Please share with the community what you think needs improvement with Check Point Anti-Spam and Email Security Software Blade.
What are its weaknesses? What would you like to see changed in a future version?
The high-end protection of email servers from any advanced foreign agents and malware is not 100% there currently. They could improve on technically sound features to ensure complete and all-around protection of email servers from potential ransomware and unauthorized endpoints. The software should be made more mature and scalable so that it becomes a one size fits all kind of software for all organizations and businesses. It should be scalable for all kinds of changing environments.
Check Point Anti-Spam & Email Security is a highly organized tool with many benefits. However, they should upgrade support services and make a more user-friendly database. That would help with higher integration and adoption. Check Point Anti-Spam & Email Security software as a platform will catch the eyes of large organizations and MNCs as security concerns have risen significantly in recent years.
There could be an extension of the trial period to 60 days. We felt that utilities and functionalities are numerous and can only be tested fully with the extension of the trial period. It needs more and more robust features around spam restriction and stoppage of malware entry. It can be facilitated so that 100% efficiency can be achieved. There should be more and more inclusion of technical inputs and feedback from customers and business users. These should be regularly received and introduced so that we can stay relevant.
For the few years that I have been using Check Point, they have always presented new updates and tries to stay ahead with their tools making them more interactive with the user and not so complicated. They are always at the forefront with new features. It meets and covers all the necessary fields to protect an organization and must be at the forefront as hackers are always one step ahead. They need to continue to make the tool more robust to protect users from new threats. A major area for improvement is within some of the heavily discounted software blade add-ons on top of the current Next Generation Threat Prevention and SandBlast and Next Generation Threat Prevention offerings.
The Check Point blade could improve perhaps in having an independent solution in the future so as not to be managed if possible through a Check Point gateway. It should be the customer's choice. The dependency on the version of management and gateway that you have can make your console look a bit outdated. It is an expensive product yet really one of the best on the market. Still, they could continue to improve on it.
In terms of anti-spam and email, the pattern that they use to filter the emails could be improved. There are too many normal emails being considered spam. There should be an option to learn the different patterns specific to the organization where it is being deployed.
Determining areas for improvement is not a question that can be answered simply. We should separate the antispam engine into two parts; the first that breaks down mass spam, and the second for refinement. It would be good to dedicate a separate core, at least for the first phase, so that it does not take away resources from the system. The ideal approach would be to enrich the product with more functions, however, this would likely also lead to an increase in cost. It would be useful to have more logs and in aggregate mode, perhaps through a specific report, that can be more easily used for troubleshooting.
Determining areas for improvement is not a question that can be answered simply. I think we should separate the antispam engine into two parts; the first that breaks down mass spam, and the second for refinement. It would be good to dedicate a separate core at least for the first phase so that it does not take away resources from the system. The ideal approach would be to enrich the product with more functions but this I imagine would also lead to an increase in cost. It would be useful to have more logs and in aggregate mode, perhaps through a specific report, that can be more easily used for troubleshooting.
Our solution required multiple appliances, as a single appliance only supports up to 5,000 files. This means that depending upon the number of files that need to be processed, the number of appliances needs to be increased. Essentially, the number of appliances needs to be sized accordingly for complete protection. The increase in the number of appliances makes it difficult to manage in terms of physical connectivity and configuration. The product performs only basic anti-spam capabilities, compared to CloudGuard SaaS, which provides more robust anti-spamming functionality than the on-premises solution. YARA rules can be added only using the CLI, rather than through the GUI, which makes it difficult for the administrator.
I think that the pricing for the Check Point products should be reconsidered, as we found it to be quite expensive to purchase and to maintain. Maintenance requires that the licenses and the support services be prolonged regularly. Alternatively, they should create some additional bundles of the software blades with significant discounts in addition to the current Next Generation Threat Prevention & SandBlast (NGTX) and Next Generation Threat Prevention (NGTP) offers. We have also had several support cases opened for software issues, but none of them were connected with the Check Point Anti-Spam and Email Security Software Blade.
The manageability using this console is complex and it should be a little more user-friendly. If you don't have a good understanding of putting the policies in place then sometimes it is tough to manage from the console. A more intuitive GUI would make it easier to manage. The user should be able to perform a real-time search of the objects and see the messages. As it is now, when we create an object, sometimes you find out at a later stage that the object already exists. If I could simply type an object into the search bar and find out whether it exists by seeing it in a dropdown then it would save me time.