IT Central Station is now PeerSpot: Here's why
Competitor
# Comparisons
Rating
Buyer's Guide
Enterprise Infrastructure VPN
June 2022
Get our free report covering , and other competitors of Pulse Client. Updated: June 2022.
610,812 professionals have used our research since 2012.

Read reviews of Pulse Client alternatives and competitors

Basil Dange - PeerSpot reviewer
Senior Manager at a financial services firm with 10,001+ employees
Real User
Top 5Leaderboard
Supports multifactor authentication and clientless login, but the GUI should be more user-friendly
Pros and Cons
  • "Organizations that already use the Check Point NGFW Solution do not require any additional hardware, which makes the implementation straightforward and reduces the time to go live."
  • "The fully-featured security module is only supported on Windows and Mac systems, which means that organizations with Linux will face issues providing secure access."

What is our primary use case?

We use Check Point Remote Access VPN to provide access to our corporate network and resources to remote users in a secure way. Users have access that is limited or defined by the server.

Access is granted for identified devices post-posture validation. 

Access should be provided via VPN using multifactor authentication other than username/credentials. Users are able to connect from anywhere at anytime using both mechanisms (i.e. User VPN client or browser). 

This solution mitigates or minimizes data leakage issues.

It is stable and scalable and requires minimal management and access provisioning.

How has it helped my organization?

This solution has improved our organization by providing access to corporate resources in a secure fashion. It uses complete end-to-end encryption from the end-user machine to the VPN device.

Access policies are created on the firewall for restricting access to resources and applications based on the user profile/policy.

Our security gateway is integrated with Active Directory and access to resources/applications is provided based on the security group created in Active directory.

This product has inbuild/native integration with MFA solutions.  

It does not require any additional hardware in cases where the organization already has the Check Point NGFW. The mobile access blade and remote access VPN can be enabled on the same security gateway. Check Point provides a common dashboard and management console used in conjunction with the NGFW.

Multiple access can be provided using multiple realms, based on the user ID or security group, and access can be provided accordingly. Each realm will have a pool of IP addresses for which access will be provisioned on the firewall.

What is most valuable?

Organizations that already use the Check Point NGFW Solution do not require any additional hardware, which makes the implementation straightforward and reduces the time to go live. The only requirement is to purchase an additional license from Check Point, and then enable the mobile access blade. After this, the solution is ready to roll out and provide access based on the configured policy. 

Access is restricted based on user ID, security group, and device type. 

Access is provisioned post-posture policy validation and it offers protection against users connecting to the corporate network from non-corporate devices, which minimizes data leakage possibilities. 

Access is available from browsers or VPN clients using MFA. This is helpful in cases where the machine does not have the client installed or the client is corrupted.

We are able to restrict access based on geo-location and device type. Devices can be Android, iOS, Windows, or Linux.

It provides threat prevention capabilities while uses connect via VPN for Windows devices.

What needs improvement?

Access is provisioned based on a single L3 tunnel being established between the endpoint and the VPN device. If an attacker gains access to this session then all of the tunnel traffic is compromised. It needs to move to next-generation style access, provisioning such as per-app VPN.

The GUI interface for configuring the SSL VPN is not user-friendly and requires expertise. 

Devices are exposed over the internet and it can lead to a security threat.

When a critical patch needs to be applied to the VPN, downtime is required for the entire NGFW. This can impact the business when it has a single security gateway.

This product cannot manage sudden user growth, as each security gateway has limitations in terms of performance and throughput.

The fully-featured security module is only supported on Windows and Mac systems, which means that organizations with Linux will face issues providing secure access. Specifically, modules such as Threat prevention, Access control, and Incident analysis are supported only on Windows and Mac.

What do I think about the stability of the solution?

It's very stable in terms of downtime, although it required updates.

What do I think about the scalability of the solution?

The solution can be easily scaled by adding a security gateway.

How are customer service and technical support?

The Check Point technical support is excellent.

Which solution did I use previously and why did I switch?

We used Aventail SonicWALL as a standalone product. We switched because it was expensive in terms of management and maintenance. As we already had Check Point NGFW, it was easy to enable the VPN on the same device.

How was the initial setup?

Enabling the VPN was simple and straightforward with the purchase of an additional license from the OEM. Once we acquired the license, it involved enabling the module on the security gateway. The solution was ready to go live within 10-15 minutes.

What about the implementation team?

The implementation was completed by our in-house team with the assistance of the OEM.

What's my experience with pricing, setup cost, and licensing?

Organizations that already have the Check Point NGFW need to purchase an additional license to have access to the VPN functionality.

Which other solutions did I evaluate?

We evaluated Pulse and Citrix before choosing this option. 

What other advice do I have?

Traditional VPNs that work on L3 or L4, with a single VPN tunnel, are typically hosted on-premises. As organizations are adopting cloud computing, it makes sense to have a VPN solution hosted on the cloud for better control and security.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
MichaelZhang - PeerSpot reviewer
IT Director at Guangdong Technion Institute of Technology
Real User
Top 5Leaderboard
Easy to setup, priced well, and you can automatically assign VPNs to specific users
Pros and Cons
  • "When the user gets authenticated, I can assign a different VPN or network to each user."
  • "I think that FortiClient can enhance the multifactor authentication."

What is our primary use case?

The primary use case of this solution is as a firewall. 

I have two Fortinet perimeter firewall boxes in my local data center. The two boxes also provide the SSL VPN functionalities, intended for authorized users only. Not everyone in my organization has access.

What is most valuable?

The most valuable features of FortiClient are that it can be integrated with Active Directory to the central authentication and that I can manage the permissions.

When the user gets authenticated, I can assign a different VPN or network to each user.

It's a  good solution for the IT department to control the access permission. I find this quite useful.

What needs improvement?

I think that FortiClient can enhance the multifactor authentication. Currently, if you want to enable dynamic tokens with FortiClient authentication, you only have one option, which is supplied by Fortinet.

You cannot integrate FortiClient VPN with Google authenticator or Microsoft authenticator, it's impossible. I think that they can improve this module.

In the next release of this solution, if they could improve the MFA, it would be a perfect solution.

For how long have I used the solution?

I have been using this solution since March of 2018, almost two and a half years. 

We are always using the latest version, as they regularly update their software.

What do I think about the stability of the solution?

It's quite stable.

What do I think about the scalability of the solution?

They say that it can support more than 1,000 concurrent users, so I would agree that it is scalable. We have 800 users.

Because we have only authorized certain people to use it, it is restricted to the IT department. This has less than ten people in other departments. There is a total of approximately 20 people who maintain this solution.

Which solution did I use previously and why did I switch?

I have used several solutions. Previously, I worked with Cisco AnyConnect Access VPN and also Pulse VPN, which is originated by Juniper.

We use these other solutions to access other organizations. It is not a decision to switch. These other solutions have been provided by previous employers.

How was the initial setup?

The initial setup is very easy and quite straightforward.

If you are an experienced network engineer then you can easily configure that to a VPN feature in less than half an hour.

What's my experience with pricing, setup cost, and licensing?

FortiClient is quite reasonably priced. 

You can get the firewall box rather than just the SSL VPN box. When you purchase extra hardware, you are not restricted in the number of end users. 

This compares favorably to other solutions such as Cisco AnyConnects or Pulse VPN, where you have to pay extra for the end-user license and it gets quite expensive.

What other advice do I have?

If you are thinking to adopt the Fortinet SSL VPN, you have to consider the security level, because, by default, FortiClients can only integrate with FortiToken with a very limited license that will give you two. You can purchase additional FortiToken licenses for the MFA, or you can change to another solution, or the final option is to have the security level compromised, where the users just have user passwords to get authenticated.

If users share their password with other users then the account is compromised. You cannot use multifactor authentication to prevent or to mitigate that risk. If you choose to use FortiClient you have to consider that feature.

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Head of Solutions Delivery (Systems) at a wellness & fitness company with 51-200 employees
Real User
Top 5Leaderboard
A secure and easy way of utilizing company services remotely

What is our primary use case?

We use AnyConnect to connect to our machines and networks remotely when we are not in the office. I can access files and other services that are available only on our company network.

What is most valuable?

The most valuable features are that it is really secure and very easy to use.

What needs improvement?

Sometimes when you are on the VPN, it can be a little bit slow. This may not be a Cisco issue, per se.

For how long have I used the solution?

We have been using Cisco AnyConnect for six months.

What do I think about the stability of the solution?

Stability-wise, it seems to be pretty good. We have people working from home and we really haven't had any issues.

What do I think about the scalability of the solution?

We have between 2,000 and 3,000 people who are using AnyConnect.

How are customer service and technical support?

I have not been in touch with Cisco's technical support team.

Which solution did I use previously and why did I switch?

We were using Pulse up until about six months ago when we switched to Cisco. We had used it for quite a while.

How was the initial setup?

The initial setup is very straightforward. The only challenge is setting it up when you're already remote, which can be difficult. If you are in the office and on the network then the setup is really fairly simple.

What about the implementation team?

Our IT department has set it up so that it's pushed out and automatically installed in our machines.

What other advice do I have?

This is absolutely a product that I can recommend. For me, it is straightforward to establish my VPN connection and then do my work.

I would rate this solution a ten out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Enterprise AWS Cloud Architect / Owner at a tech services company with 51-200 employees
Real User
Top 20
Very easy to set up users, but needs simpler high availability deployment and support for additional protocols

What is most valuable?

It was very easy to set up users.

What needs improvement?

The high availability deployment is not very straightforward. They can make it simpler. 

OpenVPN does not support some of the additional protocols that Pulse Secure and Cisco AnyConnect support. They can include support for these additional protocols.

For how long have I used the solution?

I have been using this solution for close to a year. I set it up and configured it. I also supported it from time to time and documented standard operating procedures because there were other people who were going to maintain it and operate it. We have about 15 users of this solution.

How was the initial setup?

It was not very complicated. I did it for the first time, and for somebody who was doing it for the first time, it was okay. I could do it.

What other advice do I have?

It is important to document the steps so that if one person is not available, another person can continue the work. 

I would rate OpenVPN Access Server a seven out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Enterprise Infrastructure VPN
June 2022
Get our free report covering , and other competitors of Pulse Client. Updated: June 2022.
610,812 professionals have used our research since 2012.