Try our new research platform with insights from 80,000+ expert users
reviewer06814135 - PeerSpot reviewer
System Engineer at Willson International Limited
User
Top 20
Great DDoS protection, high availability, and useful firewall rule implementation
Pros and Cons
  • "The firewall cleverly handles such attacks without compromising on performance."
  • "We'd like to see more and more integration possibilities between Checkpoint and other vendor security solutions such as Malwarebytes, SIEM solution providers, and standalone vulnerability scanners."

What is our primary use case?

We use the product as a primary gateway firewall for all offices at different locations. 

We have deployed their high-end firewall UTMs to medium business grade devices 1400 series. They are easy to manage either centrally or as separate devices. We are using them for Network security including firewall rules, NATTing, Web application access, IPSec VPN tunneling between offices and cloud services, user VPN clients for access from home, data encryption, anti-malware/anti-virus solutions, and as network gateway devices for routing and DNS.

How has it helped my organization?

We have seen tremendous improvement in the overall security of the organization's IT assets. We performed Pen Tests and External vulnerability audits on our network and we always scored top-rated thanks to Check Point. 

Their management portal and firmware are very stable and don't require frequent maintenance. Their IPSec tunneling is very stable, especially with Azure and AWS networks. 

Access to detailed network logs in real time helps us decide and take prompt action to block/fix threats. 

What is most valuable?

The most valuable aspects of the solution include:

  • IPSec VPN Tunneling: they are easy to configure and offer multiple options to set them up with Cloud services and other vendor firewall products over certificates, shared keys etc.
  • DDoS Protection: Firewall cleverly handles such attacks without compromising on performance.
  • HA and Clustering: Seamless load management and High Availability between nodes of firewall clusters.
  • Firewall Rules: You have access to set up rules at a very granular level and all are accessible through the GUI platform as well as over CMDLET.

What needs improvement?

We didn't find any major feature missing or lacking in Check Point products that we used. We'd just like them to continue to improve their products with new features and updates. 

We'd like to see more and more integration possibilities between Checkpoint and other vendor security solutions such as Malwarebytes, SIEM solution providers, and standalone vulnerability scanners.

The Check Point SandBlast platform could also be merged with the Check Point GAIA platform for a central management console and easier controls.

Buyer's Guide
Check Point Security Management
June 2025
Learn what your peers think about Check Point Security Management. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
856,873 professionals have used our research since 2012.

For how long have I used the solution?

I've used the solution for more than ten years.

What do I think about the stability of the solution?

The solution is very stable compared to peers.

What do I think about the scalability of the solution?

The solution is highly scalable.

How are customer service and support?

Technical support is satisfactory, however, it takes some time to escalate your ticket.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We did use Sophos and Cisco ASA, however, they were either complicated products to manage or lacked features.

How was the initial setup?

The initial setup wasn't difficult after you attended free platform support sessions by Check Point.

What about the implementation team?

We handled the initial setup in-house.

Which other solutions did I evaluate?

We evaluated Sophos, Cisco ASA, SonicWall, and FortiGate.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Ozan Durmus - PeerSpot reviewer
Senior Information Security Specialist at AKBANK TAS
Real User
Top 10
Good documentation and proxy support with a helpful community available for troubleshooting
Pros and Cons
  • "HA Structure provides good coverage and works fine."
  • "In order to work management console, you need some good appliance or you need to provide more CPU and Memory to the appliance."

What is our primary use case?

We have physical Smart-1 appliances and virtual appliances in our environment. We merged all of the old managers into these managers and managed to centralize the management of firewalls and see the logs altogether.

We are using management API to apply large configs, clear rules, block malicious IP addresses with SAM rules, and migrate the VLANs with it.

We deployed a management HA to provide rulebase synchronization to our DRC firewall segments. We also distributed logs to different Smart-1 appliances to gain performance.

How has it helped my organization?

First of all, centralized management is great. With this, we are managing all of Check Point products from one central management. Applying rules, nats and managing app&URL Policies, threat prevention, and IPS protection rules. 

Secondly, centralized log and report management. We can distribute logs to our log appliances with centralized management and view logs without logging additional devices. 

HA Structure provides good coverage and works fine. With HA structure, we can manage two data centers as one, and this is helping much.

We can keep old revisions, and with that, we can check or revert to one when needed.

What is most valuable?

It's useful that we can find unused objects. This helps us to get rid  of unused objects in our database,

Proxy support is valuable for us. We can apply centralized proxy settings to get additional databases when we need them.

Revision history and detailed audit log is a good feature with this we can always feeling safe if somethings go wrong, I'm sure that I can go back the old one.

Smart Event is a very good feature. It provides a graphical view of the traffics and provides history.

The filter syntax is very good and helps control when we need it.

What needs improvement?

I am happy with Check Point Security Management. However:

1- In order to work management console, you need some good appliance or you need to provide more CPU and Memory to the appliance.

2-If you overload your appliance with detailed log, you need additional appliances. For big companies even smart 5150 kinda devices is not enough.

3-I normally had trouble updating licenses automatically. We always need to add manually and this is tiresome.

5- API seems to be fine but need some improvements and Check Point should provide scripts to its customers for tiresome jobs.

For how long have I used the solution?

I've been using Check Point Security Management for about five years.

What do I think about the stability of the solution?

Most of the time, it works well. However, if you overload appliances with old policy revisions, objects and rules, install times will vary. You will have a slow GUI interface and have trouble viewing logs. 

What do I think about the scalability of the solution?

For virtual appliances, you have the option to increase your disk, CPU, and memory for your needs. This will provide a very good opportunity to improve the performance of the Security Management.

How are customer service and support?

Most of the time, technical support is good. We can easily open a case, and they can assign an engineer quickly. However, you will have problems if something is very odd. You may need to connect with R&D to address the issue and get a custom fix.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

For Check Point, I did not use something different. However, for Palo Alto firewalls, I am using Panorama, and it's also doing its job very well.

What about the implementation team?

We have a professional service provider that we work together with to apply changes to Check Point appliances. Also, Check Point's knowledge base is very vast and provides lots of information if you need some help. The community is very helpful as well.

What's my experience with pricing, setup cost, and licensing?

You should analyze your needs and purchase regarding to that analysis. Most of the time, you want to use only some features. Don't pay too much.

Which other solutions did I evaluate?

For Check Point firewalls you don't have any alternative.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Buyer's Guide
Check Point Security Management
June 2025
Learn what your peers think about Check Point Security Management. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
856,873 professionals have used our research since 2012.
SanjeevKumar20 - PeerSpot reviewer
Network Security Engineer at NTT Security
Real User
Top 5
Access to detailed network logs in real time helps us decide and take prompt action to block and fix threats
Pros and Cons
  • "Check Point's management portal and firmware are very stable and don't require frequent maintenance. Their IPSec tunneling is very stable, especially with Azure and AWS networks."
  • "License update and upgrade processes can be made a little easier."

What is our primary use case?

We use the product as a perimeter and core firewall for multiple clients at different locations.

We have physical Smart-1 appliances and virtual appliances in our environment. We merged all of the old managers into these managers and managed to centralize the management of firewalls and see the logs altogether.

We are using management API for large configs, and clear rules, blocking malicious IP addresses with SAM rules, and migrating the VLANs with it.

We have deployed Check Point high-end firewall UTMs to medium business-grade devices with different models. We also have a cloud-based Check Point firewall for one of our clients. It's easy to manage either centrally or as separate devices. We use them for network security including firewall rules, NATTing, Web application access, IPSec VPN tunneling between offices and cloud services, user VPN clients for access from home, data encryption, anti-malware/anti-virus solutions, and as network gateway devices for routing and DNS.

How has it helped my organization?

Check Point's management portal and firmware are very stable and don't require frequent maintenance. Their IPSec tunneling is very stable, especially with Azure and AWS networks.

Access to detailed network logs in real time helps us decide and take prompt action to block and fix threats.

Centralized management is great. With this, we manage all of Check Point products from one central management, we can apply rules, and NATS and manage app and URL Policies, threat prevention, and IPS protection rules.

Secondly, centralized log and report management is important. We can distribute logs to our log appliances with centralized management and view logs without logging additional devices.

HA Structure provides good coverage and works fine. With the HA structure, we can manage two data centers as one, and this is helping much.

We can keep old revisions, and with that, we can check or revert to one when needed.

What is most valuable?

The most valuable aspects of the solution include:

  • IPSec VPN Tunneling, 
  • DDoS Protection
  • HÀ and Clustering, 
  • Firewall Rules, 
  • Proxy support, 
  • Revision history
  • Detailed audit log, 
  • Smart Event
  • Filter syntax.

These features are easy to configure and offer multiple options to set them up with cloud services and other vendor firewall products.

We can always feel secure if some things go wrong, I'm sure that we can restore to the old one.

We can apply centralized proxy settings to get additional databases when we need them.

We can get a graphical view of the traffic and provide history when we need it.

What needs improvement?

We didn't find any major feature missing or lacking in Check Point products that we used. We'd just like them to continue to improve their products with new features and updates.

However, license update and upgrade processes can be made a little easier.

Also, I'd like to see more integration possibilities between Check Point and other vendor security solutions.

The Check Point SandBlast platform could also be merged with the Check Point GAIA platform for a central management console and easier controls.

For how long have I used the solution?

I have been using Check Point for more than 10 years for different clients.

What do I think about the scalability of the solution?

The solution is highly scalable.

How are customer service and support?

Check Point's knowledge base is very vast and provides lots of information if we need some help. The community is very helpful as well.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We have multiple clients and use different technologies, so we work on other vendor products also.

How was the initial setup?

We have a professional service team that we work together for setup-related work to Check Point appliances.

What about the implementation team?

We handle the initial setup in-house.

Which other solutions did I evaluate?

We have multiple clients and use different technologies, so we work on other vendor products also like Cisco ASA, FTD, Palo Alto, FortiGate etc.

What other advice do I have?

Overall I am fully satisfied with Check Point

Which deployment model are you using for this solution?

Hybrid Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Kalpesh Panchal - PeerSpot reviewer
TOC Architect at Infopercept Consulting Limited
Real User
Top 5
Provides multifactor authentication, IPS protection, and threat emulation
Pros and Cons
  • "It's very easy for management to understand workflow and everything."
  • "Check Point Tech Support will not assist with new configurations if we encounter any issues during the configuration process."

What is our primary use case?

We use the solution for VPN with multifactor authentication, IPS protection, and threat emulation. We have deployed the product in the cloud data center.

What is most valuable?

It's very easy for management to understand workflow and everything.

What needs improvement?

Check Point Tech Support will not assist with new configurations if we encounter any issues during the configuration process. They only provide support if there are issues with existing configurations.

For how long have I used the solution?

I have been using Check Point Security Management for four years.

What do I think about the stability of the solution?

The solution is stable.

What do I think about the scalability of the solution?

It is 100% scalable. Behind the firewalls, around 25 web applications are accessed daily. Each application can be accessed by up to one lakh people every day.

How are customer service and support?

Support is good.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

Previously, I worked with FortiGate, and integrating that product with cloud platforms was very difficult. The workflows were overly complex, and the documentation was inadequate.

Check Point is superior to other security vendors. Their signature database, which includes antivirus, IPS, and anti-malware, is highly advanced. The system is easy to understand, and deployment via the web interface is also straightforward.

For example, during the COVID-19 pandemic, a new vulnerability known as Log4j emerged. While many vendors were unaware of this vulnerability, Check Point promptly emailed all its customers to inform them. They reassured customers that their gateways already had predefined prevention signatures to protect against this threat, requiring no additional action. 

How was the initial setup?

The initial setup is straightforward. Fresh deployment and creating the gateways will take approximately three to four hours.

With Fortinet, managing the product through cloud formation can be difficult to implement in a cloud environment because it's not straightforward. First, we need to spin up some VMs and configure everything manually. In contrast, Check Point provides a more seamless cloud formation process. With Check Point, you click on the cloud formation option, and the VMs and necessary configurations are automatically set up. You will get GUI access quickly.

Only two resources are required. One knows Check Point, and another guy knows the cloud platform where they want to deploy the gateway.

What other advice do I have?

The integration process is straightforward. If you have some knowledge of your cloud service provider, you can easily integrate with it.

It has improved over the past four years. Previously, pushing any policy from the management server to the security gateway could take around ten to fifteen minutes. However, this task is now completed in about one minute with the new firmware version. This improvement demonstrates the substantial advancements made in the Management of Check Point products. It continuously updates its products to align with security standards and market awareness. They implement these updates in their own unique way. It is a strong player in the security market and has a long-standing presence. Their solutions are reliable and trusted for real security needs.

Maintenance is very easy.

First, we will thoroughly understand their requirements. Once we understand clearly, we will design tailored solutions for them. Next, we will present these solutions to the customer for review and discussion. Following their approval, we will run POC, collect evidence as required, and submit the comprehensive report.

Overall, I rate the solution a ten out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)
Disclosure: My company has a business relationship with this vendor other than being a customer: Implementer
PeerSpot user
Head, Partner Management - Asia Pacific Middle East and Africa at a tech vendor with 10,001+ employees
MSP
Good support, minimizes threats, and offers complete endpoint security
Pros and Cons
  • "It's a great complete endpoint security solution that prevents the most imminent threats to the endpoint such as ransomware, phishing, or malware."
  • "While the console and administration work well, they have to work on performance since it consumes a lot of CPU and memory."

What is our primary use case?

One of the recent use cases for this solution has been related to a power company, which was facing issues but was able to get its infrastructure secured and get back its business continuity and growth. In addition, its management was able to get back its confidence with solutions or services provided by Check Point.

The client was able to quantify its security elements. As a result, a strong defensive framework was developed. Deployment of Check Point's solution resulted in the evasion of any existing and potential threats.

How has it helped my organization?

Check Point is not just a firewall. They deliver everything including IPS, application control, threat emulation and extraction, identity awareness, and more. In line with the quantum security gateways, other elements and services as provided by Check Point have also proven to be very helpful and reliable in keeping the company environment secured. The organization has also gone a great mile to tag itself as a proactive threat elimination expert in the industry viz a viz its competitors.

What is most valuable?

Harmony Endpoint is one of the great solutions by Check Point; it ensures compliance with policies and minimizes the risk of threats entering through endpoints. 

It's a great complete endpoint security solution that prevents the most imminent threats to the endpoint such as ransomware, phishing, or malware. 

It has proved to be very successful in identifying ransomware behaviors such as file encryption or attempts to compromise operating system backups and safely restore ransomware-encrypted files automatically. 

What needs improvement?

While the console and administration work well, they have to work on performance since it consumes a lot of CPU and memory. There is also latency in the administrative panel when entering. There has been a problem with updating licenses as well. There is ground-level feedback based on interaction with the relevant stakeholders that states implementing it would make a major difference in the overall experience.

For how long have I used the solution?

I've used the solution for two years.

What do I think about the stability of the solution?

The solution has not caused major deviations and the historical experience has been quite good. The stability and reliability of the solution is pretty much appreciated

What do I think about the scalability of the solution?

The overall impression of the scalability is good and impressive.

How are customer service and support?

Technical support has been pretty good.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I have been involved with a lot of other partners in parallel, depending on the requirements of the customers.

How was the initial setup?

I am not directly involved in the setup and deployment of the product.

What about the implementation team?

The implementation was handled by an in-house team.

What was our ROI?

I've witnessed an ROI of 25% to 30%.

What's my experience with pricing, setup cost, and licensing?

Users should actively evaluate the existing options available in the market and finalize the one that matches their requirements, budget, and priorities. Check Point can definitely be considered based on my personal experience.

Which other solutions did I evaluate?

The choice to evaluate would not be my personal decision but the requirement raised by the customers.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer:
PeerSpot user
Bharath Kumar Gajula - PeerSpot reviewer
Network Security Architect at a consultancy with 10,001+ employees
Real User
Top 5Leaderboard
An expensive solution with easy life cycle management
Pros and Cons
  • "The solution is easy to use and comes with few vulnerabilities. You don't have to worry about release upgrades. Life cycle management is very easy."
  • "Check Point Security Management lacks some of the competitor features."

What is our primary use case?

We use Check Point Security Management for firewall management.

What is most valuable?

The solution is easy to use and comes with few vulnerabilities. You don't have to worry about release upgrades. Life cycle management is very easy. 

What needs improvement?

Check Point Security Management lacks some of the competitor features. 

For how long have I used the solution?

I have been using the solution for six years. 

What do I think about the stability of the solution?

Check Point Security Management is stable. 

What do I think about the scalability of the solution?

We have around 4,500 users for the product.  

How are customer service and support?

Check Point Security Management doesn't have good support since it is difficult to get the right person. 

How would you rate customer service and support?

Neutral

What's my experience with pricing, setup cost, and licensing?

The solution is expensive. 

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Charity Kimotho - PeerSpot reviewer
Information Technology Technician at Smoothtel & Data Solutions Ltd
Real User
Top 5
Provides security and reliability, integrates well with other products, and the exceptions work well
Pros and Cons
  • "We can easily push the policies to any of our gateways."
  • "The tool is expensive."

What is our primary use case?

We use the solution mostly for policy pushing to other gateways.

How has it helped my organization?

We deployed the tool for a customer. They faced an attack, but Check Point did not allow it. Check Point does not allow unauthorized access to the network. It just sends a message to the person saying they are not authorized to access the network. The exceptions work very well. Most of the attacks go through the web path. The tool does a good job of securing the web path.

What is most valuable?

We can easily push the policies to any of our gateways. The solution manages the gateways. It works well with other products. It integrates well with Cisco products, too.

What needs improvement?

The tool is expensive.

For how long have I used the solution?

I have been using the solution for the last two years.

What do I think about the stability of the solution?

The tool is very stable. The equipment is never down.

What do I think about the scalability of the solution?

We have more than ten customers.

How are customer service and support?

The support is very good. We get a response immediately whenever we enter a support request on the website. We do not have to wait for one or two hours. The team also offers remote support. The support provided by Check Point is one of the best in the market.

How was the initial setup?

We have most of the products on-premise. We have only one client on a VM. Check Point offers training for their products. They usually send us a link every time they launch a new feature. Unless we go through the tutorials, it will be difficult for us to deploy the solution. However, it is easy to deploy when you know how to do it. It is easy to navigate if we have read about the gadget.

What's my experience with pricing, setup cost, and licensing?

The tool is expensive. However, if we buy Check Point Security Management, we do not have to buy anything else. We get all the features we need in a single solution. We get value for our money.

What other advice do I have?

If we want to troubleshoot, we just have to log in to the SMS. Everything is listed there. We just have to log in to the gateway we have an issue with. We need not go to the server rooms. I see no improvements needed in the product. The other gateways and SD-WAN could be improved. If someone wishes to use the product, they have chosen the best option. It provides security, reliability, and support. Though it is expensive, it is the best. It has all the features we need. The product is absolutely excellent. Overall, I rate the tool a ten out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
MOHAMEDELSHERIF - PeerSpot reviewer
Senior Technical Consultant at International Turnkey Systems - ITS
Real User
Top 10
Clear network visibility, reliable, but scalability could improve
Pros and Cons
  • "The most valuable feature of Check Point Security Management is the high level of visibility"
  • "Check Point could improve by enhancing the networking in their solution in order to align it with the existing network architecture."

What is our primary use case?

The Check Point Security Management is designed with a strong focus on cybersecurity, providing customers with detailed information on attacks and high-visibility threats. This is a major benefit, as it allows customers to stay informed on a daily basis. 

What is most valuable?

The most valuable feature of Check Point Security Management is the high level of visibility

What needs improvement?

Check Point could improve by enhancing the networking in their solution in order to align it with the existing network architecture.  

To perform a service cutover, such as migrating from one firewall to another or bringing up a new firewall, it is essential to thoroughly study and understand the customer's network architecture. This is a complex and challenging process that requires careful deployment and configuration. However, once the firewall is successfully connected to the environment, it becomes very robust and provides comprehensive cybersecurity that meets the needs of the customer.

For how long have I used the solution?

I have been using Check Point Security Management for approximately 10 years.

What do I think about the stability of the solution?

The solution is stable.

What do I think about the scalability of the solution?

Due to its complexity and the distributed nature of its solution, Check Point Security Management still faces significant challenges in terms of scalability. The networking port weakness previously mentioned also has an impact in this area. In order to address these gaps, enhancements need to be made to the product's scalability. For example, when performing software upgrades, the distributed solution can make even minor upgrades challenging due to the many components involved, such as servers, gateways, and management servers. It is crucial to make improvements in scalability to ensure that Check Point Security Management can meet the needs of customers who may require a larger or more complex solution.

They are selling multiple solutions that need to have their software maintained and their scalability at the same time with the advantage of the centralized consolidated unit, reflects poorly on the scalability. It's not only one solution. There are a lot of factors to consider in order to upgrade or add a new firewall to the lineup.

How are customer service and support?

Their support could improve.

I rate the support from Check Point Security Management a six out of ten.

Which solution did I use previously and why did I switch?

I have used Fortinet and other competitors.

How was the initial setup?

The solution can be somewhat complex. It can be challenging to use, particularly during deployment. This is due to its use of distributed deployment, which requires the purchase of several components including security gateways, SMS servers, and a management server. While this may seem complex, the benefit is greater visibility.

What's my experience with pricing, setup cost, and licensing?

The solution is expensive and there is an annual license.

What other advice do I have?

Top companies in the firewall and software market include Check Point, which recently entered the hardware manufacturing sector. However, this move did not significantly impact its market share as other competitors were already offering more powerful hardware. As a result, the product became more complex, requiring separate handling of hardware and firewall components within the product. This adds additional layers, including network settings, connectivity, and firewall, which can make deployment and configuration more challenging for network engineers. Despite these challenges, Check Point is known for its stability and advanced threat prevention techniques, making it a valuable choice for cybersecurity.

We recommend smaller businesses explore alternative security partners, such as Fortineteen. Fortinet offers an affordable solution with all the necessary security features that customers need, making it a cost-effective option. For larger-sized companies we recommend Check Point Security Management to have visibility of their infrastructure.

I rate Check Point Security Management a seven out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Buyer's Guide
Download our free Check Point Security Management Report and get advice and tips from experienced pros sharing their opinions.
Updated: June 2025
Buyer's Guide
Download our free Check Point Security Management Report and get advice and tips from experienced pros sharing their opinions.