Check Point Security Management Reviews

We use the solution mostly for policy pushing to other gateways.

We deployed the tool for a customer. They faced an attack, but Check Point did not allow it. Check Point does not allow unauthorized access to the network. It just sends a message to the person saying they are not authorized to access the network. The exceptions work very well. Most of the attacks go through the web path. The tool does a good job of securing the web path.

We can easily push the policies to any of our gateways. The solution manages the gateways. It works well with other products. It integrates well with Cisco products, too.

The tool is expensive.

I have been using the solution for the last two years.

The tool is very stable. The equipment is never down.

We have more than ten customers.

The support is very good. We get a response immediately whenever we enter a support request on the website. We do not have to wait for one or two hours. The team also offers remote support. The support provided by Check Point is one of the best in the market.

We have most of the products on-premise. We have only one client on a VM. Check Point offers training for their products. They usually send us a link every time they launch a new feature. Unless we go through the tutorials, it will be difficult for us to deploy the solution. However, it is easy to deploy when you know how to do it. It is easy to navigate if we have read about the gadget.

The tool is expensive. However, if we buy Check Point Security Management, we do not have to buy anything else. We get all the features we need in a single solution. We get value for our money.

If we want to troubleshoot, we just have to log in to the SMS. Everything is listed there. We just have to log in to the gateway we have an issue with. We need not go to the server rooms. I see no improvements needed in the product. The other gateways and SD-WAN could be improved. If someone wishes to use the product, they have chosen the best option. It provides security, reliability, and support. Though it is expensive, it is the best. It has all the features we need. The product is absolutely excellent. Overall, I rate the tool a ten out of ten.

The Check Point Security Management is designed with a strong focus on cybersecurity, providing customers with detailed information on attacks and high-visibility threats. This is a major benefit, as it allows customers to stay informed on a daily basis. 

The most valuable feature of Check Point Security Management is the high level of visibility

Check Point could improve by enhancing the networking in their solution in order to align it with the existing network architecture.  

To perform a service cutover, such as migrating from one firewall to another or bringing up a new firewall, it is essential to thoroughly study and understand the customer's network architecture. This is a complex and challenging process that requires careful deployment and configuration. However, once the firewall is successfully connected to the environment, it becomes very robust and provides comprehensive cybersecurity that meets the needs of the customer.

I have been using Check Point Security Management for approximately 10 years.

The solution is stable.

Due to its complexity and the distributed nature of its solution, Check Point Security Management still faces significant challenges in terms of scalability. The networking port weakness previously mentioned also has an impact in this area. In order to address these gaps, enhancements need to be made to the product's scalability. For example, when performing software upgrades, the distributed solution can make even minor upgrades challenging due to the many components involved, such as servers, gateways, and management servers. It is crucial to make improvements in scalability to ensure that Check Point Security Management can meet the needs of customers who may require a larger or more complex solution.

They are selling multiple solutions that need to have their software maintained and their scalability at the same time with the advantage of the centralized consolidated unit, reflects poorly on the scalability. It's not only one solution. There are a lot of factors to consider in order to upgrade or add a new firewall to the lineup.

Their support could improve.

I rate the support from Check Point Security Management a six out of ten.

I have used Fortinet and other competitors.

The solution can be somewhat complex. It can be challenging to use, particularly during deployment. This is due to its use of distributed deployment, which requires the purchase of several components including security gateways, SMS servers, and a management server. While this may seem complex, the benefit is greater visibility.

The solution is expensive and there is an annual license.

Top companies in the firewall and software market include Check Point, which recently entered the hardware manufacturing sector. However, this move did not significantly impact its market share as other competitors were already offering more powerful hardware. As a result, the product became more complex, requiring separate handling of hardware and firewall components within the product. This adds additional layers, including network settings, connectivity, and firewall, which can make deployment and configuration more challenging for network engineers. Despite these challenges, Check Point is known for its stability and advanced threat prevention techniques, making it a valuable choice for cybersecurity.

We recommend smaller businesses explore alternative security partners, such as Fortineteen. Fortinet offers an affordable solution with all the necessary security features that customers need, making it a cost-effective option. For larger-sized companies we recommend Check Point Security Management to have visibility of their infrastructure.

I rate Check Point Security Management a seven out of ten.

When having multiple branches, there is the need to be able to manage several branches centrally to meet internal and external regulatory standards that become part of important criteria to manage security. 

Due to the number of branches that we must protect and safeguard, we were looking for a solution that would allow us to centralize simple and fast management that is as scalable as possible.

The Check Point R80 service has allowed us to unify and centralize the security policy. This makes us faster and more flexible when making a change in any of our branches. It's one of the friendliest services that can be managed and remains important in nature to our bottom line. It allows all administrators to understand and manage the communication between different sites, for example. Additionally, we have integrated these features with others that could also be used as security measures or MFA services.

One of the most important features, and one that I see as having organizational value, is the ability to enable services or communications that can be integrated with third parties. We can add additional layers of security to logins or configuration startups that we did not have before. 

It provides for capabilities and has allowed us to be more scalable. We now have greater management flexibility and the possibility to configure and connect to different branches. It has given us better centralization with greater features and security benefits.

In the future, I would like the platform to be able to integrate or manage appliances or third-party equipment. That would give us a management solution that is able to adapt to the technological changes that we have today. 

Maybe we could see if the brand or the services become commercial allies of other brands. I know that it is something that is requested a lot, however, better integration could be beneficial for the market and for users when purchasing a service in the market.

I've used the solution for three years.

We wanted a centralized administration console to allow us to manage more than one team inside or outside our organization. As a result of this need, we were looking for solutions that could complement us and provide effective and functional management of more than one team inside or outside the organization. 

It was then that we came across and used Check Point, a solution that allows us to integrate and manage all these teams from one place. Check Point offered us not only a centralized administration, but it also offered us and gave us added value in different services and features that can be integrated into the centralized administration platform.

Check Point came to give additional value to us as administrators and our organization. It allowed us to integrate more than one characteristic service under the same administration platform, such as antivirus services, real-time emulation services, and real-time detection, characteristics that really give additional value in a centralized management console being a console and also a strategic ally in our organization. These characteristics tell us that it is not only a service to centralize the administration - it is also a service designed to implement and add value to the security of any company.

One of the most outstanding characteristics of its centralized administration is its great computing power. The ease of being able to integrate more than one computer and manage and orchestrate them simultaneously and individually creates security layers for each one of them or different approaches based on the needs of the branches. We have an installation that is fast with an execution that is simple. It is easy to manage what each organization needs. 

I would like it to be the administrator of equipment or Next Generation firewalls (which have to be managed on this platform) and to be able to manage other services (like Harmony) that also belong to Check Point. We'd like to be able to manage them from the same platform. Although they are within the same portal right now, they are not managed in the same way nor are they from the same teams. It could be a very innovative future integration and will help to centralize this section while having the characteristics under the same management.

I've used the solution for about a year.

It is very stable lately. We've seen that the updates have made the solution apply changes faster and find it is more complete.

The platform has somewhat complex scalability. That said, it is still efficient - mainly when we have management or administration in what is known as HA or cluster.

Check Point Security Management is primarily used for managing our security gateways that are deployed in multiple offices around the world. We have 20+ gateways in total. 

Security management also has reporting functionality which can be passed off to our internal security team as well as our senior leadership team. 

SmartView is also a handy utility that allows our system admins to have insight into the network traffic which reduces the need to contact the network support team each time something is not functioning.

Check Point Security Management has improved the organization and it assists with easy manageability of all of our globally deployed gateways which if they were not centrally managed, would be very time-consuming to manage. 

The compliance blade provides detailed reports in regards to our policy configuration and global configuration of the gateways which can be easily read to determine if something needs to be actioned. It also contains multiple different other reports that can be utilized by various other departments.

The compliance is great. It verifies the overall compliance of all of the gateways and attached policies against standards. It offers ready-to-use reports that are detailed.

The SmartView monitor is helpful. Having the ability to give read-only access to our system admins where they can look into the firewall logs is a huge plus and reduces the load on the dependency of the network admins. Also, it is very handy in that it is a web console and not an application that needs to be installed on your computer to view the logs. 

It displays very nice dashboards.

Being a security appliance, there should be the ability for the Security Management server to send email alerts via authenticated email. One of our requirements from the organization is to not use unauthenticated email and to only use authenticated email which this does not support.

SmartConsole should be available for MacOS machines. Not every Network/Security administrator utilizes a Windows machine. Being a Mac user, I need to have a VM with SmartConsole installed in order to be able to manage my gateways. I have heard the newer versions allow management through a web version however I have not tested it as of this moment.

I've been using the solution for more than three years.

The solution is very stable.

In terms of scalability, the licensing is restrictive and are cookie-cutter solutions for a number of gateways.

The L1/L2 agents seem inexperienced. Cases often need to be escalated. 

Negative

Yes, we did use something else. We switched as we were looking for something that had a bigger feature set.

We looked into SonicWall and Palo Alto.

As a consultant for a security infrastructure consulting firm, I install and integrate this solution at client premises. There are many types of client domains, such as financials, government, healthcare, etc. 

It's a stable and complete product that is easy to use and capable of managing their next-gen firewall infra around the globe without compromises. 

Once the Check Point infra is up and running, clients really appreciate its capabilities of centrally managing security rules, making traffic flows visible, and quick detection and response capabilities in case of issues.

It allows clients to quickly learn about the product and its capabilities and thus focus quickly on what really matters, security. 

The concepts are easy to understand but powerful. As the management is easy and fast, the workload is less compared to other products. Access can be restricted granularly so different types of profiles can access the management solution without the risk of breaking anything. The helpdesk people can investigate the first line and provide findings to other teams for solution implementation. 

The rulebase management and the shared layers concept are implemented well. It avoids double work and reduces the risk of human errors. It makes the management solution very scalable.

Working with multiple administrators is possible. Changes are visible to others once you publish changes.

Investigating logs is easy and fast. The search results are provided with all details, so an in-depth analysis of problematic flows is easier.

Installation of policies is fast. For R81.10+ releases, it's a matter of seconds (compared to many minutes in the past).

The upgrade procedure already made huge improvements, yet it remains more challenging compared to other products. However, everything is well documented and the Check Point support is very skilled, so risks are rather limited. 

As this is probably the most complete product within its segment, no huge improvements are required from my point of view. Another problematic point, the policy installation duration time is solved since version R8x, so that's good. Clients always tell me: "Check Point is the Rolls Royce within this segment, it is outstanding". 

I've been using the Check Point Management solution for more than 15 years.

It's very stable with no remarks. Fixes are provided on a regular basis and are easy to install. 

Scalability is very good. Hardware appliances are available and virtual instances can be installed. It is possible to install, for huge deployments, the multi-domain Server. Multiple instances can be installed for redundancy purposes. 

They have excellent support which has improved a lot during the last years.

Positive

We implement other solutions, such as the Fortigate (Fortinet), PAN, and Cisco Secure Firewall (Firepower) with FMC.

The initial setup and installation are easy.

Security Management Server is easy to configure. We have more than six security gateways in different locations. It is easy to manage security gateways separately from Security Management Server. 

Also, we use a security management server as a log collector. Security Management Server is easy to configure. 

We can separately manage and install policies for all gateways. It has separated by blades. It is so flexible. Jumping from one blade to another is really simple. R80.x versions are better than R77.x versions. 

The log section is really good to understand and is really fast. 

The layered architecture is really understandable and easy to use. 

Event correlation function is really brilliant. 

Check Point provides one application with all your needs with the management system.

I do not need to log in to another application or website to see inputs and outputs. 

The monitoring is the best.

The solution offers:

• Strong user community
• Product functionality and performance
• Financial/organizational viability
• Strong services expertise

Policy installation time can be reduced. Proof of concept really matters on this subject. Every organization's needs are different and unique. Therefore, before you purchase the product, use proof of concept as much as you can. 

I have been using Check Point Security Management for more than seven years.

The pricing is not bad.

We use the solution for a distributed lean IT environment where there's a need to monitor logs, threats, and events, or requires configuring security policies within a single dashboard.

It's great for customers who are searching for an upgraded top to bottom yet simple and improved log management solution. In such cases, Check Point Management works perfectly.

Wherever we have provided such a solution, it has become very easy for IT administrators to manage not only a single location but also geographically distributed workplaces.

It works similarly to other management software in the industry, but Check Point is far beyond all others due to its management log monitoring functionality.

After integration with the R80 series, Check Point has made most organizations become relatively secure as configuration with security policies, IPS, and log management extend to the maximum ability.

Previously, we needed to monitor all logs related to network traffic and threats and had to audit logs in different dashboards which sometimes felt time and memory consuming.

With the R80 management consoles, all tasks become very easy - starting from gateway management, log monitoring, IPS configuration, global properties configuration, etc.

Some of the great aspects of the solution include:

1. Smart Event is a great feature of the Check Point management console. It gives a complete graphical view of more than a year of traffic flow including botnet traffic, malicious host present in-network, compromised hosts, and many more.

2. Object (based on IP, hostname, domain name) configuration.

3. Application and URL filtering configuration.

4. Log monitoring and alert configuration.

5. IPS configuration with improved performance.

6. Applying filters based on source, destination, port, application, etc. which is easy compared to all other vendors in the market.

7. Managing clustering for gateways - including their live health check performance - can be done on the dashboard itself.

8. The SSL VPN monitoring based on users and tunnel monitoring are great value-added features present in the management console.

The solution could be improved in these ways:

1. In order to work the management console properly we're required to have more memory and CPU on the system where we need to install a setup.

2. Due to the large size of logs generated for daily traffic, even when old logs purging is enabled, we need to delete old logs manually or else it causes errors while publishing policies which slow down the process.

3. SD-WAN functionality could be added.

4. The required license addition for every blade is a bit of a complicated task for normal IT admins to understand.

I've used the solution for more than four years.

Stability is always improving day by day with Hotfixes they are releasing.

We can scale up to a maximum limit.

The technical support is very knowledgeable.

We have good relations with Check Point. This is the main reason we have always preferred it. The technical support offered by Check Point is always a top priority.

Customer from Sophos to Check Point and ASA to Check Point has migrated to our centralized management from Check Point.

The initial setup is straightforward, however, it can get a little complex for migration from another vendor to Check Point.

We had the assistance of vendor support during the implementation.

Check Point licenses work very differently compared to other vendors. We need to purchase each blade in order to make it work, but we can easily obtain a trial (evaluation) license from Check Point to get visibility for the blade.

Check Point tries to maintain relationships with customers and they try to match their price with customer expectations.

Palo Alto is most preferred NGFW compared to Check Point, due to having a large market share.