What is our primary use case?
We have physical Smart-1 appliances and virtual appliances in our environment. We merged all of the old managers into these managers and managed to centralize the management of firewalls and see the logs altogether.
We are using management API to apply large configs, clear rules, block malicious IP addresses with SAM rules, and migrate the VLANs with it.
We deployed a management HA to provide rulebase synchronization to our DRC firewall segments. We also distributed logs to different Smart-1 appliances to gain performance.
How has it helped my organization?
First of all, centralized management is great. With this, we are managing all of Check Point products from one central management. Applying rules, nats and managing app&URL Policies, threat prevention, and IPS protection rules.
Secondly, centralized log and report management. We can distribute logs to our log appliances with centralized management and view logs without logging additional devices.
HA Structure provides good coverage and works fine. With HA structure, we can manage two data centers as one, and this is helping much.
We can keep old revisions, and with that, we can check or revert to one when needed.
What is most valuable?
It's useful that we can find unused objects. This helps us to get rid of unused objects in our database,
Proxy support is valuable for us. We can apply centralized proxy settings to get additional databases when we need them.
Revision history and detailed audit log is a good feature with this we can always feeling safe if somethings go wrong, I'm sure that I can go back the old one.
Smart Event is a very good feature. It provides a graphical view of the traffics and provides history.
The filter syntax is very good and helps control when we need it.
What needs improvement?
I am happy with Check Point Security Management. However:
1- In order to work management console, you need some good appliance or you need to provide more CPU and Memory to the appliance.
2-If you overload your appliance with detailed log, you need additional appliances. For big companies even smart 5150 kinda devices is not enough.
3-I normally had trouble updating licenses automatically. We always need to add manually and this is tiresome.
5- API seems to be fine but need some improvements and Check Point should provide scripts to its customers for tiresome jobs.
For how long have I used the solution?
I've been using Check Point Security Management for about five years.
What do I think about the stability of the solution?
Most of the time, it works well. However, if you overload appliances with old policy revisions, objects and rules, install times will vary. You will have a slow GUI interface and have trouble viewing logs.
What do I think about the scalability of the solution?
For virtual appliances, you have the option to increase your disk, CPU, and memory for your needs. This will provide a very good opportunity to improve the performance of the Security Management.
How are customer service and support?
Most of the time, technical support is good. We can easily open a case, and they can assign an engineer quickly. However, you will have problems if something is very odd. You may need to connect with R&D to address the issue and get a custom fix.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
For Check Point, I did not use something different. However, for Palo Alto firewalls, I am using Panorama, and it's also doing its job very well.
What about the implementation team?
We have a professional service provider that we work together with to apply changes to Check Point appliances. Also, Check Point's knowledge base is very vast and provides lots of information if you need some help. The community is very helpful as well.
What's my experience with pricing, setup cost, and licensing?
You should analyze your needs and purchase regarding to that analysis. Most of the time, you want to use only some features. Don't pay too much.
Which other solutions did I evaluate?
For Check Point firewalls you don't have any alternative.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.