Check Point Remote Access VPN Reviews

We primarily use the solution for work from home. Our main goal is to provide users with the ability to access their workstation from anywhere in the world.

We provided remote access to more than 500 users during the pandemic. Check Point Remote Access VPN has worked smoothly as our appliance is capable of supporting 1000+ users.

We deployed a VPN client-based solution with multi-factor authentication. The compliance check feature is useful.

It is compatible with several operating systems, and it has great protection against malware.

It offers a simple configuration and setup.

We developed work-from-home policies for our organization during the pandemic due to the rise in COVID cases. As network security engineers, it's challenging for us to manage users' personal laptops and computers which are not up to date (OS, Antivirus ..etc). However, when it comes to the Check Point VPN solution, we overcame all the challenges and successfully implemented our infrastructure. Logs are helping us to monitor each user's activity. We can also isolate user laptops or PCs from the internet when its gets connected to our network.

The remote access blade is built in on the firewall, so it is easy to activate through the Smart Console.

Only the VPN client supports only the Windows and Apple Mac operating systems, which also support iOS and Android mobile platforms. The Check Point development team deserves praise for a flawless experience.

Multi-factor authentication and compliance checks help us to ensure maximum security.

VPN logs give us complete visibility and track unusual activities.

The VPN client user interface is simple and perfect.

The VPN client software is lightweight.

It's difficult to configure on Linux workstations as Check Point Remote VPN clients support only Windows and Mac devices.

The configuration of a VPN requires a distinct VPN Tab. Once the VPN blade has been activated, after activating VPN blade, we need to make some configurations in the gateway option settings and others in the VPN communities section. It would be preferable if these two things came together in one place.

Apart from this, it operates flawlessly. To improve our IT Services, we poll our users. The majority of people say how excellent the remote access VPN service is. Additionally, they stated that once connected to a VPN service, they never experience connectivity problems.

I've used the solution for more than two years.

The product offers excellent customer service and support.

We used a different solution that did not satisfy us in terms of security. As a result, we decided to deploy Check Point for enhanced security.

Before migrating to the Check Point firewall, we conducted market research and solicited feedback from my contacts who are already Check Point NGFW customers. We decided to use Check Point.

The VPN Setup and initial configuration are tricky and not straightforward. For example, you need to:

1. Do some configuration in the gateway option, then:

2. VPN Communities

It would be preferable if step 1 and step 2 were available in one place.

3- Lastly, you must apply the firewall policy

We implemented this solution ourselves.

We now have a reliable VPN solution to offer our staff, which is a significant return on investment.

This product provides a secure connection to the corporate network from anywhere and safe traffic of data regardless of the possible threats in the WAN it's connected to. It also provides secure access to company apps and controls the traffic depending on each company's policies. Through it, we create layers that control or limit data traffic for specific users. I've been trained in the product and know it's one of the most effective in the business and admit to facilitating my customers to get it from our Check Point partners.

A clear example of the positive impact this license has had in my organization was back in 2020. The software was in use since before the pandemic hit so our personnel was familiarized with the product; the transition was smooth and secure from the office to work from home. Access policies were run through the active directory applied on all kinds of end points, from cell phones, tablets, laptops, desktops - you name it. Access could be restricted by location and using network security assessments that prevented connecting to corrupted networks. 

We already use the Check Point Firewall and those are the ones the organization's employees connect to for the remote VPN and it made it really easy to activate this function as new hardware was not needed. 

The team has full visibility of the users that connect allowing them to keep control of who is in the network and what data they are allowing to come in and out. Be it if our users are at home or in the office the same policy applies to them allowing us to view the traffic within our organization.

In my organization, there aren't Linux users, however, I know it has difficulties offering secure access for customers who use this operating system. 

Also, this product has limitations with headcount addition, as there are performance limitations in each security gateway the software has. 

The ability to allow split-tunneling while still following our corporate policy should be offered. 

Some things like the compliance aspect of the VPN Client can be updated so the product stays up to speed with the ever-changing environment in software security.

For the past eight years, I've been working at a company where I was first in software security sales for three years and then five years in hardware sales. Since I have a background in security, I've been part of training and sales where Check Point products are involved. I have tested most products Check Point offers due to our partnership.

Remote Access VPN (Remote Access VPN) allows users in our organization to connect to a private network to access services and resources remotely. This connection is secure and is made through the Internet. It came to support us so that users, whenever they were outside the organization and were supporting customers from any region, could have secure access to the corporation's data. 

Another important point is when our executives travel to regions where certain access to services is blocked. The VPN helps us bypass that block. Since a VPN can hide your real IP address, it can help you bypass geo-blocks, as the platform the one you want to access will think it is from the “correct” geographic region.

The solution is giving us security when it comes to sharing our data safely through the private and secure tunnel that is created when creating the VPN. The VPN hides your IP address and encrypts your online traffic and it essentially ensures that your fingerprints cannot be traced on the Internet. Online hackers won't be able to use your real IP address to discover your personal data, and government surveillance agencies and ISPs won't be able to monitor what you do online by snooping on your traffic.

In addition to helping you avoid government surveillance, it also helps keep your privacy safe from advertisers.

In terms of the way they ensure traffic, an example is when we use Wi-Fi in public areas.

WiFi is everywhere nowadays and it is extremely convenient to use, especially if you have a tight mobile data plan. The only problem with free WiFi is that it's often unsecured, which means you're putting your personal data at risk every time you use it. After all, cybercriminals can find out a lot about you, which can lead to them stealing your:

• Credit card details
• Bank account details
• Email login credentials

However, if you use a VPN, you won't have to worry about those dangers. A VPN uses encryption to protect your online communications, making sure no one can monitor it. Basically, if a hacker tried to see your connection traffic, they would just see nonsense.

That the level of Remote access VPN was higher by default as other brands do it that way. In the case of Check Point, they are not like that. The maximum it is giving us is only 5 licenses and if you need more, they must be purchased separately. From my perspective, it should be added to the same cost as the general license, and that well explained makes the product more attractive. Many organizations would have this need, as many are moving off-premise. We have great executives and entire corporate teams that perform work tasks from home.

I've used the solution for about 2 years.

Check Point Remote Access VPN allows organization users to work remotely. Especially in the pandemic period, work-from-home demand has been higher than ever. 

I have a remarkable case about the solution. That is for a bank. They want to have remote access VPNs that can provide connections for internal users who work remotely, partners who have restricted connections to the bank environment and ATM machines that connect to core banking applications. All VPNs acted in the same internet connections but still ensure these three VPNs were separated from each other. For the requirements, deploying the VPN in VSX appliances helped to solve issues. I created three virtual instances: one for corporate users, one for partners and one for ATM machines. 

Applying security policies for three instances is different. Corporate users must pass two-factor authentication layers and then have access to common corporate services (like email, and chat) and the right business applications depending on their working role, and their department. Partners after authenticating successfully only have limited access to the right place that they are allowed while being unable to connect to other places. 

ATM machines that act 24/7 need to have continuous connections, thus, they must authenticate using a certificate and their VPN clients must be configured to re-authenticate automatically after a timeout.

Check Point Remote Access VPN supports almost all common devices, from Windows to macOS, and from Android to iOS. Connection methods are flexible, including browsers and VPN clients. 

With such an approach, the solution can solve every remote working problem from anywhere, on any device while maintaining security features. The solution allows us to integrate with external systems like directory servers, email servers, and RADIUS servers for using directory users (a unified user instead must remember many usernames and passwords), adding multi-factor authentication via an OTP certificate. VPN users will have controlled access based on who they are and where they are by security policies. 

The solution offers flexible authentication methods to control access by policies and compliance. 

Check Point can integrate with external systems and third-party solutions to provide multi-layer authentications. This helps secure the user accounts from leakage of passwords and also protects corporate from unauthorized access damage risks. 

Security policies help to convert access regulations to policy rule configurations after authenticating. Setting policies allow, block, and limit users' access. 

With the compliance feature, Check Point can define what conditions user machines should have to authenticate the VPN. This feature helps to add more security to the network.

Endpoint Security on Demand, or Compliance Check is a good feature. It allows the creation of compliance policies and adds more security to the network. Machines will be scanned once they connect to VPN to make sure all of them are compliant. Conditions to configure compliance checks are Windows security (hotfixes, patches), Anti-Spyware, Anti-Virus software, personal firewall, or Custom (application, files, registry). These are not enough in a complicated environment. Almost of them are supported for Windows machines, however, are just limited conditions for non-Windows. In fact, using mobile devices on Android, iOS, macOS, and Linux is very popular. Compliance Check on Check Point should be improved by having more configurable conditions to support multi-platforms and adding more granularity. 

Besides compliance scanning sometimes causes consumes machine resources. 

I also suggest scanning operations will consume fewer resources and increase speed time.

I've been using the solution for more than five years.

As mentioned in my use case, the solution is running for thousands of corporate users, partner users, and ATM machines. The performance is very impressive. 

With Check Point VSX, the virtual instance extension is just an additional license, thus, it's very easy to add VS for other purposes. Besides Check Point also developed Maestro technology to allow hyperscale, increase throughput, and maximize capacity.

The Check Point Support Team is very professional and has technical expertise. The team is online 24/7 to make sure their customers always be supported. Response time to the customer is quick enough when they provide a solution to fix the issues or when they need some time to investigate or when they need some time to investigate they stay up to date.

Positive

I had used Fortinet Remote Access VPN before. At that time, other security features like Firewall, IPS, Application Control, and URL Filtering had been added to the same box running Remote Access VPN. The Fortinet appliance was overloaded all the time - although specifications in the datasheet could be OK. After changing to Check Point (using Remote Access VPN with other security features), the performance was amazing. CPU and memory usages were always at an average level.

Since the beginning of the COVID-19 pandemic, this solution has helped us a lot. We had to move around 6000 people so that they could work from home. It was a challenge for us, however, it was something we managed to do successfully in collaboration with other areas by providing them with a certificate created by Check Point with a .p12 extension and with the peer configuration in their VPN client. 

Now, we are integrating this solution with a 2MFA solution in order to provide better security for authentication of people as day by day the threats and new viruses are always a risk. Sometimes, people do not have that instinct of having to secure their workstations, therefore, we do it for them through the VPN connection.

Connection through VPN has helped us with the connection to corporate. This type of connection has been very useful to us since, as infrastructure personnel, we can establish a connection to our corporate to make a connection either RDP or directly to services in order to be able to carry out any work activity or review any report by the operational part in order to speed up response times. We can connect to our network equipment by SSH, RDP, or via the web, however, only when we have this type of secure connection.

One of the features that has helped us the most with our solutions has been the P2P connection through an IPsec VPN. It has allowed us to extend our infrastructure and grow with new clients. Previously, we had around 15 corporate clients. Through the COVID-19 pandemic, we have managed to grow and now have around 35 new corporate clients and more than 6 people connected by VPN. This has forced us to increase our infrastructure to be able to support all these connections and to have a stable, reliable, and, above all, scalable solution that can interconnect more clients.

We have not migrated to the R81 version and I do not doubt that it will have some improvements compared to the version we use today. 

Without a doubt and with the new trends in technology, Check Point should already have a blade with a 2MFA solution and not through some other vendor. This type of integration would undoubtedly give it a better reach and greater market with new security trends top of mind. 

I know that everything is moving to a cloud environment, however, for all those corporates that still do not trust such an environment, it would be favorable to offer a 2MFA service in a solution tested through a blade or in the cloud. 

I've used the solution for more than five years.

The remote workers were experiencing issues like disconections, no IP avaliables from the DHCP, or unable to connect because the server didnt responde to a ping, however this issue was fix after we instlalled the JHF 125 on each gateway and after the upgrade, everythig has been working OK, but before that Check Point didn´t have a fix for that manner.

Scalability is great. We have been able to grow as a corporation due in part to this type of solution.

They have been with us when we needed help. We don't have any complaints about their level of service.

Positive

We did use a different solution and we switched due to the fact that Check Point is more secure and has more features for the type of connections we need.

It was a straightforward setup.

The product was integrated with in-house personnel.

We've seen about a 40% ROI.

Check Point is an expensive solution, however, it has more features and is more secure than other options.

Ae evaluated AnyConnect and Palo Alto.

We would like them to add a 2MFA feature in the future. This is our direct request.

With this solution, we can:

1) Securely and privately access our data from anywhere with the Check Point VPN. 

2) Connect securely from any device and any asset.

3) Have 2FA enabled while connecting to the VPN in an official mail. If any person has your VPN credential, he can initiate contact for security codes to connect to the VPN.

4) Integrate our data.

5) View VPN events from the console.

6) Easily install and connect the VPN. 

7) Provide colleagues with secure and seamless remote access to the corporate network.

8) Get a full picture with complete network visibility.

The product has improved the organization by:

1) Deploying high performance. Check Point's private VPN gateways can secure our colleagues/teams working remotely with dedicated IPs and provides private resource access. It empowers our personnel to connect with relevant access permissions to access corporate resources.

2) Ensure a user of our organization aligns with traffic privacy with one of many tunneling protocols so that all transmitted data is completely encrypted. The level of security provided by Check Point ensures that only authorized connections are established, so if users are connected, they are protected.

The solution's most valuable aspects include:

1) Ease of install and ease of use.

2) 2FA Security.

3) Seamless access.

4) Integration with our data.

5) The ability to view VPN events from the console.

6) The ability to manage all our devices from one platform and easily secure and segment their access to resources. 

7) Providing authorized least privileged access for all devices.

8) The ability for our entire global organization to work more securely and to allow us to deploy private and dedicated networks in more than one location.

9) The level of security provided by Check Point. It ensures that only authorized connections are established, so if users are connected, then they are protected.

This is the best version we are using, however, if some changes can be made in the next release, I'd like to see adjustments to the time period and internet connectivity. 

For example, when my internet is not working properly, then the VPN disconnects all of sudden and if I want to connect again, I need to do so with credentials and 2FA. In the next release, if the product could program in a hold time then disconnect the VPN due to the internet's fluctuation, that would be ideal as it would improve the way we can monitor our network visibility.

I've been using Check Point Remote access VPN from a Client perspective for eight months.

It is perfectly stable as far as the VPN is concerned because when I used the older version(R.77) of checkpoint Remote VPN then that time there was points of stablility concern but after the upgradation checkpoint VPN(R.80) perfectly worked on stability part and now it is stable for windows and MAC OS.

The solution offers high scalability as far as adding more users. I don't see that as being an issue.

We have 330-350 users in our company who are using the Check Point VPN.

Technical support is good and helpful when needed. Whenever I was stuck, I was able to get a solution. This was provided by the Check Point TAC support and services team and they were helpful.

Positive

I used Forticlient VPN also. However, the Forticlient VPN had no visibility on traffic and we required better security for our organization.

The product is easy to download, set up, and configure. The official site documentation is pretty good and helps you to understand the process in order to get the VPN connected.

I implemented it myself both in-house as well as for our client.

In terms of the cost:

1) It's easy to set up and download from the official Check Point site.

2) It's easy to connect the VPN by putting in the gateway address, credentials, and the 2FA. 

3) I don't know about exact pricing as it's not a part of my job. I'm a technical person. Our sales team knows all the pricing and licensing details.

I did not really look at other options. My first experience was with Forticlient, however, I wanted more security so I chose the Check Point VPN solution and I'm happy with using it. 

We use Check Point Remote Access VPN to provide access to our corporate network and resources to remote users in a secure way. Users have access that is limited or defined by the server.

Access is granted for identified devices post-posture validation. 

Access should be provided via VPN using multifactor authentication other than username/credentials. Users are able to connect from anywhere at anytime using both mechanisms (i.e. User VPN client or browser). 

This solution mitigates or minimizes data leakage issues.

It is stable and scalable and requires minimal management and access provisioning.

This solution has improved our organization by providing access to corporate resources in a secure fashion. It uses complete end-to-end encryption from the end-user machine to the VPN device.

Access policies are created on the firewall for restricting access to resources and applications based on the user profile/policy.

Our security gateway is integrated with Active Directory and access to resources/applications is provided based on the security group created in Active directory.

This product has inbuild/native integration with MFA solutions.  

It does not require any additional hardware in cases where the organization already has the Check Point NGFW. The mobile access blade and remote access VPN can be enabled on the same security gateway. Check Point provides a common dashboard and management console used in conjunction with the NGFW.

Multiple access can be provided using multiple realms, based on the user ID or security group, and access can be provided accordingly. Each realm will have a pool of IP addresses for which access will be provisioned on the firewall.

Organizations that already use the Check Point NGFW Solution do not require any additional hardware, which makes the implementation straightforward and reduces the time to go live. The only requirement is to purchase an additional license from Check Point, and then enable the mobile access blade. After this, the solution is ready to roll out and provide access based on the configured policy. 

Access is restricted based on user ID, security group, and device type. 

Access is provisioned post-posture policy validation and it offers protection against users connecting to the corporate network from non-corporate devices, which minimizes data leakage possibilities. 

Access is available from browsers or VPN clients using MFA. This is helpful in cases where the machine does not have the client installed or the client is corrupted.

We are able to restrict access based on geo-location and device type. Devices can be Android, iOS, Windows, or Linux.

It provides threat prevention capabilities while uses connect via VPN for Windows devices.

Access is provisioned based on a single L3 tunnel being established between the endpoint and the VPN device. If an attacker gains access to this session then all of the tunnel traffic is compromised. It needs to move to next-generation style access, provisioning such as per-app VPN.

The GUI interface for configuring the SSL VPN is not user-friendly and requires expertise. 

Devices are exposed over the internet and it can lead to a security threat.

When a critical patch needs to be applied to the VPN, downtime is required for the entire NGFW. This can impact the business when it has a single security gateway.

This product cannot manage sudden user growth, as each security gateway has limitations in terms of performance and throughput.

The fully-featured security module is only supported on Windows and Mac systems, which means that organizations with Linux will face issues providing secure access. Specifically, modules such as Threat prevention, Access control, and Incident analysis are supported only on Windows and Mac.

It's very stable in terms of downtime, although it required updates.

The solution can be easily scaled by adding a security gateway.

The Check Point technical support is excellent.

We used Aventail SonicWALL as a standalone product. We switched because it was expensive in terms of management and maintenance. As we already had Check Point NGFW, it was easy to enable the VPN on the same device.

Enabling the VPN was simple and straightforward with the purchase of an additional license from the OEM. Once we acquired the license, it involved enabling the module on the security gateway. The solution was ready to go live within 10-15 minutes.

The implementation was completed by our in-house team with the assistance of the OEM.

Organizations that already have the Check Point NGFW need to purchase an additional license to have access to the VPN functionality.

We evaluated Pulse and Citrix before choosing this option. 

Traditional VPNs that work on L3 or L4, with a single VPN tunnel, are typically hosted on-premises. As organizations are adopting cloud computing, it makes sense to have a VPN solution hosted on the cloud for better control and security.

We use the solution for our customers. Whenever the users work from home, they connect to the solution and are redirected to their network. It is very simple. They install the client, and the client makes a tunnel to the product. Once they are connected, they can enter into the network.

The policies are easy to use. Once we are connected, the entire infrastructure is safe, irrespective of the device we are using. There is no need to worry about safety. It's a secure tunnel that helps us access the network. It is a very useful feature. We can access the internal resources once we are connected to a VPN. We need not be in the office. The solution performs well.

The product’s architecture is a bit distributed. It should consolidate the architecture to make everything available on a single dashboard.

I have been using the solution for two and a half years.

The tool is stable.

The tool is scalable. We may need to opt for higher boxes. We work with enterprise customers.

The technical support is hardly good. The support team must improve its response time. It should also improve follow-ups through email.

Neutral

I have worked with Sophos and Array Networks. Check Point’s stability is better compared to other tools. I have frequently faced disconnection and other issues with other products.

The initial setup is not easy. We need to be skilled in Check Point to install the solution. The time taken for deployment depends upon the number of boxes we install. If we install one or two boxes, one or two weeks is sufficient.

Our customer needed to install more than 100 boxes in every region. It takes months to deploy the product at that scale. We need a team of 20 people to implement the tool for an enterprise. Once the installation is done, maintenance is easy. The product runs smoothly.

I recommend the solution to every vendor with Check Point as a firewall because it has great stability and security. We can terminate our VPN services to the same box if we're already using Check Point VPN. Overall, I rate the product a nine out of ten.