No more typing reviews! Try our Samantha, our new voice AI agent.
reviewer1658724 - PeerSpot reviewer
Assistant Manager IT Operation at a tech services company with 10,001+ employees
Real User
Oct 15, 2021
Great for securing our network perimeter with good scalability and stability on offer
Pros and Cons
  • "Mobile access has helped us cater to more than 4000 users so that they can work from home."
  • "Check Point Security Management GAIA R 80.40 tremendously helped us in securing our network perimeter against various threats."
  • "It would be helpful if we could enable URL and application traffic control remote access."
  • "The Security Management server could be improved."

What is our primary use case?

We use Check Point Security Gateway GAIA R 80.40 as our secure gateway firewall. We have configured two gateways as active-passive in cluster mode. We also use R 80.40 as our security management server to configure the policies on the firewall. We use it primarily to control traffic and secure our network perimeter against unknown attacks. The different rules and policies for the SSL VPN connections are configured on the mobile access blade. We use the policies to segregate and filter the traffic flow. 

How has it helped my organization?

Check Point Security Management GAIA R 80.40 tremendously helped us in securing our network perimeter against various threats. 

We have used the access rules and application/URL filtering blades to filter and restrict unwanted traffic. 

The IPS blade, Antivirus blade, Anti-bot blade, Threat Emulation blade, and Threat Prevention blades are helping us tremendously in preventing attacks and thus take care of the threats at the gateways themselves. 

At the time of COVID, the Mobile Access blade has helped greatly in the smooth running of production.

What is most valuable?

We have found all the security blades very helpful. The IPS blade, Antivirus blade, Anti-bot blade, Threat Emulation blade, and Threat Prevention blades have been most useful in securing the network. 

With the antivirus, IPS, and Anti-bot blades signatures being automatically updated regularly on a daily/hourly basis, the network is always safe. 

The URL and Application Filter blade offers a daily update of the database which helps us control the traffic. 

Mobile access has helped us cater to more than 4000 users so that they can work from home.

What needs improvement?

The Security Management server could be improved. If it provided an inbuilt authenticator for multifactor authentication, that would be ideal. Currently, we have to depend on a third party for multifactor authentication. 

It would help us greatly in securing the remote access users if Mac binding can be done for remote access VPN users in mobile. It would be helpful if we could enable URL and application traffic control remote access. 

The logging and reporting are good, but it would be helpful if more report templates were available.

Buyer's Guide
Check Point Security Management
July 2026
Learn what your peers think about Check Point Security Management. Get advice and tips from experienced pros sharing their opinions. Updated: July 2026.
903,147 professionals have used our research since 2012.

For how long have I used the solution?

I have been using Check Point Security Gateway for more than 7 years.

What do I think about the stability of the solution?

The stability is great.

What do I think about the scalability of the solution?

The scalability is great.

How are customer service and support?

Technical support is good.

Which solution did I use previously and why did I switch?

The company has been using Check Point for a long time. It's been more than 10 years. I have been with the company for past 7 Years.

How was the initial setup?

The initial setup is straightforward.

What about the implementation team?

We had assistance from our Vendor Team (ISecurenet). They are very good.

What was our ROI?

Our ROI has been above expectations.

What's my experience with pricing, setup cost, and licensing?

The price is high but worth it.

What other advice do I have?

Check Point is one of the top leaders in security solutions.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
it_user1670154 - PeerSpot reviewer
Firewall Engineer at a logistics company with 1,001-5,000 employees
User
Sep 30, 2021
Easy to install, easy to manage, and provides a helpful overview of system health checks
Pros and Cons
  • "Having the possibility to use Smart Event to check for threats on a broader scale helps after a security incident and also makes it easier to check - instead of looking through different logs."
  • "Using a single GUI with a single management IP makes things easier if you have to administrate several customers."
  • "Troubleshooting is quite complicated within multi-domain management. If an issue arises, the local administrator has to keep in mind that there are other domains that could be also affected."
  • "Troubleshooting is quite complicated within multi-domain management."

What is our primary use case?

We use Check Point Multi-Domain Management (Provider-1) to manage several customers with their firewalls as well as handle our internal administrators based on their rights.

Each domain (CMA) contains the customer's firewalls that are managed by us. Bigger customers with more than one domain use global objects as well as global rules so that administrators do not have to implement a local object for each domain.

Since this environment is bigger, we also use a dedicated log server for each domain. That way the logs reside in a different virtual log server.

How has it helped my organization?

When using global rules and objects it is possible to push changes to several domains at the same time without touching each individually.

Administration of all users within a single environment makes it easy, instead of connecting to management individually. Using templates for rights helps a lot too.

Last but not least, by only using one VM (or 2 if you include the log server), upgrading and patching are easier. You have a bigger maintenance window, but do not have to upgrade several Security Management Servers by themselves.

What is most valuable?

Using a single GUI with a single management IP makes things easier if you have to administrate several customers. In the Multi-Domain Environment, you are able to see an overview of all the different customers.

Several health checks are shown for the gateways in an overview so you don't always have to use a monitoring system in parallel since you see some states at a glance after logging in.

Having the possibility to use Smart Event to check for threats on a broader scale helps after a security incident and also makes it easier to check - instead of looking through different logs.

What needs improvement?

Troubleshooting is quite complicated within multi-domain management. If an issue arises, the local administrator has to keep in mind that there are other domains that could be also affected.

For each version, you have to download a new GUI. Sometimes the GUIs have fixes in them. If you need a new one, you have to inform and update all administrators too.

Some features still use the legacy GUI, however, as far as I know, it is planned to include this in newer versions (R81+). 

Unfortunately, there is still not a rule checker in place where you can insert SRC/DST/Port and it shows you which rule it matches.

For how long have I used the solution?

I've used the solution for over 10 years.

What do I think about the scalability of the solution?

The solution can scale, depending on the VM environment.

How was the initial setup?

The installation process is quite easy.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer. We're a Check Point partner as well as a customer
PeerSpot user
Buyer's Guide
Check Point Security Management
July 2026
Learn what your peers think about Check Point Security Management. Get advice and tips from experienced pros sharing their opinions. Updated: July 2026.
903,147 professionals have used our research since 2012.
reviewer1668993 - PeerSpot reviewer
Presales engineer cybersecurity expert en ElevenPaths at Telefónica
Real User
Sep 16, 2021
Good blade functionality with easy integration capabilities and a unified management console
Pros and Cons
  • "The fact that everything starts from the same unified management console makes it very easy to integrate new equipment or functionalities once the operator has become familiar with it, as everything will follow similar management or operation mechanisms."
  • "Throughout my professional career I have operated, implemented, and designed solutions with Checkpoint's NGFW for clients of all kinds - public and private, small and large."
  • "In my experience, the place they can improve the most is in the technical support where I have had some serious problems that could not be solved in time due to a lack of knowledge of the assigned engineer."

What is our primary use case?

Throughout my professional career I have operated, implemented, and designed solutions with Checkpoint's NGFW for clients of all kinds - public and private, small and large.

For all scenarios, there is a suitable solution with this manufacturer. Its decades of experience make it one of the undisputed leaders in the industry.

In recent times, the platform has evolved significantly to meet the latest threats. I would recommend at least valuing it as an option whenever an opportunity arises to cover cybersecurity needs.

How has it helped my organization?

Having a central point to manage all its capabilities makes it much easier to react quickly and accurately to a threat, which is essential in this day and age where attacks can be lethal to our network if not dealt with quickly.

I have actively participated in the defense of very important customers who were able to overcome the challenge thanks to the great visibility that the console offered them. The other additional capabilities that we can integrate into the platform are also a very important added value.

What is most valuable?

One of the features that attract me the most is being able to activate different functionalities through its blades, having centralized point access to all of them, and being able to activate and deactivate them as needed.

In addition, the fact that everything starts from the same unified management console makes it very easy to integrate new equipment or functionalities once the operator has become familiar with it, as everything will follow similar management or operation mechanisms.

This is one of the aspects I value the most.

What needs improvement?

In my experience, the place they can improve the most is in the technical support where I have had some serious problems that could not be solved in time due to a lack of knowledge of the assigned engineer.

It would be a good policy to try to assign senior engineers when it has been verified that an incident is critical and urgent for a client and not to resort to less-experienced technicians that can put at risk the recovery of the attacked assets.

Apart from that, at the architectural level, it is a very competent and versatile solution.

For how long have I used the solution?

I've used the solution for more than 15 years.

What do I think about the stability of the solution?

Overall, it is a very mature and stable solution.

What do I think about the scalability of the solution?

With the arrival of Quantum Maestro, the platform's expansion capabilities have increased tremendously. Its new architecture is promising.

How are customer service and technical support?

In general, they work very well, however, it should be prioritized and they need to assign senior technicians when the issue has been verified that it is very critical for the customer.

Which solution did I use previously and why did I switch?

Due to working in an international MSSP, I have worked and continue to work with all manufacturers.

What about the implementation team?

We always try to do the implementation work with our own SOC of experts.

What was our ROI?

It depends a lot on each case and on the customer's needs and capabilities.

What's my experience with pricing, setup cost, and licensing?

It's not the cheapest solution, but one of the most advanced and competent.

Which other solutions did I evaluate?

We always evaluate alternatives and try to see what fits the client best. Fortinet, PaloAlto, Checkpoint, Cisco, et cetera.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
it_user1629138 - PeerSpot reviewer
Senior Infrastructure Service Specialist at a financial services firm with 10,001+ employees
User
Jul 19, 2021
Stable with good technical support and an intuitive interface
Pros and Cons
  • "The intuitive interface also allows new team members to adapt to the technology if they are not familiar with it initially. It doesn't take much for one to familiarize themselves with the product."
  • "Overall, the ROI is great; it is a solid and easy-to-use platform that adds a huge value that justifies every penny."
  • "Even though the platform is simple, and creating security policies is a fairly quick task, creating a bulk of policies at once (ie. for a migration) could be a useful tool. This is probably possible through scripting, however, having an easy-to-use "import CSV" button would be beneficial."
  • "Perhaps because I lack experience setting it up from scratch, the initial setup seemed quite complex."

What is our primary use case?

I work for one of the biggest Australian banks that rely on Check Point firewalls for security enforcement across several points in the infrastructure environment.

The Security Management platform is a key component for our operation, in that it enables efficient central management for configuration and security troubleshooting. This centralised component facilitates and adds value to our daily operations, creating a single place for configurations and a platform that can present security logs that are used for the troubleshooting of security issues.

How has it helped my organization?

Check Point Security Management improved the speed at which security access permissions are granted across our environment through its centralized and easy-to-use nature. The possibility of re-using objects across different policies and also having the drag and drop capabilities are great. 

Moreover, having one single platform managing multiple firewalls reduces the time (and cost) of the provisioning of infrastructure services. This boosts the productivity and efficiency of teams across the board.

What is most valuable?

The Check Point Security Management platform provides a central location for the management of domains and firewalls in the environment. The nature of the product brings valuable returns to the operation, increasing efficiency when configuring and troubleshooting.

The intuitive interface also allows new team members to adapt to the technology if they are not familiar with it initially. It doesn't take much for one to familiarize themselves with the product.

Another great feature is to have available logs in a central location, enabling the troubleshooting of security issues anywhere in the environment.

What needs improvement?

One possible improvement for the platform would be the import of security policies via CSV or CLI. Even though the platform is simple, and creating security policies is a fairly quick task, creating a bulk of policies at once (ie. for a migration) could be a useful tool. This is probably possible through scripting, however, having an easy-to-use "import CSV" button would be beneficial.

Another feature that could be improved is the export of configurations to CSV. This is often useful to map current firewall policies or NATs. I understand that this feature is available currently, but would CSV bring objects with names (but not IPs) and groups (but not the members). The improvement of this feature would surely be welcomed.

For how long have I used the solution?

I have been using Check Point Security Management for around 4 years.

What do I think about the stability of the solution?

The most recent software versions are very stable and trouble-free.

What do I think about the scalability of the solution?

We have a very good impression of it so far. The possibility of adding firewalls to the fleet and keep a central management point makes it simple to grow the operation.

How are customer service and technical support?

The experience with the Check Point Professional Services team, and TAC, couldn't be better. The team that works with my organization is extremely knowledgeable and is always willing to go the extra mile in order to find the best possible solution for any kind of goal we need to achieve. The TAC team is also always helpful and provides us with many valuable inputs in hard times. 

Which solution did I use previously and why did I switch?

I have used different solutions from other vendors, but not on the exact same places. The Check Point Security Management platform was mostly used alongside others.

How was the initial setup?

Perhaps because I lack experience setting it up from scratch, the initial setup seemed quite complex.

What about the implementation team?

We had a vendor team assist with the setup.

What was our ROI?

Overall, the ROI is great. It is a solid and easy-to-use platform that adds a huge value that justifies every penny.

What's my experience with pricing, setup cost, and licensing?

I most definitely recommend this platform when it comes to cost. The available list of add-ons creates great flexibility to the technology and is also easy on the budget - since you only pay for the features you use.

Which other solutions did I evaluate?

This is not applicable to my role.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
it_user1626507 - PeerSpot reviewer
Senior Infrastructure Services Specialist at St.George Bank Limited
User
Jul 17, 2021
Great for security monitoring with easy central management and good scalability
Pros and Cons
  • "It has a central management log server that helps us to easily identify faults and issues in the environment, especially during outages and incidents during the implementation of policy rules."
  • "The Check Point Security Management has improved the management of all our Security Check Point Gateway Firewalls across the bank."
  • "It would be great if the SmartView Monitor could become integrated into the SmartView Console Platform."
  • "As it stands, it will still open the old R77 SmartView monitor session, which is a bit flaky and slow."

What is our primary use case?

As part of the Bank's Network Security Infrastructure team, it is our responsibility to manage different security products and devices that lay the foundation of the Bank's Security Infrastructure Network. Part of that responsibility also includes the implementation and policy update requests arising from different business and support teams to make sure that application services comply with the security standards to protect all services of the bank and maintain the reliability of the services across an environment.

With a centralized Check Point Security Management solution, it makes it easier for our day-to-day operations to manage all Security Gateway Firewalls across the bank. 

How has it helped my organization?

The Check Point Security Management has improved the management of all our Security Check Point Gateway Firewalls across the bank. 

With Security Management we are able to simplify our response and support for all our security network devices, which, compared to other products that need to be managed individually, the Check Point solution is far better and less daunting. 

The Security Management also includes the management of logs far that are more efficient, as it provides all the needed information required to investigate and understand how the gateways are accepting or blocking traffic. 

What is most valuable?

The Main Domain Log Management Server is what I find to be the most valuable feature for the Security Management of our environment. With the Main Domain Log Management Server, support teams are able to check and verify the information required to determine if any traffic is getting blocked or denied due to specific policy rule implementation. It can even identify any traffic getting spoofed or any other related events on the gateways. It has a central management log server that helps us to easily identify faults and issues in the environment, especially during outages and incidents during the implementation of policy rules.

What needs improvement?

It would be great if the SmartView Monitor could become integrated into the SmartView Console Platform. As it stands, it will still open the old R77 SmartView monitor session, which is a bit flaky and slow. If the SmartView monitor could be integrated into the R80.40 and R81 versions, that would be great. It would help us in unpacking the trends and graphs and see how traffic is observed when hitting the different Check Point Firewall Gateways that the Security Management controls. It will help support teams to identify capacity limitations and have oversight into what's happening in the environment at any given point in time.

For how long have I used the solution?

I've been using the solution for one year.

What do I think about the stability of the solution?

The solution is very stable and manageable as there's a centralized management server that takes care of the rest of the Check Point Gateways across our infrastructure.

What do I think about the scalability of the solution?

The solution is very scalable since you can increase the number of gateways in your infrastructure and still manage them in just one centralized SmartView Console.

How are customer service and technical support?

The technical support team is very knowledgeable and supportive of all our issues and incidents in the bank. Their expertise and reliability are what bring the products of Check Point under complete lifecycle support, which aims to maintain our infrastructure reliability and stability.

Which solution did I use previously and why did I switch?

At the moment, we have a co-existing infrastructure with other security network devices, and we can definitely see the benefit of having the Check Point Security Management application in our infrastructure.

How was the initial setup?

The setup and operational management of Security Management is very easy. This helps us to train people quickly in terms of managing our bank infrastructure in order to maintain reliability and stability in the network.

What about the implementation team?

We have a professional service provider that implements the solution and he is very knowledgeable in terms of his expertise of the product. I would rate our professional service provider to be a 9 out of 10.

What's my experience with pricing, setup cost, and licensing?

I would advise others that it's definitely a great investment to have. It's great to have Security Management across your infrastructure. 

Which other solutions did I evaluate?

We have other options with other vendors such as Juniper, with their Security Director, and JSpace, but nothing can compare with how Check Point Security Management performs.

What other advice do I have?

If you have a manageable security infrastructure, the cost, pricing, or licensing will be far outweighed by the reliability and stability. It's great in terms of what a properly managed environment can bring.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
it_user1626507 - PeerSpot reviewer
Senior Infrastructure Services Specialist at St.George Bank Limited
User
Jul 17, 2021
Easy to set up with great support and good central management
Pros and Cons
  • "The solution is ideal for use and deployment in a large infrastructure environment."
  • "The Check Point Security Management has improved the management of all our Security Check Point Gateway Firewalls across the bank, simplifying our response and support for all our security network devices and proving far better and less daunting than products that need to be managed individually."
  • "If the SmartView monitor can be integrated in the R80.40 and R81 versions, that would be ideal in understanding the trends and graphs of how traffic is observed hitting the different Check Point Firewall Gateways that the Security Management controls."
  • "As it stands, performing a smart view monitor will still open the old R77 SmartView monitor session, which is a bit flaky and slow."

What is our primary use case?

As part of the Bank's Network Security Infrastructure team, it is our responsibility to manage different security products and devices that lay the foundation of the Bank's Security infrastructure network. Part of that responsibility also includes the implementation and policy update request arising from different business and support teams to make sure that application services comply with the security standards to protect all services of the bank and maintain reliability of the services across environment.

With a centralized Check Point Security Management solution, it makes it easier for our day-to-day operations to manage all Security Gateway Firewalls across the bank.

How has it helped my organization?

The Check Point Security Management has improved the management of all our Security Check Point Gateway Firewalls across the bank. 

With Security Management we are able to simplify our response and support for all our security network devices, which, compared to other products that need to be managed individually, the Check Point solution is far better and less daunting. 

The Security Management also includes the management of logs that is far more efficient, as it provides all the needed information required to investigate and understand how the gateways are accepting or blocking traffic from the gateways.

What is most valuable?

The Main Domain Log Management Server is what I find to be the most valuable feature for the Security Management of our environment. 

With the Main Domain Log Management Server, support teams are able to check and verify the information required in order to determine if any traffic is getting blocked or denied due to specific policy rule implementation, or even identify any traffic getting spoof or any other related events on the gateways. 

It has a central management log server that helps us to easily identify faults and issues in the environment, especially during outages and incidents during the implementation of policy rules.

What needs improvement?

It would be great if the SmartView Monitor could become integrated into the SmartView Console Platform. As it stands, performing a smart view monitor will still open the old R77 SmartView monitor session, which is a bit flaky and slow. If the SmartView monitor can be integrated in the R80.40 and R81 versions, that would be ideal in understanding the trends and graphs of how traffic is observed hitting the different Check Point Firewall Gateways that the Security Management controls. It will also help support teams to identify capacity limitations and have a foresight of what's happening in the environment at any given point in time.

For how long have I used the solution?

I've been using the solution for 4 Years.

What do I think about the stability of the solution?

The solution is ideal for use and deployment in a large infrastructure environment.

What do I think about the scalability of the solution?

The solution is very efficient. You can add more gateways in the environment and manage on the same management server as it has a centralized design.

How are customer service and technical support?

We have diamond support and they are very helpful and detailed during explanations for any issues we are facing. The diamond support that we get definitely provides full life cycle support. It brings reliability to the product when you have great support from Check Point.

Which solution did I use previously and why did I switch?

At the moment, we have a co-existing infrastructure with other security network devices, and we can definitely see the benefit of having the Check Point Security Management application in our infrastructure.

How was the initial setup?

The setup was straightforward as the SmartConsole associated with the Security Management is GUI-friendly and anyone can easily access and manage it.

What about the implementation team?

One of the Professional Service members we work with is very attentive to detail and ready to support our team during difficult times - including the implementation and consultation of the Check Point Products. The professional service on offer is really great as you do not often get someone from a vendor that knows the inside and out of the product dedicated to your own infrastructure.

What's my experience with pricing, setup cost, and licensing?

I would advise others that it's definitely a great investment to have Security Management across your infrastructure.

Which other solutions did I evaluate?

We have other options with other vendors such as Juniper, with their Security Director, and JSpace, but nothing can compare with how the Check Point Security Management performs.

What other advice do I have?

If you have a manageable security infrastructure, the cost, pricing, or licensing will be far outweighed by the reliability and stability of how a properly managed environment is.

Which deployment model are you using for this solution?

On-premises

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
PeerSpot user
Network Security Engineer/Architect at a tech services company with 1,001-5,000 employees
Real User
Top 20
Oct 7, 2020
Helps our security team create policies in a centralized way
Pros and Cons
  • "The features we like and find the most valuable are the ways we can manage the policy, create objects, and drag and drop objects in our daily operation. It makes our daily operation on the firewall management much easier than going, for example, to one firewall, then going to the other."
  • "It's by far the best product we have to manage firewalls."
  • "The migration from R77 Manager to R80 is a major upgrade. It's not very easy to do. There should be some kind of Wizard for a direct upgrade from the R77 to the R80. There should be an easy way for the customers to do the upgrade."

What is our primary use case?

Our primary use case is to have a centralized server to manage all of our Check Point firewalls, which are around 30 clusters of firewalls. We also use it to have a place where we can see, call, and centralize the logs.

How has it helped my organization?

Every day we have new projects and new applications that need to be delivered. We need to open flows on the firewall from one point to the other. Check Point helps our security team to create the policies in a centralized way, where we can even copy policies from one firewall to the other.

It saves us a lot of time, and it's very easy to use. We can clone objects and drag and drop. It's much easier than a few years ago where we used to have Cisco firewalls and we needed to do it on the command line. Check Point is much easier. We can very quickly place trainees to work in policy creation.

What is most valuable?

The features we like and find the most valuable are the ways we can manage the policy, create objects, and drag and drop objects in our daily operation. It makes our daily operation on the firewall management much easier than going, for example, to one firewall, then going to the other. We have a centralized point of managing the firewall in terms of firewall policy and in terms of threat prevention policy where we can easily review the antivirus policy. It has a good description of which protection we are applying to the IPS on the antivirus. It's very clear and easy to use.

The SmartConsole chooses which application communicates with the manager and allows us to create the policies and also look at the log of the traffic that is crossing all the firewalls. We can manage and also see the logs of what is happening on the firewalls.

What needs improvement?

I would like for Check Point to add some features like the Smart Monitor on the R77 that are available on the SmartConsole of the R80. Now, we need to open a different application to have access to it. There are some applications that worked in the past but were not too integrated with a new application that communicates with the manager. There are some applications that should be integrated into the SmartConsole. I don't know if they will be, but everything should be on the SmartConsole and we shouldn't need to open another application.

The migration from R77 Manager to R80 is a major upgrade. It's not very easy to do. There should be some kind of Wizard for a direct upgrade from the R77 to the R80. There should be an easy way for the customers to do the upgrade.

For how long have I used the solution?

We have been using Check Point Security Management for three years. 

What do I think about the stability of the solution?

It has been very stable. We don't have many complaints about stability. Once every three months or so, there are some processes on the management server that we get stuck on and we need to restart the services. After we restart, we get back to normal.

What do I think about the scalability of the solution?

It's very scalable for our use case. We have two security managers. We have one primary and one backup to manage all of our firewall infrastructure, and we have no problem with it. We always have a new firewall. 

There are around eight people who work with this solution in my company. They're network engineers. 

My colleague and I are responsible for the maintenance. 

We have a 100% adoption rate for all of the Check Point Firewalls. We all use this manager to manage the Check Point infrastructure.

How are customer service and technical support?

We don't have any issues with support. The support is very good, especially if you work with the Israel group, but on this specific product, as this is a core product of Check Point, I would say all of the groups work fairly well.

Which solution did I use previously and why did I switch?

We also have experience with Fortinet but it's like comparing apples to oranges. 

How was the initial setup?

The initial migration from R77 to the R80 was a bit complex. We had the help of a third-party company for the migration phase. We needed to export from the old manager and import it to the new one. There were some modifications we needed to do. It's not very straightforward. They had more experience in those kinds of migrations. 

We have already done some upgrades and they are very easy and straightforward. For this migration, we needed to prepare the servers side by side to the old one, and we needed to do the initial configuration. It took like at least one week to prepare and to migrate it that way.

What was our ROI?

We do see ROI because we save a lot of time and we can have new team members working with the firewall very quickly. We save at least eight hours a week.

What's my experience with pricing, setup cost, and licensing?

The pricing is in line with its competition, like Fortinet. 

Sometimes applying licensing in products gets a bit messy. We will apply for a license on the manager, specifically for the firewall, but you still see the firewall complaining it doesn't have any rights. In this case, we need vendor support to fix this kind of situation.

We need to devise whether we need to have remote sessions with regard to why the firewall is complaining. There must be some kind of protection for the people not to flip licenses that they shouldn't. Sometimes when you buy a new firewall, the licensing is not straightforward to apply. After we fix it, we never have issues again.

What other advice do I have?

This solution is overall our favorite Check Point product. It's a product that you need to have if you have a Check Point Firewall. If you have a Check Point Firewall, you need to have to Check Point Security Management. You cannot manage the firewalls directly, you need to have the manager.

I think it's the best product Check Point has and is the one that makes the difference. When you compare it to, for example, Fortinet, which has a manager that is web-based, it's not as easy to use and easy to drag and drop objects. The way to see the logs is not as good. It works better than web-based FortiManager, for example.

Palo Alto is also web-based, but me and my team, all of us prefer the SmartConsole over the way we have to manage FortiGate. It's very easy to search for rules on the policy, Check Point is much easier than the competition.

The competitors work well but Check Point works better.

If you refresh the page, you will lose what you did. Even the screen resolution is dependent on the browser. Drag and drop is not as good as with Check Point. It's by far the best product we have to manage firewalls. I think the thing that makes the difference on the other Check Point firewalls.

My advice would be to try the SmartConsole before deciding if you want to go ahead with buying Check Point Firewalls and the manager. You can install the application in any Windows, computer, or Windows server and try the SmartConsole in demo mode.

I would rate Check Point Security Management a nine out of ten. 

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
PeerSpot user
Network Engineer at LTTS
Real User
Top 20
Sep 17, 2020
Ability to configure multiple gateways in a single screen, and ID-mapped access makes maintenance easy
Pros and Cons
  • "The most valuable feature for me is Identity Awareness."
  • "I would like to bind users to their network, as well as their local office machine."
  • "This solution is stable, although there is some room for improvement."

What is our primary use case?

We are using this product on a daily basis for creating policies, managing gateways, and managing licenses. Currently, our Check Point Management Server version is R80.40.

Our current use case with R80.40 is Geo policy. We have applied Geo policies to block traffic from some malicious countries such as China, but over the past few weeks, we observed suspicious activity in our logs. There are some IPs showing as Singapore-based addresses, but when we checked in details, they are showing up as IPs from China. Due to that, the traffic is being dropped as per our configuration.

How has it helped my organization?

We have configured multiple gateways in a single dashboard. Currently, we have four gateways that are all clustered on our Security management server. We are easily managing all of the location gateways, so it is very easy for us and helpful to create the same rules, groups, or objects. We have to create only a single object and we add that onto a rule, which is the best way for us to manage.

We are also managing all device (gateway) logs on a single dashboard, which is very helpful for us.

What is most valuable?

The most valuable feature for me is Identity Awareness.

Earlier, we were creating policies with a machine IP-based policy. Whenever a user's machine was changed we had to manually change that machine IP to streamline the user access without their work being interrupted. That was a very hard task for me but now, with this identity awareness blade, we are creating users with their user ID.

If any user changes desk location or something else, we map the user ID-based access. It is a one-time activity and we are very happy with it.

What needs improvement?

Currently we have option to create rule with Access Role, but it is also asking network as well, so my suggestion if we mapped user and machine both then the network should be not compulsory. 

This will reduce our effort to creating rules.

Above is only my suggestion for access role rule type

For how long have I used the solution?

We have been using Check Point Security Management for the last five years.

What do I think about the stability of the solution?

This solution is stable, although there is some room for improvement.

What do I think about the scalability of the solution?

We have to perform each task in a different environment before publishing new features.

Which solution did I use previously and why did I switch?

We did not use another solution prior to this one.

What was our ROI?

If you have Check Point in your perimeter,  the security management server will reduce your incidents by 30%.

Which other solutions did I evaluate?

We did not evaluate other options.

What other advice do I have?

Overall, this is a very good solution.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Oleg P. - PeerSpot reviewer
Senior Network and Security Engineer at a computer software company with 201-500 employees
Real User
Jul 26, 2020
Everything is configured in one place in the unified SmartConsole, which helps me save working time
Pros and Cons
  • "As the security administrator, who is responsible for the day-to-day tasks (e.g. creating new firewall rules, monitoring the security alerts and incidents etc.) and the maintenance (e.g. installing the new Jumbo Hotfixes), I find the Check Point Security Management R80.10 to be the great solution."
  • "I like that the Compliance software blade is available for free with the Security Management server purchase, but it is free for only one year - after that you have to buy an additional license to continue using it. I think such an important feature is vital for the management server, and should not be licensed separately."

What is our primary use case?

Our company works in developing and delivering online gambling platforms. The Check Point Gateways are the core security solution we use to protect our DataCenter environment located in Asia (Taiwan). The environment has about ~50 physical servers as virtualization hosts, and we have two Check Point HA Clusters consist of 2x5400 hardware appliances, managed by an OpenServer Security Management server on a Virtual Machine (KVM), all running on R80.10 with the latest Jumbo Hotfix Accumulators installed (Take 275). The Security Management server has the following blades activated - Network Policy Management, Logging & Status, User Directory, Compliance, SmartEvent Server, Provisioning.

How has it helped my organization?

The overall security of the environment has been greatly improved by the Check Point solution. Before implementing that, we have to rely on the Cisco ACLs and Zone-Based firewall that we had configured on the switches and routers, which in fact was just a simple stateful firewall, and all the devices had to be managed locally via SSH. Now, with the Check Point Security Management server in place, we have a central endpoint to manage all the security aspects for the environment - the SmartConsole. That helped to decrease the management overhead, as well as to improve the usability and feasibility of the security.

What is most valuable?

As the security administrator, who is responsible for the day-to-day tasks (e.g. creating new firewall rules, monitoring the security alerts and incidents etc.) and the maintenance (e.g. installing the new Jumbo Hotfixes), I find the Check Point Security Management R80.10 to be the great solution. 

Now everything is configured in one place - the unified SmartConsole, which helps me in saving the working time and not jumping from one console or dashboard to another constantly. The interface is cozy and modern. I especially like built-in searching capabilities - you may not just find the objects, but also see where exactly it is used across the whole security policy. Also, now the latest logs may be seen in the security policy as well, per matched rule. 

What needs improvement?

I like that the Compliance software blade is available for free with the Security Management server purchase, but it is free for only one year - after that, you have to buy an additional license to continue using it. I think such an important feature is vital for the management server, and should not be licensed separately. 

Also, the SmartConsole application used for management is currently available only for Microsoft Windows OSes. I think many administrators use macOS and Linux, so it would be nice to have native apps for these platforms as well.

For how long have I used the solution?

My current company has been using the Check Point Security Management for about three years, starting late 2017.

What do I think about the stability of the solution?

The Check Point Security Management server version R80.10 we use is stable and mature solution.

What do I think about the scalability of the solution?

One virtual machine we use for the Security Management is enough for managing 2 clusters, and there is a huge "space" if we decide to scale the DataCenter up.

How are customer service and technical support?

We have had several support cases opened with the Check Point, but none of them was connected with the Security Management. In. general, I think some cases took to long to be resolved by the Check Point support team - up to one month.

Which solution did I use previously and why did I switch?

We used local ACLs and Zone-Based firewall on Cisco switches and routers, that's incompatible with the centralized management solution like Check Point Security Management.

How was the initial setup?

The setup was straightforward, and the configuration part was easy and understandable - we didn't use any consulting services for that.

What about the implementation team?

The solution has been implemented by in-house team, since we have the Check Point Certified engineer among the technical team.

What's my experience with pricing, setup cost, and licensing?

The Check Point solutions in general are not cheap, so your company should have a dedicated budget for security.

Which other solutions did I evaluate?

We didn't evaluate other vendors.

What other advice do I have?

There's a demo of the Security Management available for free - just download and install the SmartConsole application, and you could see the interface and most of the features available.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Richard Lachira - PeerSpot reviewer
Consultant, Reseller and IT Infrastructure Projects at Elytelec
Real User
Oct 6, 2023
Enhanced security with centralized control for threat prevention
Pros and Cons
  • "It has brought significant improvements, including features like spam and anti-spam measures, intrusion prevention (IPS), and advanced filtering."
  • "They could offer educational courses to help individuals improve their knowledge and skills."

What is our primary use case?

Check Point plays a crucial role in enhancing our security firewall solution in our company. It has brought significant improvements, including features like spam and anti-spam measures, intrusion prevention (IPS), and advanced filtering.

What is most valuable?

The most valuable feature for me is the firewall. Whether it's five stars or even higher, the analytics reports it provides are truly impressive. They offer valuable Key Performance Indicators (KPIs) that shed light on various situations and different logs.

What needs improvement?

They could offer educational courses to help individuals improve their knowledge and skills.

For how long have I used the solution?

I have been working with it for two years now.

What do I think about the stability of the solution?

It provides good stability features. I would rate it eight out of ten.

What do I think about the scalability of the solution?

I would rate its scalability capabilities nine out of ten.

Which solution did I use previously and why did I switch?

In my previous company, I had experience using Fortinet and Palo Alto.

How was the initial setup?

I find that the setup process is somewhat distinct from other solutions. I believe that having some guidance from the website or tutorials would make it easier.

What other advice do I have?

I strongly recommend this solution because it's a highly effective and reliable choice. I would rate it nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Buyer's Guide
Download our free Check Point Security Management Report and get advice and tips from experienced pros sharing their opinions.
Updated: July 2026
Buyer's Guide
Download our free Check Point Security Management Report and get advice and tips from experienced pros sharing their opinions.