No more typing reviews! Try our Samantha, our new voice AI agent.
reviewer1777347 - PeerSpot reviewer
System Analyst at IIT Gandhinagar
User
Feb 9, 2022
Easy off-site access, offers increased productivity, and works seamlessly on Windows/Mac
Pros and Cons
  • "Once we install and connect the VPN service, it keeps on running until we disconnect."
  • "Using Check Point Remote Access VPN has increased the overall productivity for users staying outside the campus and working remotely during this Covid-19 period."
  • "The Linux version may have an app (similar to Windows) instead of a shell script."
  • "Sometimes, we have noticed that owing to installation of various antivirus and running of inbuilt firewalls, the connection for VPN sporadically drops and tries to reconnect."

What is our primary use case?

The primary use case of this solution is to connect to our internal network for accessing servers and clusters using Check Point VPN. End-users are, for example, students accessing computer labs and licensed software that can check academic licenses only within the campus network; further, our ERP folks could make good use of the VPN solution by remotely working on the Institute Management System infrastructure and can work efficiently without any hindrance. We also use its capsule app on smartphones to connect further.

How has it helped my organization?

Using Check Point Remote Access VPN has increased the overall productivity for users staying outside the campus and working remotely during this Covid-19 period. Faculty, students, staff, and research fellows as well as a lot of other eligible users have been benefited by securing the VPN license in order to run login remotely and access the project workstations, clusters, run simulations and submit their research work for the final thesis defense. It also allows for publishing in high-impact factor journals.

What is most valuable?

Once we install and connect the VPN service, it keeps on running until we disconnect. Moreover, the best outcome is when the end-users are able to check out software licenses through the tunnel and keep on working remotely from their home without any interruption. 

The VPN service works seamlessly in Windows and Mac. Only in the case of Linux or Ubuntu have we had to struggle a bit by understanding the SNX Batch file to get installed and run it. Moreover, in Windows and Apple systems the app is running on the system tray whereas in Linux we have to keep the Terminal Window Open.

What needs improvement?

The Linux version may have an app (similar to Windows) instead of a shell script. We have seen that in Windows and Apple systems the app is running on the system tray whereas in Linux we have to keep the Linux Terminal Window open otherwise the connection drops. Sometimes, we have noticed that the owing to installation of various antivirus and running of inbuilt firewalls (applicable to all operating systems); the connection for VPN sporadically drops and tries to reconnect. When this happens, we have to manually either disable the firewall/antivirus or reconnect the VPN again.

Buyer's Guide
Check Point Remote Access VPN
July 2026
Learn what your peers think about Check Point Remote Access VPN. Get advice and tips from experienced pros sharing their opinions. Updated: July 2026.
904,680 professionals have used our research since 2012.

For how long have I used the solution?

We've used the solution since 2015 or 2016.

Which solution did I use previously and why did I switch?

We were using Cyberoam.

What's my experience with pricing, setup cost, and licensing?

Users must pursue Proof of Concept as the functional requirements can vary.

Which other solutions did I evaluate?

We also looked into Palo Alto and Fortinet.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Cyber Security Manager at H2O Power Limited Partnership
Real User
Nov 23, 2021
Scalable with a unified platform and good integration
Pros and Cons
  • "The solution has been solid for me for over five years."
  • "The unified platform view is great."
  • "The ability to allow split-tunneling while still following our corporate policy needs to be on the table."

What is our primary use case?

In our environment, we have many users working remotely. It's important to control the flow of traffic coming and going to these remote employees, and isolate traffic when used for business purposes. We have to allow our remote users to access services from home as though they were in the office. However, at the same time, we need to control that traffic and make sure it conforms to our policy. Our environment is complex and requires advanced policies to look at traffic in very unique ways from different users. Check Point's policy management has allowed us to do that.

How has it helped my organization?

At the beginning of the pandemic, everyone rushed to get their employees working from home. Luckily for us, we already had a strong structure around how remote access would work and had it set up for many employees. 

With the groundwork in place, the transition to remote work was made easy by simply adjusting the policy (configuration). In part, this is because we were already prepared for a remote workforce, and that preparation came from within our organization, however, if it weren't for Check Point enabling us to adjust rapidly, then it would not have been an easy transition.

What is most valuable?

The unified platform view is great. Being able to manage NGFW alongside our Remote Access Policies allows us to control traffic in one way. Be it if our users are at home or in the office the same policy applies to them allowing us to have one corporate view on the traffic within our organization.

Being able to integrate the policy with things like Active Directory groups, Azure cloud objects, RADIUS integration, and load balancing capabilities is wonderful. All of these things are built into their NGFW policy which we leverage to implement on our Remote Access policy.

What needs improvement?

The ability to allow split-tunneling while still following our corporate policy needs to be on the table. Right now, in order to allow the same policy to apply, the users' traffic must be routed up to our NGFW before going out to the internet. Having a method to apply the same policy to the client for outbound traffic while connected to the VPN would be huge.

Some things like the compliance aspect of the VPN Client can be updated to bring it a little more modern. It's very useful for checking things like Windows Updates levels before connecting, however, it could use a facelift since it's still quite old-looking.

For how long have I used the solution?

I've been managing Check Point's Remote Access VPN for five years at my current employment, and had used it before at a previous employer.

What do I think about the stability of the solution?

The solution has been solid for me for over five years.

What do I think about the scalability of the solution?

I get the impression this could scale up to whatever you need. Scaling issues might only be moving to clustered resources and setting up load balancing on gateways. Once you get big enough you should be able to scale up to your needs.

How are customer service and support?

Support has been great 98% of the time. There's always one bad experience, yet, overall I wouldn't rate them based on that. If they need to get their experts online to help solve a problem, they have plenty and are willing to work through really deep subjects. I never worry with their support.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

At our organization, we did not use another solution before this. That said, I have used other products in the past. It's been many years, so I'm sure those other vendors have had time to update their products too, however, since I've been managing Remote Access with Check Point, I've always been really impressed.

How was the initial setup?

Setting up the VPN Clients is simple once you've already got the gateway in place. If you have to setup the Gateway, it will take a bit of knowledge and expertise.

What about the implementation team?

Our in-house team set it up. That said, I have been working with network devices for a long time.

What was our ROI?

ROI on the VPN User license itself returns within a couple of months of you using it. However, if you have to make the investment into buying gateways for the product, then the ROI could be one year (if your whole organization is working from home), or up to three years if you barely use it.

What's my experience with pricing, setup cost, and licensing?

You need to be an NGFW customer already. Otherwise, you'll need to purchase the gateways in order to terminate the VPN. That much should be obvious to anyone. Once you have the gateway in place, there is a VPN User license you need to purchase, however, it is very minimal in cost compared to other infrastructure.

Which other solutions did I evaluate?

We inherited the Check Point when we took over. Then, when the topic of remote access came up, it made sense to use what we had and just buy additional licensing rather than buy a whole new product.

What other advice do I have?

Check Point products are typically not cheap, however, I've found it's often due to the fact that you can do a lot with it. 

I recommend Check Point products to anyone who is going to have the time and expertise to administer them. You're going to be able to do what you want to do, engineer a design that works for you. If you want to just plug it in and forget about it, then this might not be the product for you. That said, for those who do just want to plug something in and forget about it, I warn you to be cautious. When it comes to Remote Access, you don't want to ignore this. You want to be looking at it and you want to monitor it, otherwise attackers will take advantage of that weakness. This is where Check Point allows you to monitor the edge, while granularly controlling it.

Which deployment model are you using for this solution?

Private Cloud
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Buyer's Guide
Check Point Remote Access VPN
July 2026
Learn what your peers think about Check Point Remote Access VPN. Get advice and tips from experienced pros sharing their opinions. Updated: July 2026.
904,680 professionals have used our research since 2012.
Voice and data infrastructure specialist at a tech services company with 1,001-5,000 employees
User
Oct 10, 2021
Creates a dynamic network with great mobility and excellent stability
Pros and Cons
  • "The IPSec VPN, Mobile Access, and Identity Awareness are three of the blades with which we have been working with since the pandemic. This has given us great mobility, making our network more dynamic."
  • "Today we have more than 6000 users working from home thanks to Check Point."
  • "The authentication that we handle is through a .p12 certificate, however, we have integrated it with a 2MFA service through another provider. Something that could improve Check Point is if it had its own 2MFA service through a blade or some sort of application."

What is our primary use case?

We have always worked within the office. However, the COVID pandemic changed the course of our work in terms of where we had to implement new solutions so that we could all work from home. That was when I encountered Check Point; we had years with this solution in the facilities, yet, only during the pandemic did we have to innovate for a home environment. Today we have more than 6000 users working from home thanks to Check Point. This is possible due to the fact that, with a certificate and the client for this connection, every person can connect to our environment as if they were at the office.

How has it helped my organization?

We still have many areas of opportunity in which we must work, however, this has required us to improve our infrastructure in order to accommodate remote work. Since the beginning of the pandemic, we have had this solution and we have had many challenges since there are more than 6000 people who work from home. For security, we have an expiration time of the .p12 certificates and that requires updating passwords. Today, we are integrating this solution with a 2MFA system to give much more security to corporate.

What is most valuable?

The IPSec VPN, Mobile Access, and Identity Awareness are three of the blades with which we have been working with since the pandemic. This has given us great mobility, making our network more dynamic for connection to corporate due to the integration we have of Check Point via our AC or LDAP. 

We are creating rules by user and not by IP (which could be done both ways). We stick more to mobility inside and outside the corporate environment. Since then, corporate has been increasing security and keeping our workers happier.

What needs improvement?

The authentication that we handle is through a .p12 certificate, however, we have integrated it with a 2MFA service through another provider. Something that could improve Check Point is if it had its own 2MFA service through a blade or some sort of application. We'd be able to give a better experience to companies that already have a contract or Check Point services that deal with a work-from-home environment, giving greater scope and coverage from a single centralized dashboard.

For how long have I used the solution?

I've used the solution for more than two years

What do I think about the stability of the solution?

The stability is the best.

What do I think about the scalability of the solution?

The scalability is great.

How are customer service and support?

 We have witnessed a fast response from the support team.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We did not use a different solution.

How was the initial setup?

The initial setup was not overly complex.

What about the implementation team?

We handled the installation in-house.

What was our ROI?

We've witnessed a 40% ROI.

What's my experience with pricing, setup cost, and licensing?

The price is a little high, however, the solution is something that we recommend often.

Which other solutions did I evaluate?

We did evaluate other options.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
it_user1670154 - PeerSpot reviewer
Firewall Engineer at a logistics company with 1,001-5,000 employees
User
Oct 4, 2021
Great MEP functionality, perfect for remote users, and has an easy basic setup
Pros and Cons
  • "For a basic setup, implementation is quite easy."
  • "Once set up, it simply works without issues."
  • "The non-standard setup is quite complex as you have to do changes via GUI and CLI."

What is our primary use case?

We are hosting environments for our customers and ourselves. With Check Point Client, VPN users that aren't in their internal networks can connect via a secure connection into the internal network.

Remote users use different clients (Windows, Linux, and Mac OS) so depending on the customer, there is either a client connection or a clientless approach (using a web portal).

Users can also be identified if they use the Client VPN solution. If you want to identify them inside the network you have to use an IA agent.

Once set up, it simply works without issues.

How has it helped my organization?

The main advantage is that if you already have a Check Point Gateway in place you don't have to buy additional hardware. You only need to check if there are enough resources on the gateway for the additional load and decide how many concurrent users you need.

The installation was fairly straightforward thanks to the Admin Guide and the User Center.

Adding a Radius or similar to use for the user authentication can also easily be done so you don't have to create local users. Depending on the size of the user base I would also recommend MFA.

What is most valuable?

A normal Check Point Gateway has, with the base license, 5 concurrent users included. This means that in emergency situations you don't have to buy additional licenses.

During Covid, the license was increased and therefore it was easily possible to have several users working from home.

It's possible to either have a client installed on the user's machine, or have a clientless approach using the web portal. 

There is MEP functionality, so, based on the user's location, it minimizes the latency by connecting to the nearest entry point. 

What needs improvement?

The non-standard setup is quite complex as you have to do changes via GUI and CLI. Luckily, Check Point knowledgebase articles help you, however, there are so many resources you have to go through.

The Client VPN licenses are for concurrent users and there is currently no way to prioritize certain users over others.

There is no possibility to increase the number of concurrent users for a short time (except if you have unlimited concurrent users licensed). This could help during emergency situations where there are more client VPN users than anticipated.

For how long have I used the solution?

I've used the product for over 7 years.

How was the initial setup?

For a basic setup, implementation is quite easy.

Disclosure: My company has a business relationship with this vendor other than being a customer. We're a check point partner and also host and administrate our customers environments.
PeerSpot user
PeerSpot user
Associate Consult at Atos
Vendor
Sep 21, 2021
Highly stable, very stable, and offers good technical support
Pros and Cons
  • "To maintain the authorization of the connected user, Check Point provides multi-factor authentication for an RA VPN client to make sure legitimate users have access to resources."
  • "Remote Access VPN is one of those essential items for every organization in order to maintain seamless and highly secured connectivity between the end-user and the organization's local area network to access resources - including Jump server Databases, et cetera."
  • "Some configurations, like idle timeout (the requirement came from multiple users), are not possible to configure directly from the Check Point management server."
  • "Check Point RA VPN requires companies to take separate licenses initially so that only 5 connected users licenses are given as subscriptions."

What is our primary use case?

Remote Access VPN is one of those essential items for every organization in order to maintain seamless and highly secured connectivity between the end-user and the organization's local area network to access resources - including Jump server Databases, et cetera.

No matter from which device or from which location users are accessing an organization's local resources, with the help of the Check Point VPN client they can make sure they have connected securely.

Check Point offers a best-in-class encryption algorithm to ensure confidentiality and maintain integrity between the end-user and the Gateway. 

How has it helped my organization?

In disaster situations like Covid-19, most users were working from home or in remote locations. In such cases, Check Point Remote Access VPN provides feasibility to everyone to work from home and access an organization's resources remotely.

With a client-less configuration known as SSL VPN users can directly access resources via a browser-like database, share folders, et cetera.

To maintain the authorization of the connected user, Check Point provides multi-factor authentication for an RA VPN client to make sure legitimate users have access to resources.

What is most valuable?

  • Secure connectivity: Guaranteed authentication, confidentiality, and data integrity for every connection and user.
  • Straightforward Configuration: Easy to enable blades and define policies.
  • Authentication: SAML authentication makes sure the user is legitimate.
  • Compliance check: It scans the endpoint machine to detect suspicious/malicious content before connecting to an office network.
  • MEP: Multi entry points to make sure there's availability to the LAN network even if the primary gateway goes down.
  • A single client can work as sandblast agent.

What needs improvement?

Check Point RA VPN requires companies to take separate licenses initially so that only 5 connected users licenses are given as subscriptions. Most other competitors, like Palo Alto, provide 1000 connected user licenses for free.

Some configurations, like idle timeout (the requirement came from multiple users), are not possible to configure directly from the Check Point management server. We have to make changes in the local directory of the respective devices.

For how long have I used the solution?

I've used the solution for more than three years.

What do I think about the stability of the solution?

The solution is highly stable.

What do I think about the scalability of the solution?

Check Point has an Unlimited License Package for the RA VPN and therefore we can scale it easily.

How are customer service and technical support?

Customer service has a dedicated team that handles RA VPN cases which ultimately leads to an early resolution.

Which solution did I use previously and why did I switch?

Migration has taken place such as from Cisco to Check Point and Sophos to Check Point. During that phase, the customer needed to change the VPN client as well.

Browser-based functionality is one of the best things that Check Point provides.

How was the initial setup?

The initial setup is straightforward during the initial configuration.

What's my experience with pricing, setup cost, and licensing?

The setup is very straightforward but subscription-based. It isn't cost-effective.

Which other solutions did I evaluate?

We did look at Cisco Anyconnect and Palo Alto Global Protect.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
reviewer1600518 - PeerSpot reviewer
Global IT Network and Security Service Senior Specialist at a manufacturing company with 1,001-5,000 employees
Real User
Jul 5, 2021
Reasonably priced and scalable but you need to use the CLI for a lot of configurations
Pros and Cons
  • "I found the MEP feature the most valuable. This has improved users' latency allowing the users to connect to the nearest Azure Check Point VM."
  • "The Check Point solution offered us an unlimited number of users and that made the solution very scalable."
  • "You have no ability to reserve a total number of licenses. The VPN user licenses are assigned per gateway, and if you enable MEP function is not so easy to size the gateway licenses."
  • "The solution isn't really stable."

What is our primary use case?

We've used Check Point VPN to move from an on-premise VPN Cisco product to a VPN built on the cloud. We decided to use Check Point as it was fully integrated with Microsoft Azure and present on the Azure marketplace. We deployed this solution on different subscriptions and used the MEP function to reduce users' latency on the VPN. The implementation has not been very easy, and the implementation of MEP has taken months. There were a lot of hotfixes to install, and the CLI configuration on the files had to be done. The configuration, in fact, can't be implemented using a GUI.

How has it helped my organization?

The solution has allowed us to remove the on-premise VPN solution and to remove firewalls from the data center. The solution implemented on the cloud allows us to easily scale in cases of increased users - such as during the pandemic, where all users had been moved to Smart working and to a VPN. In fact, in February of 2020, when we closed all of our offices and gave all users the possibility to work from home, we had licenses and CPU problems on-prem. The Check Point solution offered us an unlimited number of users and that made the solution very scalable.

What is most valuable?

I found the MEP feature the most valuable. This has improved users' latency allowing the users to connect to the nearest Azure Check Point VM. 

The Multiple Entry Point (MEP) is a feature that provides high availability and load sharing solution for VPN connections. A security gateway on which the VPN module is installed provides a single point of entry to the internal network. It is the security gateway that makes the internal network "available" to remote machines. If a security gateway should become unavailable, the internal network is no longer available as well. An MEP environment has two or more security gateways to both protect and enable access to the same VPN domain, providing peer security gateways with uninterrupted access.

What needs improvement?

The main problem with Check Point is that some configuration can be done with the smart console in GUI, however, some others need to connect to the firewall via the CLI on SSH and therefore you will need to modify the local file on the firewall with VI. 

ASA is so easy to reserve some static IPs based on users, however, in Check Point, it is really difficult to do so. In addition, you can't reserve as static some IP that you are assigned dynamically to a local pool. 

You have no ability to reserve a total number of licenses. The VPN user licenses are assigned per gateway, and if you enable the MEP function is not so easy to size the gateway licenses. 

The configurations that you do to modify local files are not reflected in the GUI via the smart console. 

For how long have I used the solution?

We have been using this solution since 2020.

What do I think about the stability of the solution?

The solution isn't really stable. Maybe the last versions of R80.40 and R81 were more stable, however, the upgrade (if you have another old version) is really difficult and you have to rebuild the solution (if you are on Azure cloud).

What do I think about the scalability of the solution?

The solution is really scalable. You have to know that if you want to scale the solution you will have to configure and rebuild an SMS server with high CPU/memory resources, however.

How are customer service and technical support?

Unluckily the experience with support, especially in India, is really poor. It's best if you open a case using the Israeli team as that one is better.

Which solution did I use previously and why did I switch?

Yes, we were using CIsco ASA on-premises. We switched because we were moving our data center infrastructure onto the cloud.

How was the initial setup?

At first, the implementation was not easy to set up. We found many bugs and we had to install different hotfixes and upgrade the version more than one time.

What about the implementation team?

We implemented the solution via a hybrid approach. Check Point professional service is really good, however, our third-party implementation team was not very good.

What was our ROI?

At the moment, we have not reached the ROI point.

What's my experience with pricing, setup cost, and licensing?

I'd advise users to pay attention to the sizing of the solution. There is not an intermediate number of licenses. It's very easy to go to unlimited users licenses.

Which other solutions did I evaluate?

We have gone with the Check Point solution due to its cheap price. Other options we considered were Palo Alto with Global Protect, Zscaler with ZPA, and Cisco Firepower implemented on Cloud.

What other advice do I have?

I suggest that if you want to implement this Check Point solution you should have good knowledge of the system as well as a system integrator or direct contacts in Check Point. In case of any issue, the support is poor and it's not easy to solve issues using technical support. 

Which deployment model are you using for this solution?

Private Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
it_user1602519 - PeerSpot reviewer
Senior Vice President, Technology for the Americas at Engel & Völkers Development GmbH
Real User
Jun 29, 2021
Great scalability, good technical support, and integrates extremely well with the Check Point firewall
Pros and Cons
  • "The biggest advantage of Check Point Remote Access VPN is that we already use the Check Point firewall. We only needed to enable the feature and do the configuration in order to enable the VPN feature. We didn't need to buy or manage new hardware."
  • "The headache of connecting has been removed."
  • "For Linux machines, they don't have a full client to install. For the users that utilize Linux, there needs to be an equivalent."

What is our primary use case?

We use Check Point Remote Access VPN to provide access to employees, vendors, and advisors. They access the company resources - especially now that most people are working from home over the course of the last year. We also use it for specific companies that give us remote support to some applications, such as our parent company. Our admins access our company servers and resources. We're using Remote Access VPN with specific profiles for them that only give access to some resources.

We have three distinct environments. Server, DMZ, and User/SHOP. The firewall connects to the internet and those firewalls are the ones that the people connect to for the Remote VPN. We have the Blade enabled and they access the company resources as if they were working at the office.

How has it helped my organization?

The headache of connecting has been removed. It's very stable and we don't have any issues with it connecting. We have a large majority of people that were using nothing and always coming to the office. However, since the last year, we have a whopping 75% of users that have switched to using Check Point Remote Access VPN. The biggest advantage of Check Point Remote Access VPN is that we already use the Check Point firewall. We only needed to enable the feature and do the configuration in order to enable the VPN feature. We didn't need to buy or manage new hardware. This was a big advantage.

What is most valuable?

The biggest advantage of Check Point Remote Access VPN is that we already use the Check Point firewall. We only needed to enable the feature and do the configuration in order to enable the VPN feature. We didn't need to buy or manage new hardware. This was a big advantage. 

The integration with two-factor authentication for remote access users is another valuable feature. In our case we use RSA.

Those two are the most valuable aspects that we have on the solution. It also gives us the possibility to securely connect to the company resources, without Check Point security measures.

Another great thing is that we already have all the logs from the firewall on the SmartPortal as the remote VPN also integrates into the firewall. We can see all the logs on the same tool because we also have a fully secure solution for Remote Access VPN. For full operational security, we need to manage the different hardware from the firewalls and the logs that are not in the same place. This is another valuable aspect of this solution.

Having access to those logs affects our security operations because if a user calls the support but does not have access to the VPN, we can see on the same tool on the SmartPortal and troublshoot. 

What needs improvement?

We don't have any specific complaints. We are very happy with the Windows client. You log in with the VPN for the full client, you do the log in right from the software itself. For Linux machines, they don't have a full client to install. For the users that utilize Linux, there needs to be an equivalent. The documentation of the software needs to be more accessible. If an end-user wants to have access to customized training from the company, that should be able to be built-in. I would add that feature. 

For how long have I used the solution?

I've been using the solution for around 1.5 years.

What do I think about the stability of the solution?

The stability is good. It's a never-fail.

What do I think about the scalability of the solution?

The scalability is great. We deploy to 5000+ users.

How are customer service and technical support?

It's second to none but we haven't needed it a lot. 

Which solution did I use previously and why did I switch?

We used to use Fortinet. We switched because it was hard to deploy. 

How was the initial setup?

Just pull the trigger on a 3rd party. Not complex at all. 

What about the implementation team?

We used both a vendor and in-house talent. 

What was our ROI?

The ROI was instant and around 54%.

What's my experience with pricing, setup cost, and licensing?

Go with a third party and get it set up correctly. It may be costly but it's worth it. 

Which other solutions did I evaluate?

We didn't evaluate anything else. I knew a vendor and had used the software before. 

What other advice do I have?

Get this software installed as soon as possible. It's a smart move. 

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Chief Information Security Officer at Abcl
Real User
Top 10
Jun 6, 2021
Supports multifactor authentication and clientless login, but the GUI should be more user-friendly
Pros and Cons
  • "Organizations that already use the Check Point NGFW Solution do not require any additional hardware, which makes the implementation straightforward and reduces the time to go live."
  • "This solution has improved our organization by providing access to corporate resources in a secure fashion."
  • "The fully-featured security module is only supported on Windows and Mac systems, which means that organizations with Linux will face issues providing secure access."

What is our primary use case?

We use Check Point Remote Access VPN to provide access to our corporate network and resources to remote users in a secure way. Users have access that is limited or defined by the server.

Access is granted for identified devices post-posture validation. 

Access should be provided via VPN using multifactor authentication other than username/credentials. Users are able to connect from anywhere at anytime using both mechanisms (i.e. User VPN client or browser). 

This solution mitigates or minimizes data leakage issues.

It is stable and scalable and requires minimal management and access provisioning.

How has it helped my organization?

This solution has improved our organization by providing access to corporate resources in a secure fashion. It uses complete end-to-end encryption from the end-user machine to the VPN device.

Access policies are created on the firewall for restricting access to resources and applications based on the user profile/policy.

Our security gateway is integrated with Active Directory and access to resources/applications is provided based on the security group created in Active directory.

This product has inbuild/native integration with MFA solutions.  

It does not require any additional hardware in cases where the organization already has the Check Point NGFW. The mobile access blade and remote access VPN can be enabled on the same security gateway. Check Point provides a common dashboard and management console used in conjunction with the NGFW.

Multiple access can be provided using multiple realms, based on the user ID or security group, and access can be provided accordingly. Each realm will have a pool of IP addresses for which access will be provisioned on the firewall.

What is most valuable?

Organizations that already use the Check Point NGFW Solution do not require any additional hardware, which makes the implementation straightforward and reduces the time to go live. The only requirement is to purchase an additional license from Check Point, and then enable the mobile access blade. After this, the solution is ready to roll out and provide access based on the configured policy. 

Access is restricted based on user ID, security group, and device type. 

Access is provisioned post-posture policy validation and it offers protection against users connecting to the corporate network from non-corporate devices, which minimizes data leakage possibilities. 

Access is available from browsers or VPN clients using MFA. This is helpful in cases where the machine does not have the client installed or the client is corrupted.

We are able to restrict access based on geo-location and device type. Devices can be Android, iOS, Windows, or Linux.

It provides threat prevention capabilities while uses connect via VPN for Windows devices.

What needs improvement?

Access is provisioned based on a single L3 tunnel being established between the endpoint and the VPN device. If an attacker gains access to this session then all of the tunnel traffic is compromised. It needs to move to next-generation style access, provisioning such as per-app VPN.

The GUI interface for configuring the SSL VPN is not user-friendly and requires expertise. 

Devices are exposed over the internet and it can lead to a security threat.

When a critical patch needs to be applied to the VPN, downtime is required for the entire NGFW. This can impact the business when it has a single security gateway.

This product cannot manage sudden user growth, as each security gateway has limitations in terms of performance and throughput.

The fully-featured security module is only supported on Windows and Mac systems, which means that organizations with Linux will face issues providing secure access. Specifically, modules such as Threat prevention, Access control, and Incident analysis are supported only on Windows and Mac.

What do I think about the stability of the solution?

It's very stable in terms of downtime, although it required updates.

What do I think about the scalability of the solution?

The solution can be easily scaled by adding a security gateway.

How are customer service and technical support?

The Check Point technical support is excellent.

Which solution did I use previously and why did I switch?

We used Aventail SonicWALL as a standalone product. We switched because it was expensive in terms of management and maintenance. As we already had Check Point NGFW, it was easy to enable the VPN on the same device.

How was the initial setup?

Enabling the VPN was simple and straightforward with the purchase of an additional license from the OEM. Once we acquired the license, it involved enabling the module on the security gateway. The solution was ready to go live within 10-15 minutes.

What about the implementation team?

The implementation was completed by our in-house team with the assistance of the OEM.

What's my experience with pricing, setup cost, and licensing?

Organizations that already have the Check Point NGFW need to purchase an additional license to have access to the VPN functionality.

Which other solutions did I evaluate?

We evaluated Pulse and Citrix before choosing this option. 

What other advice do I have?

Traditional VPNs that work on L3 or L4, with a single VPN tunnel, are typically hosted on-premises. As organizations are adopting cloud computing, it makes sense to have a VPN solution hosted on the cloud for better control and security.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Network security engineer at Fidelity Bank
Real User
Jun 4, 2021
Stable with good technical support and a straightforward setup
Pros and Cons
  • "Technical support has been excellent."
  • "Our VPN connects over 1,200 people with no issues."
  • "They need to increase their timeout. Right now, it will fail after ten seconds, however, it shouldn't fail until after 20. If you don't get on your phone right away and check on your authentications, it will kick you out."
  • "We tried using their authenticator at first, but that is not good."

What is our primary use case?

We primarily use this solution for our clients. Use cases vary, and they include VPN connectivity. It can be used as a provisional firewall and you can allow for a provisional access list, or grant permission to access or for servers or users trying to connect to the server. 

What is most valuable?

The VPN, the end-user client VPN, is excellent. 

The firewall experience that we have had has been good. It's secure. We've enjoyed it so far.

The initial setup is very easy. It's pretty straightforward. 

The solution is very stable.

Technical support has been excellent.

What needs improvement?

With this particular client VPN, there needs to be a feature that can glance at your credentials, of being able to look at credentials. You might hang for a bit or the execution might fail. It would be useful to see your credentials before you connect to take note to see if you are likely to have trouble connecting. They need to increase their timeout. Right now, it will fail after ten seconds, however, it shouldn't fail until after 20. If you don't get on your phone right away and check on your authentications, it will kick you out. They need to give a bit more time.

For how long have I used the solution?

I've used the solution within the last 12 months. I've used it for a while. 

What do I think about the stability of the solution?

The stability has been quite good. It's very reliable. It connects. Our VPN connects over 1,200 people with no issues. There are no bugs or glitches. It doesn't crash or freeze.

What do I think about the scalability of the solution?

I can't speak to the scalability aspect. We don't have a need to scale. We have about 1,200 users and that's all we need. Therefore, I've never tried to scale it previously.

How are customer service and technical support?

I've worked with technical support in the past. I was surprised at how responsive they are, actually. They are very helpful and ready to assist us. They're knowledgeable. We're happy with the level of support they give to us. 

We also have a vendor right here in Nigeria, which is quite helpful.

How was the initial setup?

We did not find the initial setup to be overly difficult or complex. It's pretty straightforward. A company shouldn't run into problems with the initial setup.

What's my experience with pricing, setup cost, and licensing?

You do have to pay a licensing fee, however, there aren't add-ons or additional costs that you would need to consider.

What other advice do I have?

We are customers and end-users. We don't have a business relationship with the company.

I'd advise new users that, when it comes to deploying with an authentication provider, I would advise that you use a Microsoft authenticator. We tried using their authenticator at first, but that is not good. That did not work.

I'd rate the solution at an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
PeerSpot user
Network Engineer at LTTS
Real User
Top 20
Sep 17, 2020
Multi-factor authentication helps to securely provide access to company resources while working offsite
Pros and Cons
  • "The most valuable feature is the seamless access."
  • "Its complete ROI, as expected."
  • "We would like to see support for a layer seven VPN over UDP.-- currently some VPN solution are working on Layer 7 Platform."

What is our primary use case?

The primary use case is to allow our employees to connect to the firewall on-premises, then they can access our office resources. This includes their respective computer, the intranet, shared files, and local applications, even if they are outside of the organization's network.

Our production will be locked down if my VPN stops working, leaving the company unable to work. As such, this is a crucial service for us and resources need to be available for each of our users when working remotely.

How has it helped my organization?

Prior to using Check Point Endpoint Remote Access VPN, our previous solution required installing certificates on every user's machine, which was a very difficult task.

Our old solution did not offer two-factor authentication, which we now have implemented. This helps secure against ongoing cyber theft and threats.

What is most valuable?

The most valuable feature is the seamless access. Using this, we control access to our on-premises resources, and our users who are working from outside are easily able to access their office area computers, file servers, and intranet applications.

This product allows us to provide WAN access for our users, whereas prior to this, we could not make the whole intranet available.

Multifactor authentication is very helpful for us.

What needs improvement?

We would like to see support for a layer seven VPN over UDP.-- currently some VPN solution are working on Layer 7 Platform.

The updates under Windows 10 are not always up to date, and we have trouble upgrading remote clients. We have also had trouble deploying new clients.-- The Check Point Remote VPN new client is giving trouble us during upgradation with older version of Windows 10

For how long have I used the solution?

We have been using the Check Point Endpoint Remote Access VPN for the past four years.

What do I think about the stability of the solution?

We have had no problems with stability and it is working smoothly.

What do I think about the scalability of the solution?

Scalability is good. We have more than 500 users who are working on it.

How are customer service and technical support?

The technical support is good.

Which solution did I use previously and why did I switch?

Earlier, we had a traditional VPN, which did not help in running our business seamlessly. 

How was the initial setup?

The initial setup is straightforward.

What about the implementation team?

A vendor team assisted us with implementation and deployment.

What was our ROI?

Its complete ROI, as expected. 

What's my experience with pricing, setup cost, and licensing?

This is a very good solution for our employees who work outside of our organization.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Buyer's Guide
Download our free Check Point Remote Access VPN Report and get advice and tips from experienced pros sharing their opinions.
Updated: July 2026
Buyer's Guide
Download our free Check Point Remote Access VPN Report and get advice and tips from experienced pros sharing their opinions.