Check Point Security Management Reviews

The use of this tool is for the administration of policies, control, monitoring, and all the management of our gateway security tool. The separation of these environments has given us a robust solution in which we can apply and protect all the configurations created in our gateways without being afraid if we lose or damage the Check Point Security Management solution. Nothing bad would happen since we can create the environment again at the Microsoft Azure level and later restore the backup without being affected.

It also provides us with the required reports on perimeter security.

Thanks to this incredible tool, we have been able to generate all the control configurations in which we determine which applications or sites can be accessed on the networks that are under the supervision of the Check Point gateways. In addition to the access policies, we have allowed access to servers in a granular manner to such a level that it is allowed at the port level.

With the generation and review of logs, we have verified some vulnerabilities and attempted attacks to generate improvements in our infrastructure and policies to help avoid issues in the future.

The features that we liked the most about the solution are its audits and logs, where we can validate the problems, accesses, connection refusals, vulnerabilities, or malicious accesses that are generated in our infrastructure. All of this helps to improve our safety after being analyzed.

Another excellent feature is its granularity both in policies and access control. It helps us establish good policies.

There are some improvements that can be generated in this solution. For example, their internal environments and dashboards should all be updated to look pleasant on a visual level.

It would be helpful if the documentation and good practice guides are updated. Many are still from R77.

At the support level, they should expand the languages of attention to be able to expand support in countries where the English language is not standard.  They could improve the response time when it comes to providing customer support.

This tool has been used together with our Check Point Gateway for more than four years. It is excellent and the administration has been great.

The support at the technical level is very good. That said, sometimes it takes a long time to get a response. In general, it is good.

Neutral

Previously we did not use a management tool like this.

It is one of the best solutions that exist today. The costs are high, yet, in general, any GWs solution is. 

It is good that they support themselves with partners. Partners help clients understand the product and can request tests of the product before purchasing it to know if it is what the business is looking for.

It is always important to look for options available in the security solutions market. We really like how Check Point is managed, which is why we trust this manufacturer.

It is an excellent administration tool.

Thanks to the new Check Point management, we were able to manage our environments decentrally with a server or from the Check Point Infinity Portal. This management is handled separately and provides greater ease of implementation and backups. You can have your gateways separated from the control server. You can even lose the management server, and easily, with a previous backup, you can restore all the policies that had been generated so that you never lose the operation of the GW.

Our Check Point implementations are quite important in our environment. With them, we were able to shield our infrastructure from modern vulnerabilities.

The separate management provides greater security and peace of mind. In the face of events in which we can lose communication with the management server, the operation of the Check Point gateways continues unaffected.

We also like the ease and intuitiveness of the management server since it allows you to generate policies in a straightforward way. Its logs and monitoring provide the necessary information so that those responsible for security can make decisions and improve security even more.

The control is intuitive, it's an excellent tool.

The monitoring is excellent. It helps a lot in making decisions.

Finally, the additional tools or blades implemented in this console are great. You can go from basic security implementation to a fairly advanced one with all the blades you have available.

The separate environment of the Check Point gateways is one of the most important features. The separate management allows for the continued use of the gateways.

As for the support, it is not the best. 

The hours are different from those in America. They generally respond to us at dawn. They are not as fast or efficient, and they could improve in this area.

Every manufacturer must have enough documentation for client implementations and proof of concept. However, Check Point has many outdated manuals. These should be simpler for users and help them to manage their environments with the best practices.

They should improve the ease of licensing.

We've used the solution for more than three years. We started using Check Point Security Management and have had very good results in a manufacturer's architecture with excellent performance.

Previously, we had WatchGuard to provide security. However, it does not meet the parameters required for our organization.

It is important to value the support of a Check Point partner to validate the tools, in addition to seeing the product more closely.

We researched to find the security tool that best suits our requirements.

For us, there are more benefits than failures; it really is an exceptional tool, and I recommend it.

In recent years, management was to have an additional server in our data center or virtual machine that demanded resources locally. Today we have the possibility to have virtual teams in the cloud or on-premise and do not have the need to create that machine. We take that server to the Check Point cloud as a management cloud where we can have each subscription and be able to manage everything with the same account. It allows you to manage from anywhere and makes it easier for you to manage additional teams.

Check Point management is one of the most complete solutions for managing Check Point Firewall appliances. 

Since it is so powerful, we can manage more than one appliance with this same tool and create policies per appliance, and integrate different branches. 

One of the great benefits is being able to centralize all our branches under a single management server, thus being able to manage each of the created policy layers from a single place.

Among the most valuable features is the ability to manage everything simultaneously. It can integrate with the Check Point Infinity Cloud. 

The costs of acquiring a server for this task is of value. Each of us who are administrators can continuously manage the security of companies. This management manages not only Firewall-type appliances but also Cloudguard IaaS-type appliances.

I would like this solution to be integrated directly into the Cluster XL equipment. We'd like something that is all in one. The implementation becomes quite complex due to the extensive and not very graphic guides that we can find on their portal. 

I've used the solution for two years. 

It is very stable. You can have it in high availability services.

The scalability is fast and easy.

We previously used Fortinet as a firewall and management solution.

The cost of having cloud management lowers the monthly bill. That must be considered when acquiring these solutions.

We deployed the Check Point firewall for protecting our web servers and intranet servers. We used a management server as a centralized device for Check Point Gateway firewalls.

The best aspect about the notion is that we can push policy, IPs, or any other functionality to all or a subset of gateways. Alternatively, creating a distinct tab for each gateway gives a clear idea of the configuration changes and makes them less complicated.

Check Point's solution cuts down on the time it takes to manage multiple firewall devices.

Our organization has faced multiple attackers daily which causes high-impact performance, even though the previous firewall blocks. This leads to an impact on customer satisfaction with our services.

However, after deploying Check Point firewalls in our organization we found drastic changes in the performance of our network   

The management server helps us to reduce the time to manage multiple firewalls.

It's easy to push configuration changes to each of the gateways.

We can track logs of each firewall which is very helpful.

The importance of centralized administration cannot be overstated. As a network security engineer, I must mention that it allows us to manage all of our Check Point devices from a centralized point. 

Although there is certainly room for improvement in the UI, I am pleased that Check Point continues to correct and enhance. 

Furthermore, they provide some new features that will revolutionize security administration.

Initially, I was not a huge fan of Check Point's SmartConsole; I'm not sure why; perhaps it was because I was used to using only the web interface in other vendor firewalls like Palo Alto, Fortigate, and so on.

Now that I've tried it, I have to say that it's the greatest way to handle firewalls. There are some flaws, however, Check Point is working to correct them with each version.

They need to make a Mac version of the SmartConsole, in my opinion.

Aside from that, I'm satisfied with Check Point solutions.

I've used the solution for two years.

Security Management Server is easy to configure. We have more than six security gateways in different locations. It is easy to manage security gateways separately from Security Management Server. 

Also, we use a security management server as a log collector. Security Management Server is easy to configure. 

We can separately manage and install policies for all gateways. It has separated by blades. It is so flexible. Jumping from one blade to another is really simple. R80.x versions are better than R77.x versions. 

The log section is really good to understand and is really fast. 

The layered architecture is really understandable and easy to use. 

Event correlation function is really brilliant. 

Check Point provides one application with all your needs with the management system.

I do not need to log in to another application or website to see inputs and outputs. 

The monitoring is the best.

The solution offers:

• Strong user community
• Product functionality and performance
• Financial/organizational viability
• Strong services expertise

Policy installation time can be reduced. Proof of concept really matters on this subject. Every organization's needs are different and unique. Therefore, before you purchase the product, use proof of concept as much as you can. 

I have been using Check Point Security Management for more than seven years.

The pricing is not bad.

We use the solution for cybersecurity.  

We use a Check Point internet security appliance and have recently purchased their endpoint security solution.  

We have found the systems easy to manage and monitor. These systems are providing critical security to our computing systems. Past systems have required multiple products from multiple vendors. The Check Point solution provides multiple products under a single interface, greatly simplifying my job.  

We have yet to implement all of the blades/features of the Check Point solution, however, we are very happy with those we have used.

The product has done a great job in protecting our business network and SCADA systems.  

The single management interface has simplified our procedures. Training has been easier since there is only one interface to learn, not multiple interfaces from multiple vendors.  

As we implement more features of the security appliance, we find more value in it. Our cybersecurity posture is stronger than it has ever been with the addition of the Check Point appliance. 

We look forward to implementing additional features of the system.

The single interface to manage multiple cybersecurity platforms is great. In the past, we had multiple security appliances from multiple vendors. Each of these had their own interfaces and their own peculiarities. Staff had to learn multiple interfaces to provide our systems with cybersecurity. Additionally, when there was an issue, multiple systems needed to be checked to clarify and remedy the situation. If something was getting blocked incorrectly, we had to search for which systems was blocking it and then determine whether the block was legitimate. With the Check Point appliance, all of the blades are accessible through a single interface. We can easily track the reason for a block.

Some of the configuration elements could be improved. 

More automation of the tasks that now need to be performed at the level of the operating system could be made more streamlined. For example, we've often had issues where the log space has filled up. It would really be nice to have a feature in the GUI that addresses the cleanup of old files/logs. This is very much a manual process now. I have to get a putty or WinSCP session to the device and dig through the directory structure to find old files that are safe to delete. Luckily, I haven't accidentally deleted any critical files (so far).

I've used the solution for more than five years.

We have found the Check Point device to be very stable.  We rarely have to restart the device and have never experienced a hardware issue.  

The scalability is seamless.  

Customer service and support have always been very responsive.

Positive

We previously used a Netscreen firewall.   

The Netscreen firewall was limited and we had to rely on other appliances from other vendors to augment its capabilities.

It was a straightforward implementation. We did have a consultant help us in the initial setup of the systems.

The level of expertise of our vendor team was very high.

Our ROI is the peace of mind that our systems are well protected.

The Check Point solution is pricy, however, for what you get for your money, it is well worth it.  

The setup is pretty easy and licensing is straightforward.

We asked for a recommendation from a security consultant. They indicated that Check Point was the premier vendor of security appliances.

I'm glad we made the decision to use a Check Point appliance and am sure that we will stick with Check Point when we replace our current system.

We primarily use the solution for the management of thousands of rules. partially automated via the well-documented API.

Managing the rules is a day-to-day business that takes a lot of time. It is really good that we can do the management through the dashboard. It is so comfortable, and, in contrast to other manufacturers, is structured much better. The integration of the logs allows a quick jump by mouse click between rules and log entry.

The API reduces the administrative effort so that we can concentrate on the essential things. in addition, it is an enormous advantage for our customers that rules are created automatically and are available immediately.

The transparency of the rules and the integrated logs makes daily troubleshooting easy and saves a lot of time. 

Managing the rules is a day-to-day business that takes a lot of time. The dashboard is great and much better in contrast to other manufacturers. 

The integration of the logs allows for a quick click between rules and log entry. 

The immediately visible audit logs are also a great advantage. This allows changes to a rule to be tracked quickly and any errors to be corrected.

The management API is the best new feature for me. It allows us to further automate our customers' automated server ordering.

The API reduces the administrative effort so that we can concentrate on essential things. It is an enormous advantage for our customers that rules are created automatically and are available immediately. 

For our private cloud, we have to stay competitive with the public clouds and the speed on offer is what counts here. It's good.

The new web management tool allows the management in the browser, which is a great feature.

The management API can be further developed so that all functions offered by the dashboard are also available via the API (for example,  Network Topology).

The new web management tool which allows the management in the browser has to be developed further so that all functions from the dashboard are available. Many of our administrators work with a Mac OS. Until now, the management of rules is only possible on  Windows as the Smart Dashboard is only available for Windows. Now, with the first release of the web interface, it is possible in the browser. All functions from the dashboard must still be possible via the web interface.

I've used the R77.30 version since 2013.

We've upgraded to R80.10 in 2019. The update was a bit complicated, however, with the pre-check and some cleanup, it went without a problem

We upgraded the R80.10 to R 80.30 in 2020. The update management with the migration of export/import was a remote update and was easy.

We upgraded R80.30 to R80.81 in 2021. The management update was very easy and through the wizard, everything was very clear in terms of the individual steps. The update of the gateways took place at night.

We do not have any stability problems.

Check Point Maestro offers the industry a new way to leverage current hardware investments and maximizes appliance capacity. It's in an easy-to-manage hyper-scale network security solution in order to bring our networks and data centers into the world of hybrid clouds.

The case handling is good. If you have experience and know what information the support needs, then the processing time can be minimized.

Neutral

In the past, we have used a Cisco ASA. Our management of the rules was not so good there.  We also use FortiGate. This already offers a nice web interface, however, managing a large set of rules is almost impossible there.

The initial setup was very simple. However, the migration of rules from other vendors was challenging.

For large migrations, we always use a service provider or the manufacturer's team (Check Point Professional Services). Here we can fall back on well-trained SE's with a lot of experience.

No exact ROI has been calculated.

All of our administrators have previously been on CCSA/CCSE training which provides good insights into the products. After various tests, we were able to carry out most of the setup ourselves in a developer environment. We were able to keep the costs for the migration low by using a lot of our own initiative. However, I would recommend the support of a Check Point certified partner.

Together with a Check Point partner (service provider), the requirements should be evaluated. Here, we were able to draw on the experience of our service provider and develop our environment according to our requirements.

We did not evaluate any other options.

I can recommend the Check Point solution.

We use Check Point Security Gateway GAIA R 80.40 as our secure gateway firewall. We have configured two gateways as active-passive in cluster mode. We also use R 80.40 as our security management server to configure the policies on the firewall. We use it primarily to control traffic and secure our network perimeter against unknown attacks. The different rules and policies for the SSL VPN connections are configured on the mobile access blade. We use the policies to segregate and filter the traffic flow. 

Check Point Security Management GAIA R 80.40 tremendously helped us in securing our network perimeter against various threats. 

We have used the access rules and application/URL filtering blades to filter and restrict unwanted traffic. 

The IPS blade, Antivirus blade, Anti-bot blade, Threat Emulation blade, and Threat Prevention blades are helping us tremendously in preventing attacks and thus take care of the threats at the gateways themselves. 

At the time of COVID, the Mobile Access blade has helped greatly in the smooth running of production.

We have found all the security blades very helpful. The IPS blade, Antivirus blade, Anti-bot blade, Threat Emulation blade, and Threat Prevention blades have been most useful in securing the network. 

With the antivirus, IPS, and Anti-bot blades signatures being automatically updated regularly on a daily/hourly basis, the network is always safe. 

The URL and Application Filter blade offers a daily update of the database which helps us control the traffic. 

Mobile access has helped us cater to more than 4000 users so that they can work from home.

The Security Management server could be improved. If it provided an inbuilt authenticator for multifactor authentication, that would be ideal. Currently, we have to depend on a third party for multifactor authentication. 

It would help us greatly in securing the remote access users if Mac binding can be done for remote access VPN users in mobile. It would be helpful if we could enable URL and application traffic control remote access. 

The logging and reporting are good, but it would be helpful if more report templates were available.

I have been using Check Point Security Gateway for more than 7 years.

The stability is great.

The scalability is great.

Technical support is good.

Positive

The company has been using Check Point for a long time. It's been more than 10 years. I have been with the company for past 7 Years.

The initial setup is straightforward.

We had assistance from our Vendor Team (ISecurenet). They are very good.

Our ROI has been above expectations.

The price is high but worth it.

Check Point is one of the top leaders in security solutions.