Check Point Security Management Reviews

We use the solution for ensuring the on-premise and cloud-based infrastructure through the Check Point gateway solution. We're applying the solution to the endpoint and running all threat prevention technologies simultaneously, including full SSL traffic inspection, without compromising on security or performance. 

As compared to the other vendors like CISCO ASA, Juniper, and other vendors it's nice to see maximum futures in the single firewall. The site and remote VPN deployment are very easy and troubleshooting the issues is also very easy.

The cluster solution made our job easier any fault to the device will not halt entire internet connectivity. In that case of the performance, we have zero-downtime upgrades and VPN solution deployments.

Check Point Software Technologies (Check Point for short) is a company operating exclusively in the field of Information Security and covering four main areas:

1. Network Security on the perimeter and inside Data Centers.
2. Cloud Security: Public, Private, and Hybrid.
3. Endpoint Security for both Windows and Macs.
4. Mobile Security for Android and iOS devices.

The solution offers ClusterXL, Secure XL, and Core XL.

When working with it, you will encounter three main components: Security gateway, security management server, and Smart Console. 

Customer support is very good and they have depth knowledge on the particular technology which helps us in fixing the problems ASAP. 

Remote and site-site VPNs we can easily deployable and maintenance  upgrade of the tunnel parameters becomes very easy as this is having the simple smart console access to the gateways. 

Also the multi-domain smart dashboard is another capability to manage multiple firewall through the single console.

The application filtering and URL filtering could be better.

They need to improve on this kind of technology as the Palo alto is ahead of the application-based and zero-trust-based approach also the cloud-based application control also user identification through the LDAP and other user directory settings to provide the proper solution.

Check Point has a complex range of reporting tools, some of which can take time to learn and be comfortable with. 

It is advised to make the processes simpler.

Need to have simple scripting and automation methodology to automate the networking operations.

I've used the solution for more than six years.

It's stable.

It's a good product that's scalable.

Technical support is nice.

Positive

I used Cisco ASA. Large-scale deployment and integration are very difficult in Cisco ASA.

The solution is straightforward.

We implemented it with the help of a vendor.

The ROI is good

I did evaluate ASA, Palo Alto, and Firepower solutions.

I mainly use this solution for endpoint security, to capture data with a secure approach.

Our data is the most important thing, therefore, it's essential that it be secured. Checkpoint has been very effective in terms of threat management and comprehensive protection against vulnerabilities, and it has given us confidence that our data is not going anywhere. 

The tracking of new threats could be improved.

I've been working with this solution for a couple of years.

Check Point's stability is good.

My experience with technical support has been good.

The initial setup is straightforward.

The return on investment is that our data is safe, Check Point offer upgrades, and we get the best possible cost-effective price.

I looked at Sophos, but Check Point's security coverage is better.

I would definitely recommend this solution to anybody thinking of implementing it. I would give it a rating of nine out of ten.

This solution is used to control OPC's. You are also able to generate reports with it.

Our organization is now able to easily see if our computers are running smoothly or not.

This solution is easy to install and deploy. It is also user-friendly.

I would like for users to have more control over the platform in the next release. Right now, the system is very central and general requiring new rules to be created that better-suite our requirements.

I have been using this solution since 1993.

This is a stable solution.

This is a scalable solution, we currently have three to four hundred users.

We hardly contact Check Point support thanks to help from our partner. However, if there is an issue neither of us can resolve, we open a case with Check Point and they are able to resolve the issue quickly.

We were using Symantec for its antivirus and backup capabilities, but now that Check Point offers antivirus, we are only using Symantec for backups. And Check Point is one fourth of the price!

The initial setup was not complex. There was still a bit to learn with the program, but it was not complex. Initial installation took about a day and a half and it took one week for deployment in total after running some tasks.

We had support from a Check Point partner perform the initial setup. We now have four members of our technical group maintaining the solution.

Check Point is much cheaper than the competition ($4/server as compared to $17/server).

I would rate this solution an eight out of ten (nine for its antivirus capabilities).

We use this solution to manage and configure all of our firewalls distributed across multiple remote locations. We can do it with a single interface where policies are created, managed, and distributed across all locations.

Check Point Security Management has improved our organization because all corporate firewalls can be managed with a single interface. Many objects are common in the policies of the various sites, thus saving time when it is necessary to create or modify access policies.

Check Point Security Management has a beautiful interface for viewing logs and access reports. You can create many filters and run queries from a modern graphical interface without resorting to shell commands.

The graphical interface is nice but it is a bit heavy. Even installing the policies is often a very slow activity. Sometimes it happens that the rules are scattered in several points such as global properties, security policy, and/or application policy and it is difficult to find the point where to intervene

I've been using Check Pont for 15 years.

We use it for both perimeter and internal defense.

It is good when it comes to access control, which is the basic feature that we use in a firewall appliance or solution. Check Point is effective when it comes to security control and threat prevention.

Support is the main area that they need to improve. Our support experience is not very smooth. We are based in Africa, and we don't know whether it is because of our region.

I would like a feature where there is a workflow to provide authorization to some users before they're able to create and apply rules. Such a feature should be integrated with the management. It should not be in the box that comes with it.

I have been working on the protection network since 2014. It has been around seven years.

So far, it has been stable, but stability also depends on your design and deployment. You might have a performance issue, especially when you have to deal with a lot of traffic. You also need to factor in maintenance in terms of the upgrades, patches, and hotfixes that you need to do regularly. When you're able to do that and take care of the maintenance, you'll have stability.

Scalability depends on your design. You have to properly scope your environment to know the amount of traffic that is expected to go through, pass, or transmit through the firewall. After you have a proper scope, you won't have any problems. Otherwise, you'll definitely be experiencing issues.

Our support experience is not very smooth. We are based in Africa, and we don't know whether it is because of our region.

As compared to other security and firewall solutions, its deployment is not that easy. The deployment duration depends on your project plan. It also depends on whether you are working just on the deployment, and there are no distractions.

In terms of those who manage the rules and administer the system, we have about ten people. They are administrators, and they create rules, manage the system, and provide support.

I wasn't a part of the team that did the evaluation.

I would advise others to properly apply good design concepts by engaging professionals. They should properly scope their environment to ensure that they are deploying the solution to optimized standards. They should also ensure that they train their personnel to be able to handle the first level and even second level support when it comes to the management of Check Point.

I would rate Check Point Security Management a seven out of ten considering the skills that are required and the ease of use and management.

We have a Check Point firewall to secure our perimeter as well as on the internal network. We also have our Security Management server on VM. Both perimeter & internal sets are managed via the same Security Management system.

Two separate packages are created for both perimeter & internal sets.

We are also managing a SandBlast device via Security Management.

Even though all of the work is performed by the gateway, Security Management plays a vital role in a three-tier architecture. Here, our primary use case is to push security policies & manage logs.

Check Point Security Management is one-stop for all operation-related activity on the Check Point Security Gateway (firewalls).

We have completed one-time implementation configurations, like clustering, using this tool.

Check Point has a very sophisticated log monitor, where troubleshooting is very simple. We just have to put the desired filter, and Check Point generates the reports that help us to understand the overall picture in our network.

We have created multiple users, and they each have a smart dashboard install on their machine.

The Check Point Management server is isolated from security gateways, which means that in case there is an issue, we have our configuration ready and we can directly replace the device and push the configuration. Logs are collected at the management server, hence we can preserve those as well. 

We can keep on adding new devices that can all be managed from a single security management server.

After the upgrade to R80, we have a single interface for all activities. Previously, we needed to configure using different applications.   

It is very difficult to recover policies from the gateway in case if you lose your security management server, and don't have a backup.

The backup functionality (Migrate export command), which covers policies, can not be operated from the GUI. Instead, we have to log into the CLI and generate a file then take it out. For those not familiar with the Command Line interface, there should be an option in the GUI for operating backups. There should also be an option to automatically schedule the backup. 

The smart dashboard is a very heavy application. If we could directly connect & manage firewalls from the Management server itself then it would make it very easy.

I have been working with Check Point Security Management for more than three years.

The stability needs to be improved.

Scalability-wise, it is very good, as it was deployed on VM.

TAC is very supportive but we face many issues with this product.

Previously, we had only firewalls & not a management device. 

The initial setup is not very complex & can be done easily.

We are the ones who implemented it.

This product can be used for 25 security gateways on a basic license. I think that this is good value for the money.

We wanted to implement Check Point and hence, we did not evaluate others.

We use it for the firewall and the filtration. The accounts are put on a server and even the SmartConsole is installed on a server environment.

In terms of most valuable features, I love the URL filtering as well as the identification capabilities which link with the Active Directory and work for me even with bandwidth regulation. These allow me to select to whom to do what, and when.

As for improvement, again, the bandwidth regulation is an issue - it is not up to my expectations. If they could improve that it would be good.

In future releases I'd like to see better integration with other applications and solutions.

Also, the cost of the license is too high, it's too expensive.

I have been using Check Point Security Management for the last five or six years.

I used to contact customer service, but nowadays, I'm authorized to handle that. We have our own internal team in the company to maintain this solution on our own. I know a few people at Check Point so we work together.

Yes, we were using Dell SonicWall.

In terms of initial setup, at the beginning when I was not an expert, it was difficult but now that I'm an expert it is no longer difficult at all.

I don't know how long the setup was the first time since it was done by a client. But nowadays, because I'm an expert, it doesn't take long. It takes about an hour or two and I've done everything.

On a scale of one to ten, I'd give Check Point Security Management a nine because it is not yet available in our country.

We primarily use the solution based on the results that are provided. We've tried others previously and they didn't give us the results we receive on this particular product.

The additional features offered by the solution are excellent. We didn't have a lot of these on a previous solution, and they've proven to be an advantage for us.

Based on my personal use of the system, the interface is quite good.

It depends on the user, but all of the checkpoints need improvement. The only place I need a bit of an update, for example, is in the endpoint management. There are some policies that are embedded that you have to examine if you have sensitive users. 

For some applications, the default acts as a manager. However, in a system with a history of being breached or where users are given access based on their job function, we seem to have issues particularly there.

The reporting should be improved in future releases. It needs to be very explicit. This is very important.

I've been using the solution for about a year.

Over the past nine or ten months that we've been using the solution we've found it to be very stable. We haven't had any issues at all. Since we have a monetary drive to enforce stability, when we see a flagged issue we will address it immediately.

The scalability of the solution is excellent. We haven't faced any negative aspects when trying to scale up.

The technical support of the solution has been very good. They are much better than what I previously had. I find that we get attention within 24 hours if we flag something. We are purchasing the support so it may be the reason we get such a quick and helpful response.

We did previously use a different solution. They didn't have support locally in my country and this was difficult for us. Everything was done via mail or phone and it was not helpful. With this solution, if the situation cannot be remotely addressed within 48 hours, they will come to my office in person and attend to me. It's much better.

The initial setup is very straightforward. Deployment takes about three working days. In our case, we had to import policies from SonicWall but not on the same platform, so we had some little challenges like that, however, overall it was quite straightforward.

We have an in-house team that handles maintenance.

We had an integrator that assisted us with the implementation of the product. We use them for support as well.

We're still in the testing phase in terms of using the solution. Soon, it will be one year since we have fully deployed it. So far, it's been very good. I would rate it eight out of ten.