Coming October 25: PeerSpot Awards will be announced! Learn more
System Administrator at Grant Thornton
Real User
Reliable with good central management capabilities and useful dynamic definitions
Pros and Cons
  • "The solution offers very good central management, which saves time and is hassle-free."
  • "There are some GUI features in Check Point's SmartConsole that are still from the old versions and are in separate/duplicated interfaces; it would be most useful if it is integrated and not on different menus."

What is our primary use case?

We use the product as our main and only Firewall/Gateway/VPN Gateway. we are in the finance sector, and we need a very reliable and robust system. 

We rely heavily on the VPN system, as most of our employees are working outside the office at this time. 

We also have two appliances to improve reliability, we have internet access through two ISPs configured to work simultaneously. 

Our internal LAN is with duplicated network nodes that are double connected to our Check Point cluster. That way, we have full High Availability.

How has it helped my organization?

Before our purchase of Check Point products, we used an open-source product that lacked good integration between products and setting up to work was very tricky.

We use the Check Point mobile VPN, which is very stable and easy to use. It allows our employees to change their internal domain password when it becomes old, even when they are outside of the office for a long time. The VPN client can connect to our internal network even before the user is logged into his laptop. This allows users to receive GPO policy updates. 

What is most valuable?

The solution offers very good central management, which saves time and is hassle-free.

One of the most useful new feature is dynamic definitions. For example, if you need to allow all of the Microsoft Azure IP addresses, you can insert them dynamically and Check Point will update them for you. Without it, to find all IP addresses would be almost impossible.

You can create additional layers for the firewall rules. This allows better organization and performance of the product by skipping to the rules that are responsible for this group of protected devices.

What needs improvement?

There are some GUI features in Check Point's SmartConsole that are still from the old versions and are in separate/duplicated interfaces; it would be most useful if it is integrated and not on different menus.

We would like to have a better search engine on the checkpoint.com site. Right now, it is difficult to find, for example, a newer version of the Check Point VPN Mobile client. The search engine shows most visited sites and the newer version won't be the most recently viewed site page. As it is right now, you have to find the general VPN page form, and from there you have to look at what version of the product you need and then go to the page of the latest version.

Buyer's Guide
Check Point NGFW
September 2022
Learn what your peers think about Check Point NGFW. Get advice and tips from experienced pros sharing their opinions. Updated: September 2022.
632,611 professionals have used our research since 2012.

For how long have I used the solution?

We have been using this product for five years.

What do I think about the stability of the solution?

Check Point is very stable.

What do I think about the scalability of the solution?

We haven't needed to expand our throughput capacity.
However, based on the Check Point documentation, it is hyperscale ready  capable of up to 475 Gbps of Threat Prevention.

How are customer service and support?

It is very good. Our local representatives are very helpful.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We moved from a previous solution to Check Point as it is more reliable and easy to manage, and our old solution wasn't able to provide the level of security we desired.

How was the initial setup?

We have had some problems understanding how to set up HA, however, we managed to do it. This was mainly due to the fact that we didn't have experience with Check Point products in the past.

What about the implementation team?

We did everything in-house.

What's my experience with pricing, setup cost, and licensing?

New users should know that the first year of support is included in the equipment. After that, you have to buy it.

Which other solutions did I evaluate?

We choose between Palo Alto and Checkpoint.

What other advice do I have?

We like it. It works well.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer1523535 - PeerSpot reviewer
IP LAN and Integrity Specialist at Chevron
Real User
Top 5
Skilled support engineers, provides good control with central management
Pros and Cons
  • "The packet inspection capabilities are great."
  • "The virtual infrastructure of the central management requires a huge amount of resources to work properly and manage all the logs without problems."

What is our primary use case?

We use this solution as a layer 3/4 firewall deploying access rules in our DMZ. We have more than six different centers with different service layers, a core of up to 500Gb per site, and other service centers providing security for all inbound and outbound connections.

VSX gives us the capacity to consolidate hardware in fewer devices, reducing the OPEX, and creating different VFWs to provide service to different environments or services.

Layer 7 features allow us to upgrade our security services. Activating the required features only requires upgrading the license.

How has it helped my organization?

This product has provided us the total control of our connections in our very bandwidth and session-intensive environment. It offers high capacity on NAT tables that, with other vendors, needed to use really huge devices to support.

We can control all of our international connections in a central point with a distributed cluster in a very easy way and with good performance.

The layer 7 features (AV, IPS, Web filtering, etc) and integrations with AWS provide us a clear point of management for future deployments on the cloud.

What is most valuable?

The packet inspection capabilities are great.

ARP protections based on interface works better than it does with other vendors.

There are new improvements related to the upgrade of the solution, making for the easiest upgrade/update procedures.

New features allow for concurrent use of the console in write mode between different users.

The exposed API allows us to automate a lot of actions in a very easy way.

The central console and log collector are basically the best central management consoles, and each day provides new useful features like counts, etc.

What needs improvement?

There are issues with stability in some specific versions.

The VPN is a little difficult to configure, and sometimes you need help from Check Point professional services.

There are some performance problems with the IPS when the FW is in a high load, but in general, it is working better than in previous versions.

The routing is configured on the gateway, so, you need to remember for migration purposes.

The virtual infrastructure of the central management requires a huge amount of resources to work properly and manage all the logs without problems.

For how long have I used the solution?

I have been using Check Point NGFW for more than 10 years.

What do I think about the stability of the solution?

In general, this is a very stable solution. We have had only one incident in the last few years that was with the size or the route tables in memory that finally it was discovered that was a bug in a specific version and was solved upgrading the devices to new firmware that solved the bug

What do I think about the scalability of the solution?

This product is very scalable. There are a lot of different virtual and physical devices to cover any requirement in terms of sessions, performance, etc.

How are customer service and technical support?

We are very happy with the support. They are very skilled engineers and always fast at analyzing and solving issues.

Which solution did I use previously and why did I switch?

We did you another solution, but we switched due to prices and solution stability.

How was the initial setup?

The initial setup is not more complex than other solutions.

What about the implementation team?

Was implemented using a third-party vendor.

What was our ROI?

Our ROI with this firewall is high.

What's my experience with pricing, setup cost, and licensing?

The vendor has a very flexible licensing approach.

Cost per Gb reduced and reduced OPEX compared with other vendors.

Which other solutions did I evaluate?

We evaluated Fortinet, Juniper, and Palo Alto.

What other advice do I have?

This is a complex solution and there are other vendors that are easier to manage, but it is perhaps the best solution regardless.

Which deployment model are you using for this solution?

On-premises

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Check Point NGFW
September 2022
Learn what your peers think about Check Point NGFW. Get advice and tips from experienced pros sharing their opinions. Updated: September 2022.
632,611 professionals have used our research since 2012.
Technology Architect at BearingPoint
Consultant
Top 20
East to setup with great central management capabilities and identity-based access
Pros and Cons
  • "It's enabled us to move away from basic LAN to LAN segmentation to a more powerful user separation approach."
  • "One area which is still lacking is the site-to-site VPN solution."

What is our primary use case?

We use our Check Point NGFW firewall mainly for perimeter security. Those firewalls are placed at many sites distributed over Europe. We love the firewall management and think it's still the golden standard for creating a rule base and we go more and more in the direction of identity bases user access to secure our environment.

The other firewall blades, such as Anti-Bot, Application and URL-Filtering, and IPS, are used on all sites. It's easy to deploy, as the firewall is able, with the latest version, to learn from the traffic and adapt the IPS policy.

How has it helped my organization?

Check Point NGFW has improved our organization with more security and easier deployments. There is a smaller amount of workload in the supporting area. We find a lot of documentation for the products and benefit from a big community. The Check Point support is much better than what we have seen from other vendors. The firewall policy is easy to deploy and we can do a more granular separation of specific user groups. We feel much more secure with this product - especially the API support - and possible automation has saved us a lot of time in our team and organization.

What is most valuable?

The most valuable features are the identity-based access and high-quality intrusion prevention functionalities. 

One of the most valuable aspects is the central management, which includes a large wide range of API calls. With the central management, we can define a reasonable security policy for many sites and not only for network segments but for user and AD groups. This gives us a bit more "Zero Trust" in our network.

It's enabled us to move away from basic LAN to LAN segmentation to a more powerful user separation approach.

What needs improvement?

One area which is still lacking is the site-to-site VPN solution. This is still an area that could be improved, although the features have gotten much broader and I really have seen an improvement over the last 10 years of working with the product. The separation from encryption domains between the tunnels came recently as a new feature to the product. This really helps a lot. Yet, we are still seeing a lack of compatibility with other devices, even though this is the case with many vendors. Especially with IKEv2, we are struggling with many vendors to set up perfectly running tunnels.

For how long have I used the solution?

I'm working with Check Point for 10 years.

What do I think about the stability of the solution?

If you go by best practice recommendations from Check Point the stability is very good.

What do I think about the scalability of the solution?

Scalability is really good. Check Point has the Maestro solution, where you can really scale easily without wasting resources.

How are customer service and support?

They are really anxious to solve issues as fast as possible. They also try to get in actual contact with you via phone or chat to fully understand the issue.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

In some areas we were using Cisco, however, we changed to Check Point to centralize things.

How was the initial setup?

The setup is pretty straightforward, at least for the basic setup. Even with more complicated configurations, you have good support and experts at Check Point in the background that can help.

What about the implementation team?

We did it ourselves.

What's my experience with pricing, setup cost, and licensing?

Check Point is definitely not the cheapest solution, but the better security makes it worth the price. The licensing model is pretty easy, especially when it comes to the extension for many environments.

Which other solutions did I evaluate?

We looked at Cisco, Barracuda, and Fortinet.

What other advice do I have?

I'd advise teams to give it a try!

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Ingeniero de Infraestructura at E-Global S.A.
User
It enabled us to switch from a decentralized solution with seven firewalls to a solution that's easier to manage
Pros and Cons
  • "Check Point's most useful feature is threat prevention and extraction. It was tough to manage seven firewalls and a perimeter solution for IPS, anti-malware, anti-bot, and sandboxing."
  • "It could be easier to access the installation of the Hostfix for VSX solutions. The CLI commands help us understand how virtual firewalls behave in terms of processor, memory, and other aspects. More graphic visualizations of CPUSE commands would be a welcome improvement, and Check Point could expand scripts to run within the solution for multiple tasks."

What is our primary use case?

We use Check Point to protect our two data centers under an active scheme. It allows us to protect our customer information while preventing cybersecurity events that put our customers at risk. We use threat prevention and extraction, VPN, firewall blade, VSX, and the entire Check Point management suite. Our setup includes two firewalls in a high availability and VSX environment, respectively. We also take advantage of Check Point's load balancer, which works very well. The failover is performed automatically, without any flashing or noticeable impact on the user. 

How has it helped my organization?

Check Point NGFW enabled us to switch from a decentralized solution with seven firewalls to a solution that's easier to manage with high-availability firewalls and capabilities that were previously lacking in NGFX. It helped us connect our users working remotely during the quarantine while maintaining our security policies and avoiding zero-day attacks. 

The solution makes administration more straightforward because we can replicate the policies in both data centers with a single click, helping us to deploy quickly in both gateways without problems.

What is most valuable?

Check Point's most useful feature is threat prevention and extraction. It was tough to manage seven firewalls and a perimeter solution for IPS, anti-malware, anti-bot, and sandboxing. 

Integrating everything in Check Point allows us to see all the attacks that are blocked with our perimeter countermeasures every day. Check Point's high detection rate improves our overall security posture, and we can achieve a low rate of false positives through a few adjustments to the configuration.

What needs improvement?

It could be easier to access the installation of the Hostfix for VSX solutions. The CLI commands help us understand how virtual firewalls behave in terms of processor, memory, and other aspects. More graphic visualizations of CPUSE commands would be a welcome improvement, and Check Point could expand scripts to run within the solution for multiple tasks.

For how long have I used the solution?

I've been using Check Point NGFW for seven years

What do I think about the stability of the solution?

Check Point works well in a high-availability setup, and the failover is fast. We had very few instances of unavailability. It happened once when we had hard disk issues, but the RMA process was quite simple, and the replacement part came quickly.

What do I think about the scalability of the solution?

We added new Check Point firewalls twice this year, and it was relatively simple. You can quickly migrate the configurations, and your new firewall is ready to go after a few adjustments to the settings.

How are customer service and support?

Check Point's support has been excellent, and they respond immediately via phone, chat, and email. In particular, I think the chat support was great. 

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

Previously, we were using seven open-source firewalls, and we decided to go for a solution with good ratings from NGFW users. We wanted something well-positioned in the market that had good support.

How was the initial setup?

Migrating from an open-source, decentralized setup with seven firewalls to centralized management was complex, but it was less complicated than we expected thanks to Check Point’s management features. The ability to perform a parallel startup helped a lot during deployment.

What about the implementation team?

A vendor team helped us, and the migration was smooth. The Check Point engineers who worked for our partner were well trained to handle the implementation.

What's my experience with pricing, setup cost, and licensing?

Check Point NGFW can be expensive compared to other competitors, but the price matches the functionality and efficiency of the solution.

Which other solutions did I evaluate?

We considered Fortinet, Palo Alto, and SonicWall before settling on Check Point

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Ozan Durmus - PeerSpot reviewer
Senior Information Security Specialist at Akbank
Real User
Top 5
Smart, simple, and user-friendly
Pros and Cons
  • "The solution offers a good GUI."
  • "The API support is good. However, Check Point needs to focus on more prepared scripts for some tiresome actions."

What is our primary use case?

We are using physical appliances along with some VSX's in our network. We mostly use firewall only (due to high traffic usage). We are using CP NGFW to protect the company from the internet and also provide security while we are connecting to the internet.  

We have physical clusters that we manage via our company's external connections through S2S. We are managing our core and client networks with separate clusters. Applying security rules and providing NAT when we need it. We are also using CP in our DRC environment to provide SRC and DST NAT with VSX to provide access to machines that have the same IP addresses.

How has it helped my organization?

Back when we had a different brand of firewalls, we were having trouble managing all of them separately. With Check Point's HA capability, we merged all of our Check Point firewall management. With this, we can apply a viable DRC solution that our company needs and also manage, view logs, and administer all of the components together.

With the capable appliances, we don't experience any CPU and Memory utilization most of the time. With the help of new versions, Check Point is moving forward. We hope the upcoming version will provide hyper flow, and this will solve our elephant flow problem.

What is most valuable?

The solution offers a good GUI. It is easy to use, smart, simple, and user-friendly.

The client VPN and S2S VPN capabilities are great. Check Point's mobile access provides us with flexibility. We don't have a single point of failure regarding the VPN access points anymore.

We can use Check Point NGFW physically, virtually (with Check Point VSX), and on the cloud with CloudGuard. We have most of the features available even within these different environments.

We can apply SAM Rules (without installation needs), and Custom Intelligence Feeds.

It has good API support and provides value when you need it. 

What needs improvement?

The API support is good. However, Check Point needs to focus on more prepared scripts for some tiresome actions. Other vendors provide this, including Palo Alto). We are in a big organization now, and we need good tools to maintain stability and get rid of the objects and rules that we don't use.

If you are working within a big organization, you may have some CPU and memory utilization problems. Most of the time, we are encountering these kinds of problems, and due to that, we can't use other features and blades other than the firewall or threat prevention.

I find Check Point's log experience a little tiresome as it does not provide information with limited blades enabled. We'd like to see information around session time, sent and received bytes, etc. Even if you manage to get some data, you may find it not very reliable.

For how long have I used the solution?

I've been using Check Point's NGFW and its features for about five years. 

What do I think about the stability of the solution?

I found Check Point's stability a little bit so-so. Not that good, not that bad. Most of the time it is reliable. We had lots of problems before due to the utilization of our firewalls. Most of the time, the hotfixes provided the solution. However, applying hotfixes and getting in touch with the R&D when needed may be tiresome.

What do I think about the scalability of the solution?

It's pretty good. The HA Features provide a good solution so far, and with Maestro it will perform better.

Which solution did I use previously and why did I switch?

I had the chance to work with Fortigate and Palo Alto Firewalls before. Due to the stability and know-how regarding Check Point, we chose this vendor.

What was our ROI?

We always believed and saw that the money we spent on Check Point was not in vain.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
reviewer1543578 - PeerSpot reviewer
User at Johnson Controls, Inc.
Real User
Easy to manage and use, affordable, with support that is knowledgeable and helpful
Pros and Cons
  • "The uncomplicated configuration ensures that mistakes are avoided and rules are easily audited."
  • "The one thing I have been continually asking for is a more robust certification process including self-paced study material similar to Cisco's Security certification track."

What is our primary use case?

Our branch offices and customer sites require Internet access for the on-site staff and remote access capabilities for after-hours and remote support.

The Check Point firewalls allow us to provide site-to-site VPN, client VPN, web/app filtering, and IPS functionalities.

Client VPN is leveraged by site staff due to the majority of our sites requiring 24-hour support and also allows centralized teams to remotely assist with multiple sites globally.

We also use these at locations to provide security when our stand-alone network requires connectivity to the customer's network.

How has it helped my organization?

Check Point's solution is both affordable and easy to manage for the small business applications that we utilize them for. Due to the great pricing and support, we can afford to deploy the firewalls in a high-availability solution providing greater uptime and less worry. 

The price point of their equipment also means that we can often purchase a more robust solution compared to some competitors and Check Point's inclusion of more advanced features, such as IPS, by default, is a great selling point.

What is most valuable?

We greatly appreciate the ease of configuring firewall policy ACL rules and how the seamless integration with VPN users and user groups provides the ability to granularly restrict access. The uncomplicated configuration ensures that mistakes are avoided and rules are easily audited.

Having the ability to set an expiration date for remote access VPN users simplifies the process and increases security by ensuring that stale accounts and not forgotten.

In general, we find that CheckPoint offers a great balance between ease of use and configurability.

What needs improvement?

The one thing I have been continually asking for is a more robust certification process including self-paced study material similar to Cisco's Security certification track. Not everyone can afford the time and money to attend the official in-person classes offered by Check Point. Even if someone was not interested in fully pursuing a certification, offering certification guides is often a method that IT professionals follow in order to learn about a specific topic and keep for reference.

An area that I sometimes find lacking is the information provided by the system when performing troubleshooting issues such as site-to-site VPN tunnels. The logs provide general information regarding what is happening but often, it leaves you wanting additional details. This also ties back into the lack of training and knowledge required to utilize the more advanced features of the command line.

For how long have I used the solution?

We have been using Check Point NGFW for more than five years.

What do I think about the stability of the solution?

We have never had a device or software failure in the more than five years that we have been using Check Point devices. To date, we are extremely happy with the performance.

How are customer service and technical support?

The few times that we required customer service, they have been extremely helpful and knowledgeable. I would rate them on par with the other top-tier companies.

Which solution did I use previously and why did I switch?

We previously utilized Cisco firewalls but the cost structure of the hardware, licensing, and support became prohibitive. Check Point offered a more robust solution at an affordable price point.

How was the initial setup?

The initial setup was extremely quick and easy, and the deployment time for a new site is often under a day.  

What's my experience with pricing, setup cost, and licensing?

The price point and licensing was the main factor in moving away from Cisco and migrating all of our sites to Check Point. They offered more features for a lower cost than competitors, and the licensing model was easy to understand.

Which other solutions did I evaluate?

We evaluated NGFWs from Cisco, Palo Alto, and Fortinet in addition to the Check Point.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
rblog - PeerSpot reviewer
Systems Engineer at Trends and Technologies Inc.
User
Protects network infrastructure, offers great security blades, and good core acceleration
Pros and Cons
  • "The detection rate for any cyberattacks/suspicious activity is very high (more than 90%)."
  • "It would be best if the security management server console access is simpler for ease of management."

What is our primary use case?

The solution is primarily used as an edge firewall safeguarding any organization or company which are really considering it as their number firewall of choice. In addition, there were also companies that are only using the specific blades, for example, IPS or IPsec, only as their primary solution. It is mostly used as an edge firewall. Sometimes, all security blades are utilized. As a significant part of the whole network infrastructure, Check Point delivers high detection and prevention rates when talking about suspicious and cyberattack types of activities.

How has it helped my organization?

Primarily, Check Point played a very vital role in protecting our whole network infrastructure. Having been able to implement such a solution will keep one's organization's security posture well guarded. The best part of Check Point NGFW's operational mechanisms were the Threat Extraction and Threat Emulation blades respectively. The former delivers documents with zero malware in zero seconds and the latter analyzes the original document in an isolated sandbox, identifying unknown threats. 

I'd recommend this kind of firewall for companies considering it since the detection rate for any cyberattacks/suspicious activity is very high (more than 90%).

What is most valuable?

Check Point NGFW has all the security blades a certain company would want to implement for a network firewall facing the public internet. The upsides of choosing this kind of firewall are traffic acceleration, core acceleration, and interface acceleration which would help in maintaining smooth sailing activity, giving administrators less dilemma. 

Administrators always find it hard and disturbing when such a network bottleneck occurs spontaneously out of nowhere. With that said, Check Point still ranks first among other vendors.

What needs improvement?

It would be best if the security management server console access is simpler for ease of management. System administrators find it really difficult for the management settings to incorporate easily. Most administrators nowadays are looking into something that offers easy access to a management console or GUI. 

I could not think of other areas for improvement. This is the firewall that I liked the most among other vendors in the market. It's by far the best firewall in the security industry.

For how long have I used the solution?

I've used the solution for three years already - since the start of my Network Security Engineer career.

What do I think about the stability of the solution?

Stability-wise, it is perfect! 

What do I think about the scalability of the solution?

When you perform sizing, make sure that the necessary scalability is considered. There's no going back when things like this are compromised.

How are customer service and support?

Lately, Check Point support is nowhere to be found.  We are always attending other customer sessions when, in fact, support is needed for a P1.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

Mostly, they are the Gartner leaders for NGFW. A switch was made when customers found the solution more secure per doing the proof of concept.

How was the initial setup?

I could say that it is complex even though they are already CCSE and Check Point Expert. There is no way I could find its management easy to use.

What about the implementation team?

We handled the setup in-house.

What's my experience with pricing, setup cost, and licensing?

That there is a money-back guarantee for their business. A business being secured is a business of high return.

Which other solutions did I evaluate?

There are a lot of evaluations to be done prior to choosing the solution. It caught the customer's attention when the threat extraction/emulation blade really did well during the proof of concept activity.

What other advice do I have?

So far I have mentioned all the things needed to be given importance with regard to an NGFW solution.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Senior Infrastructure Service Specialist at a financial services firm with 10,001+ employees
User
Top 10
Stable with great security features and helpful support
Pros and Cons
  • "Even though Check Point NGFW provides a set of security features that enforce protection on the network, the most valuable aspect is also the most used feature: the plain and simple firewall component. This is the core of the product and works to a great extent without the need for all other available bells and whistles."
  • "Although the GUI is simple to use and fairly comprehensive, more support via CLI would be beneficial for bulk operations."

What is our primary use case?

I work for a large bank in Australia and the Check Point NGFW is used on the edge of the network. This strategic positioning allows the platform to provide extensive protection to internal systems from the internet, avoiding security threats on the most sensitive places on the network. 

Another factor in the positioning of the firewall is the protection from external partners connected to the internal network through VPN and MPLS tunnels. The solid performance and flexibility allow the platform to be trusted on this strategic spot.

How has it helped my organization?

Check Point NGFW has contributed to the success of the organization in keeping data safe through its powerful and flexible security features. 

In conjunction with the Check Point Management Platform, the firewalls provide an easy-to-use platform that facilitates and creates agility in the operation. The easiness to operate the platform creates a great value for the operation since it is easy to train people to work with the platform. 

Agility is also a key factor for the rapid response to business needs.

What is most valuable?

Even though Check Point NGFW provides a set of security features that enforce protection on the network, the most valuable aspect is also the most used feature: the plain and simple firewall component. This is the core of the product and works to a great extent without the need for all other available bells and whistles. 

What may sound obvious is actually an important point to be weighed, since several platforms in the market promise miracles but fail to deliver the basics. Check Point NGFW most definitely delivers a great, stable platform in that regard.

What needs improvement?

Although the GUI is simple to use and fairly comprehensive, more support via CLI would be beneficial for bulk operations. Repetitive tasks can surely be explored via API, however, oftentimes, tasks that are not worth automating can take longer than expected via GUI, while it could be easily tackled via CLI.

There should be better and more comprehensive reporting. This would also bring a lot of value to the platform by enhancing its capability of bringing transparency to the network.

For how long have I used the solution?

I've used the solution for about three years.

What do I think about the stability of the solution?

The most recent software version is stable and reliable. There have been some issues in past versions, however, there have been no big ones in the most recent releases.

What do I think about the scalability of the solution?

There are good scalability options through virtualisation. The platform can be expanded to multiple segments.

How are customer service and support?

The support provided by the vendor either via professional services or an engineer is always spot on. They are quick to act and help.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

This platform was already being used when I joined my company.

How was the initial setup?

The initial setup can be cumbersome.

What about the implementation team?

We did the implementation with vendor support.

What was our ROI?

As the platform delivers competent security enforcement with simplicity, the ROI is great. The easy-to-operate nature of the product means fewer hours spent by people struggling with things, while the network itself is constantly kept safe. 

What's my experience with pricing, setup cost, and licensing?

The use of virtual firewalls within the platform should be considered for horizontal scaling and in order to increase the product's cost-effectiveness. 

Which other solutions did I evaluate?

I was not part of the evaluation process.

What other advice do I have?

This is a great and stable platform overall. Performance and simplicity make this a good choice for any size of company.

Which deployment model are you using for this solution?

On-premises

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Check Point NGFW Report and get advice and tips from experienced pros sharing their opinions.
Updated: September 2022
Product Categories
Firewalls
Buyer's Guide
Download our free Check Point NGFW Report and get advice and tips from experienced pros sharing their opinions.