Coming October 25: PeerSpot Awards will be announced! Learn more

Check Point Security Management OverviewUNIXBusinessApplication

Check Point Security Management is #5 ranked solution in Log Management Software. PeerSpot users give Check Point Security Management an average rating of 9.0 out of 10. Check Point Security Management is most commonly compared to Fortinet FortiAnalyzer: Check Point Security Management vs Fortinet FortiAnalyzer. Check Point Security Management is popular among the large enterprise segment, accounting for 53% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a comms service provider, accounting for 21% of all views.
Check Point Security Management Buyer's Guide

Download the Check Point Security Management Buyer's Guide including reviews and more. Updated: September 2022

What is Check Point Security Management?

Check Point Security Management is an advanced security management platform for enterprises. The platform integrates all aspects of security. A single platform manages the entire infrastructure, from data centers to private/public cloud deployments.

Check Point Security Management is a reliable and easy-to-use security platform. It integrates all aspects of your security environment to strengthen the security posture without impairing productivity. The system has a layered policy model. This means the security policy can be separated into layers for network segmentation. Different administrators can manage different policies. The policy layer automates the tasks.

The platform is extensible, scalable, and integrates easily with orchestration systems and change management.

Basic Components of the Infrastructure

  1. Smart Console: The Check Point Graphical User Interface for connecting and managing Security Management Servers. The smart console provides an integrated solution via the following features:


  • Security policy management
  • System health monitoring
  • Multi-domain management


The smart console offers several advantages. Changes in security policies and logs can be done with a click. You can navigate from an item within a log to the policy. There are also built-in multi-language support and accessibility features.

1. Security Management Server: The server manages security gateways with set security policies and monitors security events on the network.

    The automation server is an integrated part of the management server. The API server is active by default on servers with 4 GB of RAM or more and on standalone servers with 8 or more GB of RAM.

    The automation server communicates with the management server the same way as the Smart Console. This architecture allows the same validation errors and warnings to be presented when using an automation session.

    The same audit logs generated using the Smart Console are also generated using an automation session. If you have a multi-domain environment, there is only one automation server that monitors all the IP addresses of the multi-domain management server.

    2. Security Gateway is placed at the edge of the network. It monitors and filters traffic and enforces security policies.

      Logging, Event management, and Monitoring

      With Check Point Security Management, logging, reporting, event management, and monitoring are integrated. The platform features widgets and chart templates that optimize visibility. One of the best features is the one-click exploration. This simplifies going from a general overview to specific event details.

      Benefits of Check Point Security Management

      • The platform keeps pace with dynamic network changes
      • Helps align security with business goals
      • Helps with threat prevention.
      • Reduces operational costs

      The unified console also means a single policy for users, data, applications, and networks. The granularity control helps accelerate administration processes. This feature, together with automation, is key to achieving reduced operational overhead. Security teams can automate tasks and even create self-service security web portals with the Check Point Security Management platform.

      Threat management is fully integrated, with reporting, logging, and monitoring all in one dashboard. This provides full visibility into the security of the network.

      Security Management Suite

      The Security Management Suite consists of the following modules:

      • Policy Management: Includes central management of different security policies across multiple domains and browser-based security management.
      • Operations Management: Includes compliance, provisioning, workflow automation, and user directory centralization.
      • Threat Management: Includes centralizing security event correlation for enforcement points. Centrally monitors Check Point devices.

      Reviews from Real Users

      A Network Security Engineer/Architect at a tech services company says, "The features we like and find the most valuable are the ways we can manage the policy, create objects, and drag and drop objects in our daily operation. It makes our daily operation on the firewall management much easier than going, for example, to one firewall, then going to the other."

      "The management API is the best new feature for me. It allows us to further automate our customers' automated server ordering," says a System Engineer Network & Security at OTTO GmbH & Co KG.

      A Senior Infrastructure Services Specialist at St.George Bank Limited adds that "The solution is ideal for use and deployment in a large infrastructure environment."





      Check Point Security Management was previously known as R80.10, R80, R77.30, R77, Check Point R80.10 Security Management, R80 Security Management.

      Check Point Security Management Customers

      Hedgetec, Geiger

      Check Point Security Management Video

      Archived Check Point Security Management Reviews (more than two years old)

      Filter by:
      Filter Reviews
      Industry
      Loading...
      Filter Unavailable
      Company Size
      Loading...
      Filter Unavailable
      Job Level
      Loading...
      Filter Unavailable
      Rating
      Loading...
      Filter Unavailable
      Considered
      Loading...
      Filter Unavailable
      Order by:
      Loading...
      • Date
      • Highest Rating
      • Lowest Rating
      • Review Length
      Search:
      Showingreviews based on the current filters. Reset all filters
      Kirtikumar Patel - PeerSpot reviewer
      Network Engineer at LTTS
      Real User
      Top 5Leaderboard
      Ability to configure multiple gateways in a single screen, and ID-mapped access makes maintenance easy
      Pros and Cons
      • "The most valuable feature for me is Identity Awareness."
      • "I would like to bind users to their network, as well as their local office machine."

      What is our primary use case?

      We are using this product on a daily basis for creating policies, managing gateways, and managing licenses. Currently, our Check Point Management Server version is R80.40.

      Our current use case with R80.40 is Geo policy. We have applied Geo policies to block traffic from some malicious countries such as China, but over the past few weeks, we observed suspicious activity in our logs. There are some IPs showing as Singapore-based addresses, but when we checked in details, they are showing up as IPs from China. Due to that, the traffic is being dropped as per our configuration.

      How has it helped my organization?

      We have configured multiple gateways in a single dashboard. Currently, we have four gateways that are all clustered on our Security management server. We are easily managing all of the location gateways, so it is very easy for us and helpful to create the same rules, groups, or objects. We have to create only a single object and we add that onto a rule, which is the best way for us to manage.

      We are also managing all device (gateway) logs on a single dashboard, which is very helpful for us.

      What is most valuable?

      The most valuable feature for me is Identity Awareness.

      Earlier, we were creating policies with a machine IP-based policy. Whenever a user's machine was changed we had to manually change that machine IP to streamline the user access without their work being interrupted. That was a very hard task for me but now, with this identity awareness blade, we are creating users with their user ID.

      If any user changes desk location or something else, we map the user ID-based access. It is a one-time activity and we are very happy with it.

      What needs improvement?

      Currently we have option to create rule with Access Role, but it is also asking network as well, so my suggestion if we mapped user and machine both then the network should be not compulsory. 

      This will reduce our effort to creating rules.

      Above is only my suggestion for access role rule type

      Buyer's Guide
      Check Point Security Management
      September 2022
      Learn what your peers think about Check Point Security Management. Get advice and tips from experienced pros sharing their opinions. Updated: September 2022.
      634,325 professionals have used our research since 2012.

      For how long have I used the solution?

      We have been using Check Point Security Management for the last five years.

      What do I think about the stability of the solution?

      This solution is stable, although there is some room for improvement.

      What do I think about the scalability of the solution?

      We have to perform each task in a different environment before publishing new features.

      Which solution did I use previously and why did I switch?

      We did not use another solution prior to this one.

      What was our ROI?

      If you have Check Point in your perimeter,  the security management server will reduce your incidents by 30%.

      Which other solutions did I evaluate?

      We did not evaluate other options.

      What other advice do I have?

      Overall, this is a very good solution.

      Which deployment model are you using for this solution?

      On-premises
      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      PeerSpot user
      Oleg P. - PeerSpot reviewer
      Senior Network and Security Engineer at a computer software company with 201-500 employees
      Real User
      Everything is configured in one place in the unified SmartConsole, which helps me save working time
      Pros and Cons
      • "As the security administrator, who is responsible for the day-to-day tasks (e.g. creating new firewall rules, monitoring the security alerts and incidents etc.) and the maintenance (e.g. installing the new Jumbo Hotfixes), I find the Check Point Security Management R80.10 to be the great solution."
      • "I like that the Compliance software blade is available for free with the Security Management server purchase, but it is free for only one year - after that you have to buy an additional license to continue using it. I think such an important feature is vital for the management server, and should not be licensed separately."

      What is our primary use case?

      Our company works in developing and delivering online gambling platforms. The Check Point Gateways are the core security solution we use to protect our DataCenter environment located in Asia (Taiwan). The environment has about ~50 physical servers as virtualization hosts, and we have two Check Point HA Clusters consist of 2x5400 hardware appliances, managed by an OpenServer Security Management server on a Virtual Machine (KVM), all running on R80.10 with the latest Jumbo Hotfix Accumulators installed (Take 275). The Security Management server has the following blades activated - Network Policy Management, Logging & Status, User Directory, Compliance, SmartEvent Server, Provisioning.

      How has it helped my organization?

      The overall security of the environment has been greatly improved by the Check Point solution. Before implementing that, we have to rely on the Cisco ACLs and Zone-Based firewall that we had configured on the switches and routers, which in fact was just a simple stateful firewall, and all the devices had to be managed locally via SSH. Now, with the Check Point Security Management server in place, we have a central endpoint to manage all the security aspects for the environment - the SmartConsole. That helped to decrease the management overhead, as well as to improve the usability and feasibility of the security.

      What is most valuable?

      As the security administrator, who is responsible for the day-to-day tasks (e.g. creating new firewall rules, monitoring the security alerts and incidents etc.) and the maintenance (e.g. installing the new Jumbo Hotfixes), I find the Check Point Security Management R80.10 to be the great solution. 

      Now everything is configured in one place - the unified SmartConsole, which helps me in saving the working time and not jumping from one console or dashboard to another constantly. The interface is cozy and modern. I especially like built-in searching capabilities - you may not just find the objects, but also see where exactly it is used across the whole security policy. Also, now the latest logs may be seen in the security policy as well, per matched rule. 

      What needs improvement?

      I like that the Compliance software blade is available for free with the Security Management server purchase, but it is free for only one year - after that, you have to buy an additional license to continue using it. I think such an important feature is vital for the management server, and should not be licensed separately. 

      Also, the SmartConsole application used for management is currently available only for Microsoft Windows OSes. I think many administrators use macOS and Linux, so it would be nice to have native apps for these platforms as well.

      For how long have I used the solution?

      My current company has been using the Check Point Security Management for about three years, starting late 2017.

      What do I think about the stability of the solution?

      The Check Point Security Management server version R80.10 we use is stable and mature solution.

      What do I think about the scalability of the solution?

      One virtual machine we use for the Security Management is enough for managing 2 clusters, and there is a huge "space" if we decide to scale the DataCenter up.

      How are customer service and technical support?

      We have had several support cases opened with the Check Point, but none of them was connected with the Security Management. In. general, I think some cases took to long to be resolved by the Check Point support team - up to one month.

      Which solution did I use previously and why did I switch?

      We used local ACLs and Zone-Based firewall on Cisco switches and routers, that's incompatible with the centralized management solution like Check Point Security Management.

      How was the initial setup?

      The setup was straightforward, and the configuration part was easy and understandable - we didn't use any consulting services for that.

      What about the implementation team?

      The solution has been implemented by in-house team, since we have the Check Point Certified engineer among the technical team.

      What's my experience with pricing, setup cost, and licensing?

      The Check Point solutions in general are not cheap, so your company should have a dedicated budget for security.

      Which other solutions did I evaluate?

      We didn't evaluate other vendors.

      What other advice do I have?

      There's a demo of the Security Management available for free - just download and install the SmartConsole application, and you could see the interface and most of the features available.

      Which deployment model are you using for this solution?

      On-premises
      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      PeerSpot user
      Buyer's Guide
      Check Point Security Management
      September 2022
      Learn what your peers think about Check Point Security Management. Get advice and tips from experienced pros sharing their opinions. Updated: September 2022.
      634,325 professionals have used our research since 2012.
      GeraldChege - PeerSpot reviewer
      ICT Officer at Kenyatta National Hospital
      Real User
      Has good identification capabilities that link with the Active Directory
      Pros and Cons
      • "I love the URL filtering as well as the identification capabilities which link with the Active Directory and work for me even with bandwidth regulation. These allow me to select to whom to do what, and when."
      • "In future releases I'd like to see better integration with other applications and solutions. Also, the cost of the license is too high, it's too expensive."

      What is our primary use case?

      We use it for the firewall and the filtration. The accounts are put on a server and even the SmartConsole is installed on a server environment.

      What is most valuable?

      In terms of most valuable features, I love the URL filtering as well as the identification capabilities which link with the Active Directory and work for me even with bandwidth regulation. These allow me to select to whom to do what, and when.

      What needs improvement?

      As for improvement, again, the bandwidth regulation is an issue - it is not up to my expectations. If they could improve that it would be good.

      In future releases I'd like to see better integration with other applications and solutions.

      Also, the cost of the license is too high, it's too expensive.

      For how long have I used the solution?

      I have been using Check Point Security Management for the last five or six years.

      How are customer service and technical support?

      I used to contact customer service, but nowadays, I'm authorized to handle that. We have our own internal team in the company to maintain this solution on our own. I know a few people at Check Point so we work together.

      Which solution did I use previously and why did I switch?

      Yes, we were using Dell SonicWall.

      How was the initial setup?

      In terms of initial setup, at the beginning when I was not an expert, it was difficult but now that I'm an expert it is no longer difficult at all.

      I don't know how long the setup was the first time since it was done by a client. But nowadays, because I'm an expert, it doesn't take long. It takes about an hour or two and I've done everything.

      What other advice do I have?

      On a scale of one to ten, I'd give Check Point Security Management a nine because it is not yet available in our country.

      Which deployment model are you using for this solution?

      On-premises
      Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
      PeerSpot user
      Network Administrator at Nigerian Security Printing & Minting Plc
      Real User
      Good interface, excellent technical support, and very helpful additional features
      Pros and Cons
      • "The additional features offered by the solution are excellent. We didn't have a lot fo these on a previous solution, and they've proven to be an advantage for us."
      • "The reporting should be improved in future releases. It needs to be very explicit. This is very important."

      What is our primary use case?

      We primarily use the solution based on the results that are provided. We've tried others previously and they didn't give us the results we receive on this particular product.

      What is most valuable?

      The additional features offered by the solution are excellent. We didn't have a lot of these on a previous solution, and they've proven to be an advantage for us.

      Based on my personal use of the system, the interface is quite good.

      What needs improvement?

      It depends on the user, but all of the checkpoints need improvement. The only place I need a bit of an update, for example, is in the endpoint management. There are some policies that are embedded that you have to examine if you have sensitive users. 

      For some applications, the default acts as a manager. However, in a system with a history of being breached or where users are given access based on their job function, we seem to have issues particularly there.

      The reporting should be improved in future releases. It needs to be very explicit. This is very important.

      For how long have I used the solution?

      I've been using the solution for about a year.

      What do I think about the stability of the solution?

      Over the past nine or ten months that we've been using the solution we've found it to be very stable. We haven't had any issues at all. Since we have a monetary drive to enforce stability, when we see a flagged issue we will address it immediately.

      What do I think about the scalability of the solution?

      The scalability of the solution is excellent. We haven't faced any negative aspects when trying to scale up.

      How are customer service and technical support?

      The technical support of the solution has been very good. They are much better than what I previously had. I find that we get attention within 24 hours if we flag something. We are purchasing the support so it may be the reason we get such a quick and helpful response.

      Which solution did I use previously and why did I switch?

      We did previously use a different solution. They didn't have support locally in my country and this was difficult for us. Everything was done via mail or phone and it was not helpful. With this solution, if the situation cannot be remotely addressed within 48 hours, they will come to my office in person and attend to me. It's much better.

      How was the initial setup?

      The initial setup is very straightforward. Deployment takes about three working days. In our case, we had to import policies from SonicWall but not on the same platform, so we had some little challenges like that, however, overall it was quite straightforward.

      We have an in-house team that handles maintenance.

      What about the implementation team?

      We had an integrator that assisted us with the implementation of the product. We use them for support as well.

      What other advice do I have?

      We're still in the testing phase in terms of using the solution. Soon, it will be one year since we have fully deployed it. So far, it's been very good. I would rate it eight out of ten.

      Which deployment model are you using for this solution?

      On-premises
      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      PeerSpot user
      Mohammed Semmour - PeerSpot reviewer
      Scaling Engineer at Lutessa 2S
      Real User
      A very good management solution with a straightforward setup and good scalability
      Pros and Cons
      • "It's a great solution for management. We can manage a lot at the same time with one security management system. Also, each gateway depends on the other, which is helpful."
      • "In the last version from 80.20, there are some issues around SSNA Diction. I would like this to be improved."

      What is most valuable?

      One of the most valuable features is the console application.

      It's a great solution for management. We can manage a lot at the same time with one security management system. Also, each gateway depends on the other, which is helpful.

      What needs improvement?

      The client of the management needs to be improved. 

      The solution is a bit slow. The speed should be improved. 

      If there is a possibility to use the URL instead of client management in a future release, that would be ideal.

      In the last version from 80.20, there are some issues around SSNA Diction. I would like this to be improved.

      For how long have I used the solution?

      I've been using the solution for one year.

      What do I think about the scalability of the solution?

      The solution is scalable.

      How are customer service and technical support?

      I haven't contacted technical support a lot. I have a colleague that's had issues with a certain version of the solution, and they have made contact. They've had issues, but for me, technical support has always been fine.

      How was the initial setup?

      The initial setup is not too complex, but those setting it up should have knowledge of Unix as well as some knowledge in Linux command lines. 

      What about the implementation team?

      We're a partner. We help clients implement the solution.

      What other advice do I have?

      We are using the on-premises deployment model.

      I would rate the solution eight out of ten.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      PeerSpot user
      System and Network Engineer at a non-tech company with 1,001-5,000 employees
      Real User
      Good scalability and a straightforward setup, but the solution needs performance tuning options
      Pros and Cons
      • "The firewall's blades are the solution's most valuable feature."
      • "We sometimes have trouble with the performance of the solution. Maybe some performance tuning options could be added in a future release. There should be more visibility about which blade in your firewall is causing the latency."

      What is our primary use case?

      We are primarily using the solution as a firewall, and for some IPS features as well.

      What is most valuable?

      The firewall's blades are the solution's most valuable feature.

      What needs improvement?

      We had a lot of problems with the VPN blade on the solution.

      We sometimes have trouble with the performance of the solution. Maybe some performance tuning options could be added in a future release. There should be more visibility about which blade in your firewall is causing the latency. That would be nice as well.

      For how long have I used the solution?

      I've been using the solution for five years.

      What do I think about the stability of the solution?

      The stability of the file blade is good. However, there are a lot of blades, and some of the blades have bugs. For example, the VPN is not so stable. Aso, sometimes when we have high loads on our firewall because we have 20,000 users, the Firewall blade also has trouble.

      What do I think about the scalability of the solution?

      The scalability of the solution is good. However, we have four or five firewalls and that's more than enough, so we don't need to increase the usage. We have about 20,000 users that go through the firewall at this time.

      How are customer service and technical support?

      We don't go through technical support if we need assistance. We instead go to our consultants which assist us if we run into any issues. The consultants may sometimes open cases, but we have no direct contact with Check Point.

      Which solution did I use previously and why did I switch?

      We didn't previously use a different solution.

      How was the initial setup?

      In general, the initial setup was straightforward. Deployment for us took quite long because we migrated in small steps. That was our choice and had nothing to do with Check Point. We have five people managing the solution, and we have two consultants that sometimes help us with some troubleshooting and features.

      What about the implementation team?

      We used a consultant to assist with the implementation.

      Which other solutions did I evaluate?

      Before choosing Check Point, we evaluated FortiGate from FortiNet, Sonicwall from Dell and Cisco FW products.

      What other advice do I have?

      We're using the on-premises deployment model.

      I'd rate the solution seven out of ten.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      PeerSpot user
      Head of IT
      Real User
      Web filtering and built-in VPN are key features, but the user interface is overly complicated
      Pros and Cons
      • "Key features include the ability to include logs for everything that you do for admin. Also, it has web filtering built in and VPN."
      • "I would like the ability to have an overview, cross-site: One portal that does all firewalls. Also, the user interface is overly complicated."

      What is our primary use case?

      Perimeter protection. It has performed well. It's good.

      How has it helped my organization?

      It hasn't really improved the way our organization functions. It has just provided that extra functionality. That is something we now demand of all firewalls.

      What is most valuable?

      The ability to include logs for everything that you do for admin. Also, it has web filtering built in and VPN. Those are the main features we use.

      What needs improvement?

      I would like the ability to have an overview, cross-site: One portal that does all firewalls.

      For how long have I used the solution?

      One to three years.

      What do I think about the stability of the solution?

      The stability is good, but that's because we've got a high-availability configuration.

      What do I think about the scalability of the solution?

      It is scalable, but, as I said before, you are not able to connect across multiple sites for a similar firewall.

      How are customer service and technical support?

      I would say tech support is about a six out of 10.

      Which solution did I use previously and why did I switch?

      There was no previous solution. I inherited this one.

      When selecting a vendor, the most important criteria are history, reputation, and looking at the industry ratings.

      How was the initial setup?

      Although I wasn't involved in the initial setup, I believe it was quite complicated.

      What other advice do I have?

      Do the homework because Check Point is rather expensive. There are better firewalls on the market now that are cheaper and provide better functionality and security.

      I rate it a six out of 10 because the user interface is overly complicated.

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      PeerSpot user
      Mario Figueiredo - PeerSpot reviewer
      Security Specialist at a insurance company with 501-1,000 employees
      Consultant
      URL filtering helps us control what people are accessing
      Pros and Cons
      • "URL filtering is a very important feature."
      • "The usability of the solution could be improved."

      What is our primary use case?

      This solution is used to validate the firewalls, and it performs this function very well.

      How has it helped my organization?

      It helps us control what people are accessing, inside the company.

      What is most valuable?

      URL filtering is a very important feature.

      What needs improvement?

      The usability of the solution could be improved.

      What do I think about the stability of the solution?

      I think stability is good. We haven't had any trouble.

      What do I think about the scalability of the solution?

      The scalability looks fine.

      How are customer service and technical support?

      My company has used technical support, but I have not.

      Which solution did I use previously and why did I switch?

      In the past, we had a type of proxy for our URL filtering. The idea was to have everything packaged in the same solution. We removed the proxy and started to use just the firewall to control URL filtering and normal firewall rules in the same solution.

      When selecting a vendor, we always check the industry reviews. Then, we analyze the features and, after that, the price-feature combination is the most important factor: which one has the best price and has the features we need.

      What other advice do I have?

      Pay attention to the stability of the solution because it's very critical.

      I would rate this solution a nine out of 10. They need to improve the usability. It's good but it can always be better. 

      Disclosure: I am a real user, and this review is based on my own experience and opinions.
      PeerSpot user
      Buyer's Guide
      Download our free Check Point Security Management Report and get advice and tips from experienced pros sharing their opinions.
      Updated: September 2022
      Product Categories
      Log Management
      Buyer's Guide
      Download our free Check Point Security Management Report and get advice and tips from experienced pros sharing their opinions.