What is our primary use case?
Our company works in developing and delivering online gambling platforms. The Check Point Gateways are the core security solution we use to protect our DataCenter environment located in Asia (Taiwan). The environment has about ~50 physical servers as virtualization hosts, and we have two Check Point HA Clusters consist of 2x5400 hardware appliances, managed by an OpenServer Security Management server on a Virtual Machine (KVM), all running on R80.10 with the latest Jumbo Hotfix Accumulators installed (Take 275). The Security Management server has the following blades activated - Network Policy Management, Logging & Status, User Directory, Compliance, SmartEvent Server, Provisioning.
How has it helped my organization?
The overall security of the environment has been greatly improved by the Check Point solution. Before implementing that, we have to rely on the Cisco ACLs and Zone-Based firewall that we had configured on the switches and routers, which in fact was just a simple stateful firewall, and all the devices had to be managed locally via SSH. Now, with the Check Point Security Management server in place, we have a central endpoint to manage all the security aspects for the environment - the SmartConsole. That helped to decrease the management overhead, as well as to improve the usability and feasibility of the security.
What is most valuable?
As the security administrator, who is responsible for the day-to-day tasks (e.g. creating new firewall rules, monitoring the security alerts and incidents etc.) and the maintenance (e.g. installing the new Jumbo Hotfixes), I find the Check Point Security Management R80.10 to be the great solution.
Now everything is configured in one place - the unified SmartConsole, which helps me in saving the working time and not jumping from one console or dashboard to another constantly. The interface is cozy and modern. I especially like built-in searching capabilities - you may not just find the objects, but also see where exactly it is used across the whole security policy. Also, now the latest logs may be seen in the security policy as well, per matched rule.
What needs improvement?
I like that the Compliance software blade is available for free with the Security Management server purchase, but it is free for only one year - after that, you have to buy an additional license to continue using it. I think such an important feature is vital for the management server, and should not be licensed separately.
Also, the SmartConsole application used for management is currently available only for Microsoft Windows OSes. I think many administrators use macOS and Linux, so it would be nice to have native apps for these platforms as well.
For how long have I used the solution?
My current company has been using the Check Point Security Management for about three years, starting late 2017.
What do I think about the stability of the solution?
The Check Point Security Management server version R80.10 we use is stable and mature solution.
What do I think about the scalability of the solution?
One virtual machine we use for the Security Management is enough for managing 2 clusters, and there is a huge "space" if we decide to scale the DataCenter up.
How are customer service and technical support?
We have had several support cases opened with the Check Point, but none of them was connected with the Security Management. In. general, I think some cases took to long to be resolved by the Check Point support team - up to one month.
Which solution did I use previously and why did I switch?
We used local ACLs and Zone-Based firewall on Cisco switches and routers, that's incompatible with the centralized management solution like Check Point Security Management.
How was the initial setup?
The setup was straightforward, and the configuration part was easy and understandable - we didn't use any consulting services for that.
What about the implementation team?
The solution has been implemented by in-house team, since we have the Check Point Certified engineer among the technical team.
What's my experience with pricing, setup cost, and licensing?
The Check Point solutions in general are not cheap, so your company should have a dedicated budget for security.
Which other solutions did I evaluate?
We didn't evaluate other vendors.
What other advice do I have?
There's a demo of the Security Management available for free - just download and install the SmartConsole application, and you could see the interface and most of the features available.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.