Check Point Remote Access VPN Reviews

This functionality is very practical to be able to connect to the business network from anywhere; the monitoring that can be provided and the granularity in the VPN to provide control to users is really good.

It offers excellent performance to be able to connect our users to business applications outside the company perimeter.           

It is easy to use and has an easy-to-use connectivity agent, and can be integrated with MFA to provide an additional layer.

In these times when the priority is telecommuting or working from home, it is essential to provide accessibility to the company safely. Through Check Point it was possible to provide this essential comfort to users who work in this modern format.

One of the features that draws a lot of attention is the integration of the remote VPN application in our Check Point gateway and management server, where it is easy to use.

The granular control and access under the Check Point policies made applying a zero trust policy much easier, providing greater security.

The integration with MFA through a configuration and integration with Azure is quite good, providing security to the user's identity. It is a very important feature where everything is tried to shield against modern vulnerabilities.

The license is included with gw licensing, however, in terms of the number of users that can be activated for use.                                                                                       

In our case, we quote additional licensing and it is quite expensive for remote VPN, other manufacturers are not so expensive.

The support provided is slow, in addition to the fact that the service hours are contrary to ours, which generates slower problem solving, I think it is important to improve this area.

This is a not-so-new tool that can be used in our gateways and management products. We have used these VPNs since we started using our environments with this manufacturer.

On a personal level, I had previously used Cisco and Azure VPN, among others, however, the control generated with Check Point is not the same. It is much better.

It is essential to validate how many remote VPNs are required, check costs, and see if they are within the scope of the company.

We validated the scope against other manufacturers and were satisfied with the security features provided by Check Point.

On a technical level, the tool is very good, and safe, in addition to providing a lot of control.

I like the fact that Remote Access allows the administrator to control and manage things. It makes things smoother, and it has been an excellent experience. 

We started with 50 users, but our numbers are increasing. Now it's difficult for us to maintain a steady internet connection and remote access, so we want to upgrade. We are considering a switch to FortiGate. I think they may have better service than Check Point offers. 

Scalability is where we're having problems now. Generally, Check Point has been working fine, but we need something that can accommodate many users and provide a steadier internet connection. Our remote users need to access the VPN without any issues. Of course, this could also have something to do with our internet connection at the organization.

We've been using Check Point to manage sites we need to block. It gives us the option to totally disable things, but it does not let the administrator create exceptions to allow specific users to access certain websites. Check Point could enable the administrator to permit users to access particular sites. I think the VPN we're using may have exceeded its lifespan. For example, if you check Instagram on Check Point, you might not even see it showing up, and it's difficult to restrict access to specific applications. 

We started using Remote Access VPN sometime in the past five years.

The connection has gotten less smooth as the number of users increases. The issue is that the logs fill up quickly. Too many users are connecting remotely. It worked great when we only had a few remote connections. Now, it is disconnecting people and dropping the internet connection.

It fills the logs and cuts off our connection when it gets full. It stops working. It's time-consuming to reset the device and reload the backups. It takes us about two hours because we would need to reconfigure those routes and integrate them with the IP addresses we have set up.

The setup was straightforward. Everything was populated on Check Point, so it was easy to select what we wouldn't allow. We deployed on-premise because we have the space and infrastructure to support it. 

The deployment didn't take long. Two IT people are responsible for the deployment and maintenance. The online documentation will walk you through the process. When you do a manual reset by pressing the button, it guides you through the setup process. You only need to follow the steps. 

After that, we import our backup file, and it populates. Next, we run the updates and check we forgot to configure anything else. Some backups are older and might not align with what we have running on the ground. 

I haven't seen an ROI.

The cost varies. I believe the price ranges roughly from about 3000 to 4,000 ZWD. I don't think it gets any lower than that. The initial cost is high because you need to buy the hardware, and you incur some setup costs, but the expense drops in the long run.

So far, I have not tried any other solutions. I'm doing the research now. I'm still shopping around, trying to understand what's on the market before deciding.

I rate Check Point Remote Access VPN eight out of 10. Aside from our current performance issues, it was smooth and flawless. I'm still shopping around. I was content with Check Point, but I want to see what's out there. I'm interested in knowing more about other available solutions. My primary goal is to avoid going through this process again two years from now. I'm hoping the next product will be a long-term solution, and it will be a while before we consider upgrading to something different.

The solution is primarily used for secure access for remote users. It's deployed as a SaaS over the cloud. 

The solution offers great security features, including zero-day protection, malware protection, anti-phishing, et cetera.

If you are new to deploying the solution, the initial setup might be difficult the first time around. I had trouble setting the policies and then resetting the device. 

I joined my company eight or nine months ago and have been dealing with the solution since then.

I don't have much information on the stability aspect of the product. I haven't spoken to customers about their experience. 

I haven't discussed scalability with customers to get their take on how easy it is. 

We haven't referred to the technical support of Check Point just yet. We did have a replacement engineer assist us in deployment, and they handled it quite well. 

Positive

There was complexity in the initial setup. With one client, once we installed it and then tried to set the policies, the firewall was not responding very well. I was doing it for the first time, so we were unable to do it. The customer was not pleased with that, so we had to send another engineer to deploy that device. That's not to say it's overly hard - it was just my first attempt at an installation.

We had three engineers handling the initial setup. We deployed it over two days. 

I'm hoping that the next time I'm deploying it, it should be done perfectly, without any support from any other engineer.

We do the implementation for our clients. 

I'm not aware of the exact licensing costs associated with the product. 

We are in the business of selling firewalls. We're resellers and Check Point partners. 

I personally have sold just the Check Point solution to only one customer. We are also selling data storage solutions, data backup, and cyber security solutions.

We are dealing with the latest version of the solution.

The solution is available both on-premises and in the cloud. 

I'd rate the solution nine out of ten. I'd recommend it to other users and companies. 

Check Point Remote Access VPN is used to allow our employees to use the corporate resources or remote access to the corporation and lightweight on resources.

The most important feature of Check Point Remote Access VPN is the multiple factor authentication.

Sometimes we have some small problems with Check Point Remote Access VPN. For example, problems with authentication.

I have been using Check Point Remote Access VPN for approximately three years.

We have approximately 1,000 users using this solution. We do not have plans to increase usage at this time.

The initial setup of Check Point Remote Access VPN is simple. The deployment took us approximately two weeks.

Check Point Remote Access VPN is not expensive and the cost is annual.

I rate Check Point Remote Access VPN a nine out of ten.

Since SARS-COV2, most users went to work from their home office, so we needed to have an robust, secure, and stable VPN connection. We implemented Check Point VPN and we have had no problems with it. We are almost 50 users working from home securely. Also, the access rules based on VLANs have helped many users get access depending on which connection they have. For example, some users with VPN connections can only access some specific servers and ports, however, when they are on an internal LAN, they have access to the entire network.

We have more control over the activity that users have on the internal network, thanks to the monitoring offered by Check Point and the security provided by the gateway. 

I'm the IT manager for the company, and my work has been improved due to the fact that, in conjunction with VPN, we implemented the Endpoint Security client so we can manage our client's computers even if they are not physically in the office. When we need to remove some users from a VPN connection we just need to lock the account and use the assets console to disable the feature from the client's computer.

The combination of the user accounts for the VPN with the access rules provided by the security gateway gives you more control and specificity about who has access to what. For external users, we can offer a solution based on the internet needs and we are able to share information on a secure channel. We can specifically point to the desired resources in the organization without the need to install any additional software on external client machines.

It needs to improve the capability of the Secure browser VPN connections. Some in-house applications didn't work due to the use of JScript and the backend and front end technology for the applications. In the case of URL translation of the VPN Web portal, the requests made from the front end to the back end weren't valid (due to the use of dynamic subdomains). In the case of host translations, the request was made to the same host, however, we cannot specify the ports, which, in our case, are used to redirect to different servers.

I've used the solution for over two years.

It's very stable, however, I recommend some scheduled restarts for cleaning connections and processes.

It is very easy to manage the solution and also the integration.

I have had a good experience with the support tickets that I have dealt with.

Positive

Previous to Check Point, we didn't have any gateway security.

The initial setup was a little complex as it was the first time working with Check Point.

The implementation was handled by an in-house team.

We expect that investments is recovered in two years.

The pricing is fair and the support team is good.

We were evaluating Fortinet as well.

Check Point is very reliable and secure.

We have always worked within the office. However, the COVID pandemic changed the course of our work in terms of where we had to implement new solutions so that we could all work from home. That was when I encountered Check Point; we had years with this solution in the facilities, yet, only during the pandemic did we have to innovate for a home environment. Today we have more than 6000 users working from home thanks to Check Point. This is possible due to the fact that, with a certificate and the client for this connection, every person can connect to our environment as if they were at the office.

We still have many areas of opportunity in which we must work, however, this has required us to improve our infrastructure in order to accommodate remote work. Since the beginning of the pandemic, we have had this solution and we have had many challenges since there are more than 6000 people who work from home. For security, we have an expiration time of the .p12 certificates and that requires updating passwords. Today, we are integrating this solution with a 2MFA system to give much more security to corporate.

The IPSec VPN, Mobile Access, and Identity Awareness are three of the blades with which we have been working with since the pandemic. This has given us great mobility, making our network more dynamic for connection to corporate due to the integration we have of Check Point via our AC or LDAP. 

We are creating rules by user and not by IP (which could be done both ways). We stick more to mobility inside and outside the corporate environment. Since then, corporate has been increasing security and keeping our workers happier.

The authentication that we handle is through a .p12 certificate, however, we have integrated it with a 2MFA service through another provider. Something that could improve Check Point is if it had its own 2MFA service through a blade or some sort of application. We'd be able to give a better experience to companies that already have a contract or Check Point services that deal with a work-from-home environment, giving greater scope and coverage from a single centralized dashboard.

I've used the solution for more than two years

The stability is the best.

The scalability is great.

 We have witnessed a fast response from the support team.

We did not use a different solution.

The initial setup was not overly complex.

We handled the installation in-house.

We've witnessed a 40% ROI.

The price is a little high, however, the solution is something that we recommend often.

We did evaluate other options.

Remote Access VPN is one of those essential items for every organization in order to maintain seamless and highly secured connectivity between the end-user and the organization's local area network to access resources - including Jump server Databases, et cetera.

No matter from which device or from which location users are accessing an organization's local resources, with the help of the Check Point VPN client they can make sure they have connected securely.

Check Point offers a best-in-class encryption algorithm to ensure confidentiality and maintain integrity between the end-user and the Gateway. 

In disaster situations like Covid-19, most users were working from home or in remote locations. In such cases, Check Point Remote Access VPN provides feasibility to everyone to work from home and access an organization's resources remotely.

With a client-less configuration known as SSL VPN users can directly access resources via a browser-like database, share folders, et cetera.

To maintain the authorization of the connected user, Check Point provides multi-factor authentication for an RA VPN client to make sure legitimate users have access to resources.

• Secure connectivity: Guaranteed authentication, confidentiality, and data integrity for every connection and user.
• Straightforward Configuration: Easy to enable blades and define policies.
• Authentication: SAML authentication makes sure the user is legitimate.
• Compliance check: It scans the endpoint machine to detect suspicious/malicious content before connecting to an office network.
• MEP: Multi entry points to make sure there's availability to the LAN network even if the primary gateway goes down.
• A single client can work as sandblast agent.

Check Point RA VPN requires companies to take separate licenses initially so that only 5 connected users licenses are given as subscriptions. Most other competitors, like Palo Alto, provide 1000 connected user licenses for free.

Some configurations, like idle timeout (the requirement came from multiple users), are not possible to configure directly from the Check Point management server. We have to make changes in the local directory of the respective devices.

I've used the solution for more than three years.

The solution is highly stable.

Check Point has an Unlimited License Package for the RA VPN and therefore we can scale it easily.

Customer service has a dedicated team that handles RA VPN cases which ultimately leads to an early resolution.

Migration has taken place such as from Cisco to Check Point and Sophos to Check Point. During that phase, the customer needed to change the VPN client as well.

Browser-based functionality is one of the best things that Check Point provides.

The initial setup is straightforward during the initial configuration.

The setup is very straightforward but subscription-based. It isn't cost-effective.

We did look at Cisco Anyconnect and Palo Alto Global Protect.

We've used Check Point VPN to move from an on-premise VPN Cisco product to a VPN built on the cloud. We decided to use Check Point as it was fully integrated with Microsoft Azure and present on the Azure marketplace. We deployed this solution on different subscriptions and used the MEP function to reduce users' latency on the VPN. The implementation has not been very easy, and the implementation of MEP has taken months. There were a lot of hotfixes to install, and the CLI configuration on the files had to be done. The configuration, in fact, can't be implemented using a GUI.

The solution has allowed us to remove the on-premise VPN solution and to remove firewalls from the data center. The solution implemented on the cloud allows us to easily scale in cases of increased users - such as during the pandemic, where all users had been moved to Smart working and to a VPN. In fact, in February of 2020, when we closed all of our offices and gave all users the possibility to work from home, we had licenses and CPU problems on-prem. The Check Point solution offered us an unlimited number of users and that made the solution very scalable.

I found the MEP feature the most valuable. This has improved users' latency allowing the users to connect to the nearest Azure Check Point VM. 

The Multiple Entry Point (MEP) is a feature that provides high availability and load sharing solution for VPN connections. A security gateway on which the VPN module is installed provides a single point of entry to the internal network. It is the security gateway that makes the internal network "available" to remote machines. If a security gateway should become unavailable, the internal network is no longer available as well. An MEP environment has two or more security gateways to both protect and enable access to the same VPN domain, providing peer security gateways with uninterrupted access.

The main problem with Check Point is that some configuration can be done with the smart console in GUI, however, some others need to connect to the firewall via the CLI on SSH and therefore you will need to modify the local file on the firewall with VI. 

ASA is so easy to reserve some static IPs based on users, however, in Check Point, it is really difficult to do so. In addition, you can't reserve as static some IP that you are assigned dynamically to a local pool. 

You have no ability to reserve a total number of licenses. The VPN user licenses are assigned per gateway, and if you enable the MEP function is not so easy to size the gateway licenses. 

The configurations that you do to modify local files are not reflected in the GUI via the smart console. 

We have been using this solution since 2020.

The solution isn't really stable. Maybe the last versions of R80.40 and R81 were more stable, however, the upgrade (if you have another old version) is really difficult and you have to rebuild the solution (if you are on Azure cloud).

The solution is really scalable. You have to know that if you want to scale the solution you will have to configure and rebuild an SMS server with high CPU/memory resources, however.

Unluckily the experience with support, especially in India, is really poor. It's best if you open a case using the Israeli team as that one is better.

Yes, we were using CIsco ASA on-premises. We switched because we were moving our data center infrastructure onto the cloud.

At first, the implementation was not easy to set up. We found many bugs and we had to install different hotfixes and upgrade the version more than one time.

We implemented the solution via a hybrid approach. Check Point professional service is really good, however, our third-party implementation team was not very good.

At the moment, we have not reached the ROI point.

I'd advise users to pay attention to the sizing of the solution. There is not an intermediate number of licenses. It's very easy to go to unlimited users licenses.

We have gone with the Check Point solution due to its cheap price. Other options we considered were Palo Alto with Global Protect, Zscaler with ZPA, and Cisco Firepower implemented on Cloud.

I suggest that if you want to implement this Check Point solution you should have good knowledge of the system as well as a system integrator or direct contacts in Check Point. In case of any issue, the support is poor and it's not easy to solve issues using technical support.