The solution is used for edge and interior firewalls. We use large-scale Check Points for our edge and have them set up in an active/passive cluster. For our internal firewalls at the remote sites, we use a virtual firewall for the OT DMZ, and then behind this virtual firewall, we have a physical appliance for the actual OT network. This allows us to fully secure the critical network yet still allow access via jump hosts or other remote management that we have approved. It also gives us excellent control over any north/south traffic.
Network Administrator at POET
Great support, central management, and logging capabilities
Pros and Cons
- "The central management and logging are frankly one of the top selling points."
- "Lately, Check Point seems to be pushing new products too early."
What is our primary use case?
How has it helped my organization?
Check Points is probably not the easiest or cheapest solution to use, however, we have never had any issues with their security and the technical issues we have had with them are few and far between.
Most support calls for us are centered around how to best deploy a feature or why something is being blocked by a certain blade. This is one of the main reasons we continue to use them as they provide proven security for my company and the built-in blades generally always provide a benefit for us.
What is most valuable?
The central management and logging are frankly one of the top selling points.
The actual management is perhaps a little confusing for a newcomer to Check Point - however, does not take very long to learn the basic ins and outs of.
The logging capability of Check Point is excellent and very rarely have we wanted more. The logging is very fast and easy to use, and this makes finding items across all 80+ firewalls very easy.
It is also easy to export all logs to our MSP since it is from a central point. The other built-in features are also helpful as it eliminates the need for some extra security appliances.
What needs improvement?
Lately, Check Point seems to be pushing new products too early. We have evaluated a few we thought may be useful to us yet were just not ready for enterprise use. Every company goes through this so hopefully, they will slow down and get the products up to speed and working better before trying to bring them to market.
The current products that have been around for more than a few years generally do not suffer from this issue, however, their documentation does lag severely when a command changes or says the way to configure it changes. Support generally is up to date, but the KB articles are not always this way.
Buyer's Guide
Check Point NGFW
June 2025

Learn what your peers think about Check Point NGFW. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
859,579 professionals have used our research since 2012.
For how long have I used the solution?
I've used the solution for 18 years at my current company, and another four at my previous company.
What do I think about the stability of the solution?
The stability is excellent.
What do I think about the scalability of the solution?
Scalability is excellent, especially the newer products.
How are customer service and support?
The technical support is mostly good. Their Tier 2 and higher engineers are excellent. Like any call center, however, their Tier 1 can be hit or miss. We use a third party for front line support so mostly never encounter anything less than Tier 3 since the only issues that get directed to actual Check Point support are already vetted out.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We used SonicWall. We switched due to wanting a more enterprise-quality product and previous experience.
How was the initial setup?
The setup is complex, however, we knew this from the start so it was not unexpected.
What about the implementation team?
We set up the solution mostly in-house. However, we were experienced with Check Point installs.
What was our ROI?
I have no visibility on ROI.
What's my experience with pricing, setup cost, and licensing?
If new to Check Point, get pro services to help deploy it - especially if it is an advanced config. This will save huge amounts of time and grief. Once you have experience, pro services are generally not needed unless, again, you have no experience in that area.
Which other solutions did I evaluate?
We did not evaluate other options.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.

Technical Architect and consultant at VirginAustralia
Enhances network security and ensures robust scalability capabilities
Pros and Cons
- "It offers a range of models to enhance network security and it can be customized to secure endpoint client machines or user devices by deploying features like malware detection, antivirus, and mail security blades."
- "There is a strong demand for security services that can be effortlessly integrated which would ensure that security measures can seamlessly adapt to the cloud infrastructure."
What is our primary use case?
It offers a range of models to enhance network security and it can be customized to secure endpoint client machines or user devices by deploying features like malware detection, antivirus, and mail security blades. Its integration with a web application firewall provides added protection.
What is most valuable?
Check Point's architecture is three-fold, comprising the firewall, management server, and dashboard. The dashboard provides a comprehensive view of the network and security status, enabling identification and isolation of problematic devices, performing tasks like patch updates, and monitoring logs. It provides configured automated alerts via email or notifications on mobile devices, ensuring you're informed of any threats, even during non-business hours. Another vital function is the ability to offer VPN services. This enables end users and mobile or remote workers to securely access the network from anywhere globally.
What needs improvement?
There is a strong demand for security services that can be effortlessly integrated which would ensure that security measures can seamlessly adapt to the cloud infrastructure.
For how long have I used the solution?
I have been working with it for eight years.
What do I think about the stability of the solution?
It is a highly reliable tool. I would rate its stability capabilities nine out of ten.
What do I think about the scalability of the solution?
Check Point NGFW is a highly scalable solution that can be tailored to the unique needs and infrastructure of each customer. For instance, if a customer needs to secure multiple zones, they can opt for multiple firewalls. They can consolidate their network onto a single firewall by creating virtual interfaces based on VLANs. The firewall's capability to handle network traffic becomes a crucial consideration, especially when dealing with larger user bases and higher traffic volumes. In such cases, deploying multiple firewalls in a high-availability configuration becomes essential.
How was the initial setup?
The initial setup was easy. I would rate it nine out of ten.
What about the implementation team?
I have hands-on experience working in various environments, including on-premises, private clouds, hybrid setups that combine both private and public clouds (e.g., AWS, Google Cloud, Oracle Cloud), and purely public cloud deployments. While the technical interfaces and options may differ slightly between these environments, the core concepts, such as Security Event and Management (SEM), remain consistent. For instance, the Virtual Private Cloud (VPC) configurations in Google Cloud are similar to those in AWS. Network components like instances and Access Control Lists (ACLs) share common principles across platforms. The key to successfully implementing it lies in understanding the specific needs of each client's business and aligning our solutions accordingly. We can leverage technology and services to meet their requirements effectively. It's worth emphasizing that the adaptability of our approach is central to achieving our clients' objectives. When starting a project, we typically initiate a POC and conduct thorough pre-checks to assess the network's specific needs. In cases where clients want to transition from legacy firewalls like Cisco ASA or Palo Alto to modern Next-Generation Firewalls like Check Point Firewall, we carefully examine their existing configurations. This allows us to manipulate and adapt the configurations to suit Check Point's requirements. The timeline for these processes can vary. For entirely new environments, which involve documentation, design, and diagram creation, it may take anywhere from 15 days to one month at most.
What's my experience with pricing, setup cost, and licensing?
The pricing falls in the middle, meaning it's neither cheap nor expensive. I would rate it five out of ten.
What other advice do I have?
Before opting for this solution, it is crucial to assess the customer's existing environment, including the number of users, traffic patterns, applications in use, and bandwidth utilization. It is an excellent choice and I would encourage others to consider using it for their security needs. I would rate it nine out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer. Partner, Post and pre services
Buyer's Guide
Check Point NGFW
June 2025

Learn what your peers think about Check Point NGFW. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
859,579 professionals have used our research since 2012.
Director, IT Infrastructure Management Department at Enat Bank S.C.
Robust control and security that enables a comprehensive application management
Pros and Cons
- "We can precisely determine who has access rights and who is granted permission, regardless of their connection point."
- "Improvement regarding the expansion of the SMS's compatibility to include various virtualization environments would be beneficial."
What is our primary use case?
We use Check Point Next-Generation Firewall as a perimeter firewall. This means that all incoming and outgoing traffic from our premises is routed through the Check Point firewall. Within our configuration, we have activated several security features and licenses, including the firewall itself, site-to-site VPN functionality, application and URL filtering, Identity Awareness, threat simulation, and anti-bot protection. Additionally, we possess the license for the NGpX version, which includes extraction capabilities.
How has it helped my organization?
With our previous firewall solution from a different vendor, we were limited to basic firewall functionality without features like IPS and content filtering. With the implementation of Check Point firewall, we got a comprehensive set of features that enables us to gain clear visibility into how our applications behave and which areas we have control over. It allows us to monitor and manage application usage effectively while allowing us to filter and enforce rules in accordance with our organization's security policies.
What is most valuable?
The most invaluable features we have are content filtering and application control. These features operate seamlessly, thanks to the integration of Identity Awareness. Through Identity Awareness, we established a connection with our internal LDAP server, which enables us to exercise complete control over user access. We can precisely determine who has access rights and who is granted permission, regardless of their connection point.
What needs improvement?
We implemented our firewall in a clustered configuration with two gateways. We faced some limitations with the Security Management Server (SMS) application. The SMS functionality is restricted as it only supports specific deployment modes on virtualization environments like Microsoft Hyper-V and VMware ESX and Open Server mode. Our organization utilizes a different virtualization setup, and we couldn't obtain assurance from the vendor that they would provide support if we deviated from their recommended deployment methods. That is why we had to deploy the SMS on a separate server, which introduced additional complexity. Improvement regarding the expansion of the SMS's compatibility to include various virtualization environments would be beneficial. Also, when attempting to enable SSL offloading mode, we faced functionality issues. This feature should be enhanced to ensure seamless SSL offloading, without negatively impacting the core functionalities such as HTTPS and content filtering.
For how long have I used the solution?
I have been working with it for more than three years.
What do I think about the stability of the solution?
Its stability capabilities are impressive. We have not encountered any issues. I would rate it nine out of ten.
What do I think about the scalability of the solution?
The scalability is relatively good, especially when considering its database capabilities. Our physical gateway hardware can comfortably handle up to nine units. When it comes to the monitoring appliance, such as the Check Point SMS (Security Management Server), it requires substantial resources. Due to limitations with supported virtual environments, we encountered challenges in expanding its capacity. I would rate its scalability 6 out of 10 since there is room for improvement in this area.
How are customer service and support?
We chose the Pro Support option, which has allowed us to automate many of the Security as a Service (SaaS) functions. This means that whenever there's an error in the gateways' flow, an SR (Service Request) is automatically generated and promptly communicated. The support provided has been exceptionally efficient, with quick and responsive assistance. I would rate it nine out of ten.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We previously used the Cisco ASA 5525X version, but we found that its management and performance capabilities were distinct. Cisco retired some of its features, and the replacement version offered came at a higher cost for the features it provided. Consequently, we decided to transition to Check Point, which offered us a more favorable price point without compromising on functionality.
How was the initial setup?
The initial setup was easy. I would rate it eight out of ten.
What about the implementation team?
The deployment process took approximately a week and a half, and about half of the challenges we faced were related to the physical connectivity issues on our end. Despite those hurdles, the deployment timeline remained relatively swift. One critical aspect for anyone planning to deploy this solution is to thoroughly understand where it fits within the network architecture and how it should be physically connected. This is especially important when implementing clustering, as the physical connectivity can become intricate. It's essential to consider high availability and compatibility with other devices it will connect to, such as core switches or perimeter routers. Ensuring that these devices support the desired failover and reliability modes is key to avoiding complications. The duration of the deployment also depends on the expertise of the person responsible for it. In our case, we opted for professional services, which included on-site configuration support. If the person handling the deployment is familiar with the surrounding devices and network environment, one individual may suffice. If there are connections to devices from different vendors, and the configuring expert lacks expertise in those areas, I would advise involving additional personnel with the relevant expertise to ensure a smooth deployment process.
What's my experience with pricing, setup cost, and licensing?
It may be considered relatively expensive, but the investment is justified when compared to other competitors. Check Point's functionality and capabilities are notably strong. The cost of licensing can vary based on the prevailing exchange rates. In our case, we paid for the renewal in our local currency, but on average, it amounts to approximately $32,000 USD annually. I would rate it eight out of ten.
What other advice do I have?
It is highly commendable for its stability and performance. When deciding on the appropriate licensing option, it's important to carefully consider your needs. Opting for two-year or five-year licenses can provide cost savings through discounts. After it is deployed, those with experience using other next-generation firewalls will find it relatively straightforward to manage. It doesn't require significant additional effort, and users with a basic understanding of next-generation firewall features can navigate through the management and rule settings easily. I would rate it eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Defense protection study manager at Ministère de la Défense
Reliable platform providing ease of management
Pros and Cons
- "The interface allows us to quickly adapt to new security requirements and maintain compliance with organizational policies."
- "The platform's technical support services need enhancement."
What is our primary use case?
We primarily use Check Point NGFW for network segmentation and traffic control. It effectively segments our network into zones, allowing us to manage and secure traffic flows between different segments.
What needs improvement?
The platform's technical support services need enhancement.
What do I think about the scalability of the solution?
The product is highly scalable and crucial for our large-scale deployment needs. Its scalability is a ten out of ten.
How are customer service and support?
The technical support is generally responsive, although there have been occasional delays in accessing specialized assistance tailored to our needs.
How would you rate customer service and support?
Positive
How was the initial setup?
The deployment was handled by dedicated experts within our organization, ensuring a smooth setup. While I didn't oversee the technical aspects directly, our team found the process straightforward, minimizing operational disruptions.
What was our ROI?
The product is on the higher end of the cost spectrum, but the investment is justified by its high-quality performance and reliability, which are paramount for our security infrastructure.
What other advice do I have?
Check Point NGFW has consistently provided stable operation which is critical for our organization's security needs.
Managing firewall rules and policies is intuitive and efficient. The interface allows us to quickly adapt to new security requirements and maintain compliance with organizational policies.
I highly recommend it for organizations seeking robust network security.
Overall, I rate it an eight.
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Senior Technical Consultant at CDW
Improves environments, has helpful support, and offer great compute power
Pros and Cons
- "The Check Point appliances are considered NGFW devices and can process both the ASA and FTD requirements on a single instance, removing the requirement for an expansion SSD module and/or additional hardware."
- "We'd like an option that can convert other vendors' NGFW configurations to supported Check Point NGFW config for ease of migration."
What is our primary use case?
The customer purchased Check Point 6200 Firewalls to replace their aging Cisco ASA firewalls on the perimeter of their sites. The Cisco Firewalls must be replaced due to insufficient capacity.
It is envisioned that the initial migration will be a direct replica of the ASA configuration, with the client expanding the solution post-migration, with Check Point NGFW features.
This project consisted of the following deliverables:
• Rule base is migrated like for like, in which ASA Firewall zone-based rules will be converted to Check Point Parent/Child layered rules.
• Firewall zones to be imported and reviewed post migration by client.
• NAT rules will be migrated “as-is”.
• Geo-location rules from FTD will be honored and mapped into Check Point.
• Client-based blacklisting will be migrated into the solution, using external feeds via URL.
• A single IPS profile consisting of a clone of the vendor's “out-of-box” balanced profile (optimized).
• 1X site-to-site VPN.
• Integration into Client’s Cisco ISE solution for RADIUS-based admin authentication.
• NGFW licensing and blades to be installed on firewall devices, to allow features to be enabled in the future and expand the solution.
How has it helped my organization?
The Client wishes for the ASA firewalls to be replaced with a Check Point systems solution, which consists of 6200 Plus Appliances.
The initial requirement was to migrate the configuration in an “as-is” state, with the necessary licensing purchased and installed to enable expansion of the solution with next-generation feature sets in the future.
The solution was able to meet and exceed the client's requirements thereby improving the client's environment.
The management server is software-based.
Firewalls and licensing include:
• FW
• IPS
The solution provides a single pane of glass management of rules/logging.
The solution supports IPsec tunnels FOR 1X IPsec VPNs.
The solution integrates with the client’s Cisco ISE RADIUS solution for administrative access.
What is most valuable?
The compute power of the appliance is great. The Check Point appliances are considered NGFW devices and can process both the ASA and FTD requirements on a single instance, removing the requirement for an expansion SSD module and/or additional hardware.
What needs improvement?
We'd like an option that can convert other vendors' NGFW configurations to supported Check Point NGFW config for ease of migration.
Check Point configuration options can be very enormous and overwhelming.
Check Point comes with a very lean learning curve even though they offer a robust knowledge base.
A lot of configuration cannot be accomplished via the web interface or the smart dashboard software and must be done manually via the command line interface.
I'd like to see some built-in automation for the firewall alerts/events to trigger an automated response or recovery.
For how long have I used the solution?
I've used the solution for three years.
What do I think about the stability of the solution?
The solution is stable with frequent version and management updates.
What do I think about the scalability of the solution?
The solution is highly scalable and expandable.
How are customer service and support?
The solution offers great customer support.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We used a different solution and needed more processing power and functionality which this had compared to industry competitors.
How was the initial setup?
The setup was straightforward yet third-party device migration contained a lot of manual configuration conversions.
What about the implementation team?
I implemented this myself.
What's my experience with pricing, setup cost, and licensing?
Pricing can be relatively more expensive when compared to industry peers, however, the functionality makes up for the price difference.
Which other solutions did I evaluate?
We also evaluated:
- Cisco NGFW
- Fortigate NGFW
- Palo Alto NGFW
What other advice do I have?
This is a great overall solution.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer. Check point Partner
Technical Consultant at PT. Nusantara Compnet Integrator
Ful threat prevention, good price-to-benefit ratio, and helpful support
Pros and Cons
- "Check Point has an awesome price-to-benefit ratio, netting you an awesome throughput of IDS/IPS capability compared to Palo Alto, Cisco, and so on."
- "The distributor support capability is quite lacking as the problem/incident is rarely solved on the distributor level and instead escalated to the principal."
What is our primary use case?
We use it as NGWF for the DMZ area on our data center.
We deployed HA configuration of Check Point Quantum 6200 to protect our user connection to the internet and to protect the server farm in our data center.
In our first year, we got free access to the full capability of SandBlast, the Check Point solution for sandboxing features. We tested, yet felt the sandbox is not quite needed in our environment and thus changed the subscription for the second year and forward to the standard feature.
Check Point can also be integrated with third-party solutions like SIEM and so on.
How has it helped my organization?
Check Point has an awesome price-to-benefit ratio, netting you an awesome throughput of IDS/IPS capability compared to Palo Alto, Cisco, and so on.
The first year also comes with a free SandBlast tier license, so you can test the full capability of Check Point to see if your companies might benefit from it or not.
We also integrate our Check Point with SIEM Splunk and it integrates flawlessly without a hassle. If you are looking for a one-stop solution for cybersecurity, you should check out Check Point's portfolio!
What is most valuable?
The features we find valuable for our companies are:
- remote access VPN
- L4 and L7 firewall rules
- unified management platform provided by Smart-1
- management platform can be deployed on-premise or on the cloud
- full threat prevention by SandBlast
- support integration with 3rd party security vendors like Splunk, Qradar, etc
- high throughput for IDS/ IPS and NGFW only
- easy to scale up using Maestro
- built-in email security solution, endpoint protection, sandboxing, alert to administrator
What needs improvement?
The distributor support capability is quite lacking as the problem/incident is rarely solved on the distributor level and instead escalated to the principal. This makes the troubleshooting process too long and the people involved are too many.
Socialization of new licensing or new features can be improved also. Principals and distributors need to work together closely to inform their customers so that we can stay updated about the latest trends and or threats/bugs that might happen in our Check Point gear.
For how long have I used the solution?
We've been using Check Point for around two to three years. We use it primarily as NGFW and as sandboxing for zero-day threats.
What do I think about the stability of the solution?
Check Point is quite stable with new releases periodically throughout the year.
What do I think about the scalability of the solution?
It is very easy to scale up or scale out and Maestro can improve the scalability a lot.
How are customer service and support?
The response is quick and technical support gives clear answers.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We used Cisco Firepower and we felt that Check Point is more mature.
How was the initial setup?
The initial setup is straightforward. The firewall and management setup is quite similar to other brands.
What about the implementation team?
We implemented the solution through our in-house engineer.
What was our ROI?
We have witnessed ROI within four years.
What's my experience with pricing, setup cost, and licensing?
Check Point provides quite reasonable pricing and licensing schemes.
Which other solutions did I evaluate?
We also evaluated Palo Alto and Fortinet.
What other advice do I have?
Check Point is great for comprehensive security solutions.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer. Reseller
Network and Security Administrator at CNR-ISTP - Consorzio RFX in Padua at Politecnico di Milano
Good interoperability and log analysis but could improve VPN clients
Pros and Cons
- "I like the dashboard, redundancy, log analysis, threat prevention and ISP, and VPN."
- "IoT should be considered in future development."
What is our primary use case?
We're an international research laboratory, focused on thermonuclear energy experiments. Due to strong remote collaboration, and to control network communication, we choose the Check Point NG Firewall solution.
Most of the personnel are researchers. We also have a strong collaboration with a University and take care of a European Ph.D. on thermonuclear fusion, as the future clean energy.
How has it helped my organization?
We aim to constantly improve firewall technology, which is a key strategy nowadays. We've chosen Check Point in 2007 and step-by-step upgrade and expand cyber security deployment using their solution.
We appreciate the support and escalation when issues are in place. We really appreciate the solidity of the solution, the redundancy, we own a couple of appliances in failover.
We use Check Point to grant VPN access both for clients and also in specific site-to-site IPSec remote connections.
What is most valuable?
I like the dashboard, redundancy, log analysis, threat prevention and ISP, and VPN.
The dashboard has clean and focused menus and tabs, that offer immediate access to important information and configuration.
Log analysis is really powerful considering the enormous amount of logged data.
We use a specific function to control bandwidth occupation based on protocols and IP subnetworks.
Fundamental is the interoperability with RSA SecurID, Windows AD/Azure.
We're in the process of moving to the MS O365 cloud, and Check Point helps us with this.
What needs improvement?
Maybe the VPN clients could be improved, however, only from a cosmetic point of view. They use a very old GUI and should help remote assistance in case of problems to make it more accessible in terms of getting log/debug information. On this, I suggest an approach like ZOOM US, where is clearly defined the application life cycle, and users warned over time.
We're in the process of moving to a cloud hybrid solution based on MS Azure, and on that field, quite common nowadays, it seems that more has to be done, moving from on-premise historical deployment.
IoT should be considered in future development.
For how long have I used the solution?
I've used the solution since 2007.
What do I think about the stability of the solution?
It is an absolutely stable solution. It is easy to put maintenance on an appliance without losing any connectivity.
What do I think about the scalability of the solution?
The last release, R81, is impressive, at least in these first months, having recently upgraded from R80.
How are customer service and support?
My experience is good, both on technical issues, and commercial support during renewal.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We previously used a Cisco PIX firewall.
How was the initial setup?
The setup is somewhat complex, however, technical documents are clear, and the most common solutions are well described.
What about the implementation team?
We implemented it with a third party and in-house. The support company that helped in Italy is fantastic.
What was our ROI?
We may need more time to measure ROI.
What's my experience with pricing, setup cost, and licensing?
Check Point is not a cheap solution, however, on cyber security, we prefer to stay with a key player.
Which other solutions did I evaluate?
We constantly verify other vendor solutions, such as Palo Alto, Fortinet, and Sophos.
Which deployment model are you using for this solution?
On-premises
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Microsoft Azure
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
System Engineer at Trends and Technologies, Inc
Offers good protection
Pros and Cons
- "Check Point NGFW is popular because of the protection it offers."
- "The pricing and UI need to be improved."
What is our primary use case?
We use the solution for threat protection in the banking and finance sectors.
What is most valuable?
Check Point NGFW is popular because of the protection it offers.
What needs improvement?
The pricing and UI need to be improved.
The enterprise is quite expensive. There are small boxes that are competitive enough.
For how long have I used the solution?
I have been using Check Point NGFW for a year.
What do I think about the stability of the solution?
The product is stable.
I rate the solution’s stability a nine-point five out of ten.
What do I think about the scalability of the solution?
The solution can scale up to enterprises.
I rate the solution’s scalability a nine-point five out of ten.
How was the initial setup?
The initial setup is easy, but maintenance is very difficult. Deployment and fine-tuning take a day.
What was our ROI?
There were no glitches or issues. We were able to achieve a positive ROI for our business. It saved them a significant amount of money that would otherwise have been spent on dealing with ransomware activities.
What's my experience with pricing, setup cost, and licensing?
The product is expensive and costs around one-point-five million.
I rate the product’s pricing an eight out of ten, where one is cheap, and ten is expensive.
What other advice do I have?
Thorough planning is essential when implementing a Check Point NGFW. You need a checklist outlining what policies to establish. While the installation is straightforward and does not require much effort beyond obtaining a license, creating and configuring policies can be time-consuming. Therefore, allocating sufficient time and resources to policy creation is crucial to ensure effective security management.
Overall, I rate the solution a nine out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer.

Buyer's Guide
Download our free Check Point NGFW Report and get advice and tips from experienced pros
sharing their opinions.
Updated: June 2025
Popular Comparisons
Fortinet FortiGate
Netgate pfSense
OPNsense
Sophos XG
Cisco Secure Firewall
Palo Alto Networks NG Firewalls
Meraki MX
Azure Firewall
WatchGuard Firebox
SonicWall TZ
Sophos UTM
Juniper SRX Series Firewall
Fortinet FortiGate-VM
Sophos XGS
SonicWall NSa
Buyer's Guide
Download our free Check Point NGFW Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- How does Check Point NGFW compare with Fortinet Fortigate?
- Is Palo Alto Networks NG Firewalls better than Check Point NGFW?
- Which would you recommend - Azure Firewall or Check Point NGFW?
- Is Check Point's software compatible with other products?
- What do you recommend for a corporate firewall implementation?
- Comparison of Barracuda F800, SonicWall 5600 and Fortinet
- Sophos XG 210 vs Fortigate FG 100E
- Which is the best network firewall for a small retailer?
- When evaluating Firewalls, what aspect do you think is the most important to look for?
- Cyberoam or Fortinet?