It's just enterprise firewalls, firewall clusters for redundancy to secure the company network from the internet, and as well as a data center firewall, for example, if you want to split up subnets to control traffic between them.
Systems Engineer at a tech services company with 11-50 employees
Management is handy, easy to implement and good oversight of our rule set
Pros and Cons
- "The management is very handy and intuitive, and it has a lot of features."
- "Check Point could offer a cloud-managed approach similar to that of Cisco Meraki."
What is our primary use case?
What is most valuable?
The management is very handy and intuitive, and it has a lot of features. I think it's one of the products in this market which has the most possibilities.
I saw some other firewall vendors or firewall solutions from other vendors. And maybe I like it because I'm very familiar with Check Point and the management of the Check Point gateways. So, probably, I'm just not aware of how other solutions work and how to use them.
We also see or have a lot of customers with Palo Alto. That's also a solution we see a lot, but we have been a Check Point partner for more than seven or eight years since the beginning of our company. We have done a lot of research on firewall solutions.
In our opinion, it's one of the best because the management is very handy. So it's easy to implement every possible configuration, and you have a good oversight of your rule set.
If I compare it with Cisco Meraki, for example, if the rules grow, then it's very hard to get oversight or to have oversight over the whole rule set. So then it becomes hard to manage.
With Check Point, it's easy because even when you have 200 or more rules, it's still very user-friendly, and you can still quickly manage your whole rule set.
What needs improvement?
What I like about Meraki is the whole cloud-managed feature, where it can configure gateways in the cloud and preconfigure it as well. So I don't need to have access to the device or create a configuration in the cloud.
And as soon as the firewall comes online connected to the internet, then it downloads its configuration from the cloud. I think Check Point does also have such a solution, but I'm not aware that it's as easy as Cisco Meraki. Sometimes it would be nice if they would have the same possibilities.
For how long have I used the solution?
I have been using it for about five years now.
Buyer's Guide
Check Point NGFW
June 2025

Learn what your peers think about Check Point NGFW. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
860,168 professionals have used our research since 2012.
What do I think about the stability of the solution?
I have not yet faced any challenges with performance or stability. Sometimes when we implement core firewalls, there are applications that have longer session timeouts than the Check Point firewalls in the default settings.
Windows has a default session timeout for about two hours, I think, and Check Point's is one hour. So, it's not a performance issue, but the application will not run as well as before the security gateway analyzes and blocks traffic. So, it depends.
What do I think about the scalability of the solution?
Scalability is a very good point of Check Point's solution. They can scale very well and very large.
How are customer service and support?
The technical support is also very well and specific. It's very useful to have technical support from Check Point.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I have experience with Nutanix Flow. It's also possible to enable training in Nutanix Flow where you can redirect the traffic to Check Point gateways. I think that's a very useful feature if you need layer seven traffic analysis and blocks. But I don't have any customers, or we don't have any customers, who use chaining. We also don't have any customers who use a micro-segmentation solution from Check Point. So, I'm not aware if they have a comparable solution like Flow.
How was the initial setup?
For the initial setup, you need a good knowledge of the operating system, Gaia OS. It needs some knowledge to get started, but if you've done it once, then it's easygoing.
Normally, we check the customer's requirements. Then we start to deploy the gateway and start with a basic rule set so the customer is able to refine it for their needs. If we are in charge of creating a complete rule set, we will bring all the requirements into a concept and then create a rule set in a more suitable way.
Some customers have very basic requirements. If it's just to deploy the gateways, then it's very easy and quick. You just need maybe a few days and a maintenance window outside of business hours. But there are also customers who have a lot more requirements, like scanning or analyzing the traffic for subnets inside of the network.
For example, a core firewall can be very time-consuming. You need to do a lot more research and concepts or write concepts on how to achieve that. That can take a few months.
For maintenance, you need to know what you do. It can be difficult if you don't know what you want to achieve. If you are not aware of network security, then probably it's not that easy, and you may run into configuration errors or mistakes. It's easy to manage, but you have to know what you do.
What's my experience with pricing, setup cost, and licensing?
Check Point is not the cheapest vendor in the market, but it has everything you need compared to other solutions. So that's probably the main reason for the cost or the prices. I think it's probably on the same level as Palo Alto.
What other advice do I have?
I would recommend Check Point to other users who are looking into implementing it.
I would advise others to compare or write down their requirements and have a look to see if Check Point is able to fulfill all the requirements.
Overall, I would rate it a nine out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer. Partner

Network and Security engineer at a tech services company with 11-50 employees
User identity awareness improves security
Pros and Cons
- "Check Point NGFW is a fantastic product, and it is also easy to integrate with third-party devices."
- "My experience with pricing, setup cost, and licensing for Check Point NGFW is that the high subscription fees aren't easy to afford, and it's not recommended for mid-sized companies or businesses."
What is our primary use case?
My main use case for Check Point NGFW is to filter the whole infrastructure traffic, and we use it as the perimeter firewall for our data center.
Check Point NGFW helps me in my daily operations by managing traffic across almost 30 branches, and we utilize its SD-WAN features to communicate with other third-party companies through a VPN.
For branch communication, we use the SD-WAN feature of Check Point NGFW, and through the VPN, we establish a connection between our company and the third-party companies. Currently, we filter our traffic between the branch sites and third-parties, and access the internet through that exchange firewall.
What is most valuable?
The best features Check Point NGFW offers in my experience are its application identification and control capabilities, which stand out as we use them beyond Layer 3 communications.
The application identification and control feature of Check Point NGFW helps my organization by allowing quick responses to make decisions and segregate applications that need more attention.
Check Point NGFW positively impacts my organization as it has improved our security posture and made us less vulnerable to attacks compared to our previous status; we can easily filter URLs and enhance web security.
While we don't have specific numbers, we measure increased security through our ability to block malicious attacks, including phishing attacks, easily.
What needs improvement?
Check Point NGFW has a steep learning curve for starters; it's not easy to learn and is a bit complex to start from scratch.
Check Point NGFW sometimes has limitations on third-party integrations, requiring more specifics rather than being straightforward.
For how long have I used the solution?
I have been using Check Point NGFW for almost two years.
What do I think about the stability of the solution?
Check Point NGFW is stable.
What do I think about the scalability of the solution?
We scaled up Check Point NGFW about six months ago, and it handled that scalability fantastically.
How are customer service and support?
Customer support for Check Point NGFW has been stable, even while we faced some issues.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I did not previously use a different solution; it was similar to Cisco ASA.
How was the initial setup?
The initial setup with Check Point NGFW was a bit complex.
What was our ROI?
We have seen a return on investment with Check Point NGFW as we have reduced incidents from the previous setup.
What's my experience with pricing, setup cost, and licensing?
My experience with pricing, setup cost, and licensing for Check Point NGFW is that the high subscription fees aren't easy to afford, and it's not recommended for mid-sized companies or businesses. The cost is a little bit high compared to other competitors.
Which other solutions did I evaluate?
Before choosing Check Point NGFW, I evaluated Cisco, but I didn't look into other options on PeerSpot.
What other advice do I have?
I recommend Check Point NGFW to others looking into it because it's a good protective device.
From the vendor, I was not offered a gift card or incentive for this review.
Check Point NGFW is a fantastic product, and it is also easy to integrate with third-party devices.
On a scale of one to ten, I rate Check Point NGFW a nine.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Last updated: May 16, 2025
Flag as inappropriateBuyer's Guide
Check Point NGFW
June 2025

Learn what your peers think about Check Point NGFW. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
860,168 professionals have used our research since 2012.
Senior Solution Consultant at a tech services company with 51-200 employees
Centralized control and AI boost security while support faces challenges
Pros and Cons
- "Check Point NGFW has positively impacted my organization by improving security and reducing incidents."
- "In my experience, Check Point NGFW is not stable."
What is our primary use case?
My main use case for Check Point NGFW is perimeter security, and we use it on-prem.
I use Check Point NGFW for perimeter security specifically in our data centers.
What is most valuable?
The best features Check Point NGFW offers are centralized manage control and centralized load manage control.
The AI power enhances the features of Check Point NGFW.
The AI powered features provide real time threat detection.
Check Point NGFW has positively impacted my organization by improving security and reducing incidents.
We have seen a 2% reduction in incidents.
What needs improvement?
Check Point NGFW could be improved if support was better.
My experience with support has shown that there are delays.
For how long have I used the solution?
I have been using Check Point NGFW for three years.
What do I think about the stability of the solution?
In my experience, Check Point NGFW is not stable.
What do I think about the scalability of the solution?
The scalability of Check Point NGFW is satisfactory.
How are customer service and support?
I find the customer support to be very challenging.
I would rate the customer support a seven on a scale of one to ten.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
Before using Check Point NGFW, I was using Dell SonicWALL, and we switched to Check Point NGFW because it is a better solution than Dell SonicWALL.
How was the initial setup?
The initial setup with Check Point NGFW has been straightforward.
What was our ROI?
I have seen a return on investment with Check Point NGFW in terms of time saved and fewer people needed for operations.
What's my experience with pricing, setup cost, and licensing?
My experience with pricing, setup costs, and licensing has been straightforward.
Which other solutions did I evaluate?
Before choosing Check Point NGFW, I also evaluated options such as Palo Alto.
What other advice do I have?
I don't have anything else to add about my use case.
I don't have anything else to add about the needed improvements, as of now.
My advice to others looking into using Check Point NGFW is to go for it.
I think Check Point NGFW is a great product, and other customers should experience it.
On a scale of one to ten, I would rate Check Point NGFW an eight.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Last updated: May 15, 2025
Flag as inappropriateTechnical engineer (SOC Analyst) at Hitachi Systems, Ltd.
Efficient firewall management enhances network protection, though rule creation could be smoother
Pros and Cons
- "The firewall's default behavior of blocking all traffic, including a cleanup rule that blocks everything from external to internal sources, is highly valuable for protecting our network."
- "Check Point NGFW makes it easier to handle and use the firewall efficiently."
- "In the rule creation process, we need to decide on the source address, destination address, and services. There are improvements needed in this area."
- "Check Point NGFW is not scalable enough."
What is our primary use case?
We use Check Point NGFW to provide more protection for our network from internal and external sources. I also work on creating checks, rules, troubleshooting, and generating daily reports.
How has it helped my organization?
Check Point NGFW makes it easier to handle and use the firewall efficiently. It helps protect our network from internal and external threats.
What is most valuable?
The firewall's default behavior of blocking all traffic, including a cleanup rule that blocks everything from external to internal sources, is highly valuable for protecting our network.
What needs improvement?
In the rule creation process, we need to decide on the source address, destination address, and services. There are improvements needed in this area.
For how long have I used the solution?
I have used Check Point NGFW for one and a half years.
What do I think about the stability of the solution?
To maintain stability, I monitor high utilization and CPU usage, enabling and disabling connections as necessary.
What do I think about the scalability of the solution?
Check Point NGFW is not scalable enough. However, it enhances performance with high availability, shifting to a secondary firewall if one fails.
How are customer service and support?
When I can't resolve an issue technically, I consult with a senior engineer. I rate the technical support seven out of ten.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
I did not work with any other firewalls before Check Point. I am familiar with CCNA routing and switching.
How was the initial setup?
The initial setup involves connecting cables, opening the IP address using a browser, and configuring the firewall. It takes about one hour.
What about the implementation team?
Only one person is required for the deployment.
What was our ROI?
Check Point NGFW is very important because it is easier to handle and use.
What's my experience with pricing, setup cost, and licensing?
I don't have information regarding the pricing, as it is considered an internal matter of the organization.
Which other solutions did I evaluate?
I did not evaluate any other options. I chose Check Point firewall based on my knowledge of CCNA routing and switching.
What other advice do I have?
Check Point NGFW is easy to use, create rules, and take backups. It simplifies backing up and managing processes with click-and-go options.
I'd rate the solution seven out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Last updated: Nov 13, 2024
Flag as inappropriateDirector at a tech vendor with 5,001-10,000 employees
Offers a lot of integration capabilities but lacks to offer flexibility during deployment
Pros and Cons
- "The solution's technical support is fine."
- "If you check each and every point from this part, you will find some flow in an area, or you will discover another flow in another area."
What is our primary use case?
Generally speaking, it's like any other NGFW. It's quite a versatile solution for many aspects. It's not like a separate solution for firewalling, but a separate solution for web access. It's just very convenient to have everything in one box. On the other hand, when you need something, like a very top-rank solution for very specific things, like network intrusion prevention or network intrusion detection as a component of NGFW, I would say it looks weaker compared to the well-designed solution for its purpose. It has the same issue as many other versatile or unified solutions, so it's really convenient.
What is most valuable?
From our point of view, including me and my colleagues, I would say it's really good that they have a lot of integrations with third-party companies. Integrations with third-party companies are really convenient. API offers many convenient ways to integrate with open-source solutions. It's very, very good when you have everything in one package and one bundle.
What needs improvement?
If you check each and every point from this part, you will find some flow in an area, or you will discover another flow in another area. It's unfortunate, and not a usual situation and it is not just for NGFW but for any other tool, making it a disadvantage where improvements are required.
For the next release, I would prefer the tool to be more flexible in terms of general deployments because some additional companies must be deployed as a basic one. For those who have been working with their solutions for a relatively short amount of time, it would be better for the tool to offer an adequate knowledge base, not just very superficial information, or maybe not too much in that spot, something like average stuff. The tool should be more flexible in terms of deployment, and a more adequate knowledge base should be available.
About the UI, it is hard to comment because it has been more or less the same for many years. Professionals have already been using the tool's interface for many years. From a contemporary angle, the tool's interface looks a bit outdated from a UI point of view. The UI has been more or less static in terms of changes for the last couple of years. People can get to the UI and work with it in a couple of months, but compared to any other solutions on the market, which are more flexible and more rapidly evolving, I would say that UI should be considered for improvement.
For how long have I used the solution?
I have been using Check Point NGFW for two to two and a half years. My company is a partner and reseller of the solution.
What do I think about the stability of the solution?
For stability in high-load networks, I rate the solution a six to seven out of ten.
What do I think about the scalability of the solution?
Scalability-wise, I rate the tool an eight to nine out of ten.
There could be some performance issues under the heavy deployments and heavy load, but generally, if you are talking about the general scalability, it is quite good.
The tool is suitable for large and very large enterprise businesses. From our company's practice, I would say it is meant for banks and financial institutions. It is also quite popular in heavy industries. I would say it has a more or less wide list. It is more or less very popular in banking.
The tool can be scaled up, but even despite high scalability, it requires a lot of extra companies to bear a high-load environment and high-load networks, making it a bit unfair, especially when comparing some of the numbers with the real-world statistics it likes too far from reality.
How are customer service and support?
The solution's technical support is fine. I rate the technical support a nine to ten out of ten.
How would you rate customer service and support?
Positive
How was the initial setup?
If ten means easy, I rate the product's initial setup phase a six to seven out of ten. It is not a plug-and-play solution. It requires much more skill and effort for the specialist to set it up properly. Even if there are any PoCs, you can easily discover the difference between the easy setup process and the more difficult setup phases, and I would say that Check Point falls under the latter category as it takes much more time and effort. Sometimes, it could be buggy, and you just need to fix some other firmware or software update.
The solution is deployed on an on-premises model for large and very large enterprises.
The time to deploy the solution depends on the stage because you can talk about the initial deployment or you can talk about the deployment, including the integrations. I would say that the integrations would be really time-consuming. For the initial deployment, I would say it is a couple of days if it is not really a large installation and a couple of weeks are needed for the initial deployment.
What was our ROI?
ROI is like an artificial point in connection to a solution like Check Point NGFW, and its numbers are quite questionable.
Suppose the company has too many different solutions from different vendors. In that case, it becomes a greater burden in terms of support and everything, especially in terms of management of these solutions. I would say that Check Point would be a good choice if they are planning to migrate. If it is something like a choice between one NGFW from a vendor and you want to move into the Check Point NGFW, it becomes a bit more tricky. It becomes really hard to say about the ROI because it is just like a different approach. If you are moving between a lot of different solutions from different companies, then ROI will be really good and attractive.
What's my experience with pricing, setup cost, and licensing?
The tool's price is reasonable in case you are not using it in a high-load environment. If you are not expecting significant increases or peak increases in loading, it should be fine. If it is a really highly loaded VLE environment, and if you try to rely on the tool's official numbers, I would say you can put your environment and network in jeopardy because it becomes really unstable. For the last couple of years, the situation has changed, and it has become really tricky to understand why the tool's official numbers aren't aligned with real-world numbers, which is a big problem for the VLE customers because when they are just trying to consider their official stats and official scalability numbers, it might be tricky. VLE customers should have, like, a 20 to 30 percent extra, or else, at this point, it becomes much more expensive.
The tool's prices don't make any sense because we are not talking about MSRP prices for VLE. We are talking about the discounted prices, which could be a really, really huge gap between the MSRP and the discounted price. I don't think these numbers will highlight any beneficial aspect of the price for you.
What other advice do I have?
There needs to be accuracy in terms of scalability. It should be well-designed, and if the customer does not have enough resources or their own resources, it is better to involve an adequate number of SIs. The system integrator will do the trick, and if a person is experienced, then everything can be really good in terms of the certifications, the statistics, and everything else. The system integrator should do everything properly, but it will be quite expensive, especially if we are talking about large and very large enterprises. For mid-sized businesses, it should be fine because it is less tricky, and even the normal specialized person on the customer side should be fine with using it, as it can be quite easy. In any case, scalability is a bottleneck here.
I rate the tool a seven out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer.
Infrastructure Developer at Holmen Iggesund
User-friendly interface, intuitive console, and helpful support
Pros and Cons
- "We can define security policies based on a variety of criteria, including user identity, application, and content type."
- "It would be nice to have comprehensive documentation and training resources that can help users and administrators to better understand and utilize the full range of Check Point's capabilities."
What is our primary use case?
Historically, the primary uses for these gateways were perimeter security and internet filtering. However, we now push all our internal traffic through the gateways for LAN segregation and to isolate obsolete operating systems.
Our isolated operating systems and LANs only allow specific traffic from a specific source to access them, making these critical production/business systems more secure. It's not a simple case of just replacing these legacy operating systems but replacing the industrial machinery that they control - which would require an investment of tens of millions of pounds.
How has it helped my organization?
Isolating obsolete operating systems wasn't in the scope when implementing the gateways originally. However, it has enabled us to secure Windows XP/Windows 7/2003/2008 machines which are end of support yet are still required to run industrial software and interface with large machines, which are not easy to replace.
Isolating machines and networks, along with SSL inspection, wasn't in scope when the gateways were spec'd. That said, five years later, they are still rock solid, and along with the Threat Cloud intelligence service, this ensures that our firewall is equipped with up-to-date threat intelligence, enhancing its ability to detect and mitigate emerging threats.
What is most valuable?
One of the strengths of Check Point Firewall lies in its granular policy management capabilities. We can define security policies based on a variety of criteria, including user identity, application, and content type. This level of granularity allows us to enforce security policies that align with our specific needs and compliance requirements.
One of the standout features of our Check Point Gateways is the user-friendly interface. Smart Console (management console) is well-designed and intuitive and provides administrators with a centralized hub for monitoring and configuring security policies. The web version isn't quite there yet, so to get the most out of it, the console needs to be installed, but it allows users to tailor it to their specific needs, and the menu structure is logical, making navigation a breeze for both novices and experienced administrators.
What needs improvement?
2FA on login would assist us with compliance however at the moment, it's not a major factor for us - yet may be in the future.
It would be nice to have comprehensive documentation and training resources that can help users and administrators better understand and utilize the full range of Check Point's capabilities. We ended up having to travel to London to sit through lots of training as we didn't find the information readily available.
Finding the costs associated with a particular blade can be challenging. This isn't specific to Check Point, but sometimes we need a ballpark cost quickly and don't have the time to speak to a reseller.
For how long have I used the solution?
The company has been using Check Point gateways for around five years, myself about two years.
What do I think about the stability of the solution?
Hardware has been 100%; software has been slightly less as we had an issue where the gateways would failover.
What do I think about the scalability of the solution?
We run a pair of Gateways in HA mode, this solution has worked for us, and there have been no cases of downtime. Adding additional gateways should in theory be quite simple however for us there is no need.
How are customer service and support?
Support has been quick to respond to any questions or issues.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
The company used to sue Cisco Firepower. I wasn't with the company when switching.
How was the initial setup?
The setup was straightforward; the implementation team went on the CCSA and CCSE courses.
What about the implementation team?
We handled the setup initially in-house.
What was our ROI?
We ran these gateways for five years and will look to do the same with the replacements.
What's my experience with pricing, setup cost, and licensing?
Work with Check Point's presale team and complete the scoping document. If you are an existing customer, use the CPSizeME.
Which other solutions did I evaluate?
The company also evaluated Palo Alto.
What other advice do I have?
We have run Check Point Security Gateways for five years and have had very few issues; they have been rock solid, and the hardware has been 100%.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Senior Enterprise Security Architect at Cyqurex Systems Ltd
A reliable and robust security solution with a wide range of capabilities
Pros and Cons
- "Its simplified management, enhanced remote support capabilities, and the ability to facilitate secure VPN connectivity for numerous offices and employees are highly beneficial."
- "The current model is predominantly hardware appliance-based, which can incur substantial costs"
What is our primary use case?
The primary objective was to replace the Cisco ASA firewalls with Check Point NGFWs. In addition to their firewall functions, these NGFWs also provide features like Web Application Firewall and Network Data Security. We used this approach to consolidate security measures into a single, comprehensive solution, much like having a master key at the main entrance rather than separate keys for each window and door. This streamlines security management and ensures a more efficient and robust overall security strategy.
What is most valuable?
There are several crucial advantages to using Check Point NGFW including its ease of use, as it provides a unified interface for managing multiple security functions. It offers impressive scalability to meet the demands of a large organization and can handle substantial traffic. Its simplified management, enhanced remote support capabilities, and the ability to facilitate secure VPN connectivity for numerous offices and employees are highly beneficial.
What needs improvement?
The current model is predominantly hardware appliance-based, which can incur substantial costs. These appliances must be purchased separately, contributing to a significant investment.
For how long have I used the solution?
Our most recent engagement with Check Point NGFW was a year ago when we implemented it for one of your financial sector clients.
What do I think about the stability of the solution?
The stability of the firewall has been exceptional, with very minimal disruptions. There was only one instance of downtime, and it wasn't attributed to any fault in the firewall itself or the hardware, but due to a configuration issue. I would rate it eight out of ten.
What do I think about the scalability of the solution?
The scalability of Check Point firewalls is a notable strength. These firewalls can handle a substantial number of connections. For instance, they can manage up to one million connections on the NDSW server. Regarding its VPN capacity, it can support around 5,000 to 8,000 users per box, which is quite impressive. This scalability makes Check Point firewalls well-suited for organizations with high connection and user requirements. I would rate it eight out of ten.
How are customer service and support?
Their support team has demonstrated an approximately 24-hour turnaround time, which is considered quite good. We have rarely needed to engage with Check Point support because most issues are resolved internally. Typically, we turn to OEM support only when we encounter challenges that are beyond our capabilities.
Which solution did I use previously and why did I switch?
I also have experience with Fortinet and Cisco, both of which have made significant developments recently. They have introduced software-based firewall and system solutions, which have garnered attention from customers. This shift in the competitive landscape has led to changes in customer preferences, with more organizations considering Fortinet as a viable option for their security needs.
How was the initial setup?
This process can be a bit complex at times, mainly because it depends on the specific client architecture and how they want to set it up.
What about the implementation team?
The deployment process can be rated at about six in terms of complexity. Several factors influence this complexity, but getting the infrastructure ready is often the most challenging aspect. To successfully deploy, you need to account for downtime, ensure proper backups are in place, and ideally test it in a sandbox environment before going live. After deployment, thorough checks and adjustments are necessary. It typically requires at least two days of parallel operation, where both the new and old equipment run simultaneously. In an environment with no existing infrastructure to replace, the process is generally smoother. Deployment typically involves a team of 2 or 3 people working full-time for 4 to 5 days, equivalent to nine hours a day. Maintenance is handled by a networking team, which includes a Network Operations Center. The team consists of approximately eleven people managing various network components, including L1, L2, and L3 devices.
What other advice do I have?
When considering a POC for a security solution, it's essential to assess the various use cases and functionalities it offers, such as NDSW which is particularly useful for protecting sensitive data. Check Point NGFW is not solely a firewall; it's a comprehensive security solution with various capabilities. It can address a wide range of security requirements, making it a valuable and versatile asset for organizations looking to enhance their security posture. I would rate it eight out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer. Integrator
Senior Client Executive at a tech vendor with 10,001+ employees
Powerful firewall for advanced security with robust support
Pros and Cons
- "Check Point's support is probably the best of the major players in that space."
- "Check Point's capabilities are limited from a firewall perspective."
What is our primary use case?
I do not use them, I just sell them, but customers are using them to protect on the edge and at the core.
What is most valuable?
It brings value to their clients as everybody is concerned with security. Firewalls are the first line of defense. Check Point's support is probably the best of the major players in that space. Check Point is more complex than the other players, but it is also more powerful.
What needs improvement?
A lot of the other players have a more robust best-of-suite offering versus the best-of-breed offering. Check Point's capabilities are limited from a firewall perspective. Other players are acquiring companies and offering add-ons like CASB or VPN-type capabilities.
For how long have I used the solution?
I have had experience with Check Point Next Generation Firewall for seven or eight years.
What do I think about the stability of the solution?
Their code is a little bit finicky as of late, but that's just because they just released this product line.
What do I think about the scalability of the solution?
It depends on what you're deploying. Maestro is more scalable than standalone firewalls.
How are customer service and support?
The support depends on what support model you buy. Customers that have dedicated support teams get more attention than the traditional support, however, a lot of other companies are offshoring their support.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
Cisco is not a true security company, but Check Point is where they grew up, so I think they are a little more mature.
How was the initial setup?
The initial setup depends on the environment and can take weeks. It is not different than the rest of the players in terms of maintenance.
What about the implementation team?
It's basic engineers, usually one to two people.
What was our ROI?
It is pretty difficult to determine ROI with firewalls because they are more of an insurance policy. However, it helps with security. The cost of a breach versus having some of these measures in place is the real comparison.
What's my experience with pricing, setup cost, and licensing?
There is a lot of price parity between all the players. Everybody is within plus or minus ten percent. Check Point is probably more expensive than some of the other players out there, but it is incremental.
Which other solutions did I evaluate?
I evaluated Palo Alto and Fortinet.
What other advice do I have?
I would recommend Check Point Next Generation Firewall to others. I would put them in the upper echelon.
I'd rate the solution nine out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer. Partner
Last updated: Oct 30, 2024
Flag as inappropriate
Buyer's Guide
Download our free Check Point NGFW Report and get advice and tips from experienced pros
sharing their opinions.
Updated: June 2025
Popular Comparisons
Fortinet FortiGate
Netgate pfSense
OPNsense
Sophos XG
Cisco Secure Firewall
Palo Alto Networks NG Firewalls
Meraki MX
Azure Firewall
WatchGuard Firebox
SonicWall TZ
Sophos UTM
Juniper SRX Series Firewall
Sophos XGS
Fortinet FortiGate-VM
SonicWall NSa
Buyer's Guide
Download our free Check Point NGFW Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- How does Check Point NGFW compare with Fortinet Fortigate?
- Is Palo Alto Networks NG Firewalls better than Check Point NGFW?
- Which would you recommend - Azure Firewall or Check Point NGFW?
- Is Check Point's software compatible with other products?
- What do you recommend for a corporate firewall implementation?
- Comparison of Barracuda F800, SonicWall 5600 and Fortinet
- Sophos XG 210 vs Fortigate FG 100E
- Which is the best network firewall for a small retailer?
- When evaluating Firewalls, what aspect do you think is the most important to look for?
- Cyberoam or Fortinet?