten out of ten.

It is our next-generation firewall and IPS.

We had some security issues that WatchGuard could not resolve. Since installing Check Point, we have not had any troubles. We don't have any security problems anymore.

Also, as we are systems integrators, we could not offer only one brand to our customers. We had to expand to several solutions to enable customers to make their own decisions.

It's a gateway and we can integrate some of their functionalities. It's a gateway for us to work with them. Compared to the previous solution we had - WatchGuard - Check Point really works.

We looked very closely at ArcSight's solution because it's a multi-vendor solution. With ArcSight we could have Check Point, we could have RSA, we could have any brand and integrate several brands, from a security point of view. With Check Point, you cannot do so, you can integrate with Check Point products. Check Point forces the customer to buy only one vendor's solution but the trends of the market are not to work with only one vendor. If Check Point could work with other vendor solutions, that would an improvement.

It would also help if they had solutions for the SMB market. Check Point is only useful for customers that have a big IT budget. If they don't have the IT budget, the customer has to buy a solution that from another vendor.

For the last 10 or 12 years, Check Point has been at the top of the industry ratings, so this demonstrates they make good products. The stability is really good.

Technical support is really good. We work with a partner from Check Point, a very good partner. The time of response is very good. We are satisfied with the solutions that Check Point has provided us.

Before using Check Point we were using WatchGuard, but it was not a good brand. Support from them was very difficult. We decided on Check Point because, first of all, their salespeople did a good job. In addition, their position in the market helped us decide to buy. Also, we are systems integrators and many of our customers use Check Point. Their feedback helped us make the decision to go with Check Point.

An important criterion when selecting a vendor is that the vendor has to provide support here in Peru. Our experience with WatchGuard not having a local representative was that the support was not good in terms of time of response as well as difficulties with the idioms of the language. We speak Spanish and the support was only in English, so it was difficult.

I'm not part of the technical staff. But from what I heard, the setup was fine. I believe the installation and deployment were without any problems.

Check Point solutions are very expensive here. It's good, but it's expensive.

Some vendors offer a PoC. When you do a PoC you can more easily see which is the better solution. We would recommend requiring a PoC.

I would rate Check Point an eight out of 10. They're not a 10 because of their pricing.