We changed our name from IT Central Station: Here's why
Get our free report covering Darktrace, Cisco, Cisco, and other competitors of IBM Security Network IPS. Updated: January 2022.
564,643 professionals have used our research since 2012.

Read reviews of IBM Security Network IPS alternatives and competitors

IT Department manager at AS Attīstības finanšu institūcija Altum
Real User
Top 20
Easy to set up and use, has good reporting with lots of detail
Pros and Cons
  • "The reports are well written so that you can understand what type of attack has occurred, the originating IP address, and other details."
  • "Occasionally there are glitches and errors like false positives, which would be a nice area of this solution to improve upon."

What is our primary use case?

We are using Check Point IPS for securing our internal networks and our website, as well as all of the traffic that goes through us. The traffic is analyzed by the IPS, which checks for things like malicious files and different attack patterns.

We are using the virtualized version.

How has it helped my organization?

Our old IPS was much more difficult to administer so the adoption of Check Point has helped us in this regard.

What is most valuable?

The most valuable feature is ease of use.

Check Point IPS has quite a decent database of attacks.

The reports are well written so that you can understand what type of attack has occurred, the originating IP address, and other details.

What needs improvement?

It is always possible to improve the speed of an IPS, although there is always a performance penalty when using additional security software.

Occasionally there are glitches and errors like false positives, which would be a nice area of this solution to improve upon.

The pricing could be improved.

For how long have I used the solution?

I have been using Check Point IPS for six or seven years.

What do I think about the stability of the solution?

The stability is quite good. The product itself is quite good and although we had some issues, they were usually hardware related. Since we upgraded to the virtual edition two or three years ago, we have had almost no incidents. 

What do I think about the scalability of the solution?

We do not have a very big scale so I cannot comment on scalability. The performance is enough for us and to test scale, you would need a bigger connection speed. We have a 500 megabit internet connection and it is almost never saturated. We have tested ours and it works well. The only time we hit a bottleneck is when we are transferring large amounts of data or creating many connections, but that is not our typical use case.

We have 205 employees and they are all protected by Check Point IPS. They are all end-users except for our one system administrator. We do not plan on increasing our usage at this point.

How are customer service and technical support?

With Check Point, we have had quite good support. They usually respond within two or three days with some kind of resolution or at least they collect logs and analyze them.

Most of our cases are solved with first-level support, which is local. They are our partner who sells this product and they have their own technical people who know our infrastructure. We generally do not need to escalate our issues to Check Point.

Which solution did I use previously and why did I switch?

Prior to using Check Point IPS, we were using a solution by IBM. It was much more difficult to administer. However, we had already been using the Check Point Firewall product and moving to Check Point IPS was a logical choice. It was easier in terms of administration because it is the same console and we did not need additional servers. In fact, our infrastructure got a little bit smaller and the performance, I would say, is better.

With respect to the performance, having the solutions on the same machine means that the traffic is analyzed once instead of twice. There are fewer hops.

How was the initial setup?

The initial setup was quite straightforward. We had to add the license and enable the policies, which was done within two days. After that, of course, we had some fine-tuning but I wouldn't say that it's a headache. In total, it took about a month before we had the configuration ready and it was in production.

One person was responsible for the deployment and one person is enough to take care of maintenance.

What about the implementation team?

We had some trouble doing all of the troubleshooting and setting up some of our rules, so we had assistance from technical support during this part of the setup. We took care of the main deployment but they guided us when necessary.

What was our ROI?

It is difficult to calculate ROI for an IPS or a firewall because you can actually live without fancy security if you don't have any data to protect.

What's my experience with pricing, setup cost, and licensing?

This is an expensive solution. I am not exactly sure of the pricing because we have a package deal that has the licenses included. I think that the price of support is around $40,000 USD or $50,000 USD per year.

How it works is that we license a pair of virtual CPU cores, as well as the firewall, and then the IPS is included along with the antivirus and additional products.

Which other solutions did I evaluate?

We did evaluate several IPS products by different vendors but they all had trouble integrating with our Check Point Firewall. We made the decision that even if the other products were cheaper to buy, they would need additional integration and custom development, so ultimately it was not worth it.

What other advice do I have?

My advice for anybody who is researching this type of solution is that they need to choose the product carefully. Most importantly, I would look from a performance perspective. Secondly, I would consider it from a pricing perspective because there are cheaper solutions available like Sophos and Fortinet, and they are good at what they do. If there is no firewall in place at all and this is their first project with protecting the enterprise, then it is reasonable to look at all of the vendors and look at what features are needed. The most important part is what your administrators are used to using because if you need to train them then it's additional costs.

The next thing that I would suggest is to make sure that you get a good partner because it is important to have good first-level support.  

The biggest lesson that I have learned from using Check Point IPS is to be quite careful about which features you enable with it, and which protections to use. You need to balance performance with security, finding exactly the right configuration for your environment and requirements.

Overall, I would say that this is a decent product. If the pricing were cheaper then I would say that it was perfect.

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
ITCS user
Team Lead at a tech services company with 201-500 employees
Real User
Top 20
Offers good protection and a huge rate of threat protection
Pros and Cons
  • "It has a huge rate of protection. It's has a low level of positives and a huge rate of threat protection. It's easy to deploy and easy to implement. It has an incredible price rate compared to similar solutions."
  • "Performance needs improvement."

What is most valuable?

It has a huge rate of protection. It has a low level of positives and a huge rate of threat protection. It's easy to deploy and easy to implement. It has an incredible price rate compared to similar solutions. It has a good support channel, technical assistance. It's good. 

It's really good to sell as far as a Cisco firewall. It's really good to sell in the complex Cisco project because Cisco's really good for networking and routing. When we are networking, it's easier to sell a security-based firewall. It's a complex product. It's really good. There is syndication between different security products, and in Cisco's case, it's with integration.

What needs improvement?

Performance needs improvement. If you compare Cisco Sourcefire with other products, it performs at the same level of compliance. For Cisco Sourcefire, it's not really horrible and it's not really the market and price-performance rate. The performance can be improved. 

For how long have I used the solution?

We have been using Sourcefire since 2011.

What do I think about the scalability of the solution?

It's scalable. Sourcefire has a classic deployment model and you can scale up through the appliance if you need the same deployment so it's quite simple. It's quite scalable. We mostly work with mid-sized companies. 

Sourcefire Snort is the kind of software that is constantly running like 24/7,

How are customer service and technical support?

In general, Cisco provides really good and reliable support. Overall it's good but sometimes, around 1% of the time, it doesn't work so well. 

Which solution did I use previously and why did I switch?

We also use IBM and Palo Alto and from the technical perspective, it's probably equal. It's equal by the features, by the functionality, by the performance. But again, for the pricing, it's really bumpy.  For Palo Alto for example, the pricing is almost equal. But for the performance and the features, they are on the next level.

How was the initial setup?

It is easy to setup. For a basic deployment, it can take up to three or four days to deploy in a minimal setup. If it's a huge project with a huge data center, a lot of configuration, a lot of work, and a lot of integration, it will take two or three weeks up to one month. 

You only need one person for a basic deployment. 

What other advice do I have?

Make sure to have good sizing because it matters for the performance of the features. Also make sure to have a good design. Before starting with the deployment and installation for Sourcefire. Have a technical session with the local Cisco office or the local department to provide a good design. 

I would rate it an eight out of ten. 

We have some architecture concerns. I'm not really sure that Cisco can quickly solve this concern. Palo Alto has a user-friendly interface for the management. 

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Get our free report covering Darktrace, Cisco, Cisco, and other competitors of IBM Security Network IPS. Updated: January 2022.
564,643 professionals have used our research since 2012.