We compared Check Point Security Management and Graylog based on our users' reviews in five categories. We reviewed all of the data and you can find the conclusion below.
Features: Check Point Security Management is praised for its centralized management features, user-friendly interface, and extensive monitoring capabilities. Graylog stands out with its exceptional search functions, seamless integration with Elasticsearch, and real-time data access. Check Point Security Management could improve by simplifying the migration of security policies, optimizing performance, and expanding its management API. Other pain points include threat tracking and documentation. Graylog could benefit from additional customization options and an improved rule-creation process.
Service and Support: Check Point Security Management's customer service is widely praised for being knowledgeable, supportive, and reliable. Although some users had problems with inexperienced agents and coordination issues, the overall support experience is positive. Graylog's customer service is generally well-regarded, with reviewers noting effective solutions and satisfactory experiences. While response times may differ, Graylog's support is considered superior compared to that of other products.
Ease of Deployment: Check Point Security Management is generally seen as easy to set up if the user has some expertise. Some Graylog users said the setup was easy. Other reviewers faced challenges, but these were easily resolved with help from the vendor’s support staff. Graylog is easier to set up in smaller environments, but it could get complicated in large clusters.
Pricing: Check Point Security Management is seen as a solid investment, offering flexibility and a good value for the price. Graylog offers an enterprise edition and an open-source option with a daily capacity restriction. Some users said that data costs can be expensive.
ROI: Check Point users said the solution offers a steady ROI over time. Graylog can offer some cost savings. The precise ROI may vary depending on the organization’s size and use case.
"I love the URL filtering as well as the identification capabilities which link with the Active Directory and work for me even with bandwidth regulation. These allow me to select to whom to do what, and when."
"Having the possibility to use Smart Event to check for threats on a broader scale helps after a security incident and also makes it easier to check - instead of looking through different logs."
"The rulebase management and the shared layers concept is implemented well."
"The unique management using Smart Console for all firewalls is very useful."
"Each department can easily share data with the management without fear of data compromise."
"Regarding the tool's valuable features, I would say that Check Point is a very accessible and fast tool, especially when dealing with logs for the first time."
"We love the ability to monitor performance in real-time, and gather critical information about network flows and traffic."
"It has a central management log server that helps us to easily identify faults and issues in the environment, especially during outages and incidents during the implementation of policy rules."
"Real-time UDP/GELF logging and full text-based searching."
"This had increased productivity for the dev and support teams, because we are directly notifying them."
"Graylog's search functionality, alerting functionality, user management, and dashboards are useful."
"Open source and user friendly."
"The product is scalable. The solution is stable."
"I am very proud of how very stable the solution is."
"The best feature of Graylog is the Elasticsearch integration. We can integrate and we can run filters, such as an event of interest, and those logs we can send to any SIEM tool or as an analytic. Additionally, there are clear and well-documented implementation instructions on their website to follow if needed."
"We have scaled from a single machine installation (a VM with a Graylog + ES + MongoDB) to (2 Graylog + 2 ES + 3 MongoDB). This was done smoothly with a minimal impact on logging."
"I would like it to be the administrator of equipment or Next Generation firewalls (which have to be managed on this platform) and to be able to manage other services (like Harmony) that also belong to Check Point."
"Troubleshooting is quite complicated within multi-domain management. If an issue arises, the local administrator has to keep in mind that there are other domains that could be also affected."
"In the future, I would like the platform to be able to integrate or manage appliances or third-party equipment."
"I would like to bind users to their network, as well as their local office machine."
"In my experience, the place they can improve the most is in the technical support where I have had some serious problems that could not be solved in time due to a lack of knowledge of the assigned engineer."
"Even though the platform is simple, and creating security policies is a fairly quick task, creating a bulk of policies at once (ie. for a migration) could be a useful tool. This is probably possible through scripting, however, having an easy-to-use "import CSV" button would be beneficial."
"Check Point EDR has room for improvement, especially in the area of Data Loss Prevention where it currently lacks functionality."
"I guess it lacks in providing visibility of the many incidents."
"Dashboards, stream alerts and parsing could be improved."
"Since container orchestration systems are popular and Graylog fits the niche well, perhaps they could officially support running in docker containers on Kubernetes as a StatefulSet as a use case. That way, the declarative nature of Kubernetes config files would document their best case deployment scenario-"
"Its scalability gets complicated when we have to update or edit multiple nodes."
"I would like to see a date and time in the Graylog Grok patterns so that I can save time when searching for a log. I like how the streams and the search query work, but adding a date and time will allow me to pull out a log in a milli-second."
"The biggest problem is the collector application, as we wanted to avoid using Graylog Collector Sidecar due to its architecture."
"More customization is always useful."
"Elasticsearch recommendations for tuning could be better. Graylog doesn't have direct support for running the system inside of Kubernetes, so it can be challenging to fill in the gaps and set up containers in a way that is both performant and stable."
"I would like to see some kind of visualization included in Graylog."
More Check Point Security Management Pricing and Cost Advice →
Check Point Security Management is ranked 9th in Log Management with 55 reviews while Graylog is ranked 11th in Log Management with 18 reviews. Check Point Security Management is rated 8.8, while Graylog is rated 8.0. The top reviewer of Check Point Security Management writes "Great DDoS protection, high availability, and useful firewall rule implementation". On the other hand, the top reviewer of Graylog writes "Great detailed search features and easy Java integration, but needs improvement in integration with Python". Check Point Security Management is most compared with Wazuh, Fortinet FortiAnalyzer, IBM Security QRadar, LogRhythm SIEM and ManageEngine EventLog Analyzer, whereas Graylog is most compared with Grafana Loki, Wazuh, syslog-ng, Splunk Enterprise Security and Fortinet FortiAnalyzer. See our Check Point Security Management vs. Graylog report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
