Check Point Application Control Reviews

We use Check Point Application Control to control VPN and bandwidth. 

The tool's most valuable features are VPN access, website defense, and maintenance. 

Check Point Application Control needs to ensure that they release up-to-date security patches regularly. It should release better documentation so end-users can use the product without depending on the support team. 

I have been working with the product for three years. 

Check Point Application Control's stability is good. 

The tool is scalable. My company has 1000 users. 

The tool's support is good. 

Positive

You need guidance to do the product's deployment. It cannot be done directly. You need two people to handle the deployment. 

Check Point Application Control is expensive. The tool's licensing costs are yearly. 

I rate the product an eight out of ten. 

Check Point Application Control enables my team to customize websites to fit our daily needs. It provides security measures that can be set in place to safeguard our content and internal information. 

It provides reliable tools for setting up HTTPS security policies that prevent security risks related to SSL protocol. The product provides real-time insights into the data traffic from the applications and their performance. 

The security protocols have enabled my team to set restrictions for accessing confidential information.

There is efficient protection of data and workflows from external interferences. This platform provides basic tools for protecting applications from cyber attacks and building strong websites. 

The SmartView tracker enables my members to monitor data traffic across the applications. It has provided a great opportunity for us to set up basic rules for interacting with applications. 

This product provides reliable data controls that monitor the performance and operational capability of all the applications within the company's networking infrastructure.

The central management system provides a reliable platform for application control and URL filtering. 

The security gateways have set comprehensive security tools for protecting data from malware attacks. 

The application library can run many apps and websites at the same time without functional complications. 

The application control system blocks internet sites and cyber attacks that can affect daily operations. 

SmartEvent Analysis provides capabilities for understanding application performance with charts and reporting analytics.

The most set features have enhanced the effective management of workflows. 

Malware threats can advance attacks when there are no timely measures to curb online phishing attacks. 

The solution needs an efficient monitoring platform that provides individual employee data, and performance will boost productivity in the organization. 

Most features perform well since there are few complaints. The security tools should be empowered more to fit daily demands and prevent our systems from advanced threats. 

I recommend the use of this platform to other organizations for reliable application performance.

I've used the solution for two years. 

The application security controls and monitoring tools are powerful.

I am impressed by its great performance.

The customer support staff has been reliable and committed to great service delivery.

Positive

I have not worked with a similar solution.

The initial setup was straightforward.

The implementation was done by the vendor team, and their level of expertise is excellent.

The recorded ROI has improved from 40% to 65% currently.

The setup cost and licensing terms are efficient.

I evaluated other application control products, however, Check Point Application Control was the best.

This is great system for monitoring application performance and I recommend to others.

The primary use case for application control in our organization is to provide the ability to restrict users from using unapproved applications and applications that fall under categories that are deemed malicious. 

Application control is enabled on all of our HA firewall clusters globally. Leveraging identity awareness, we can restrict remote access applications from the rest of the organization, allowing it for specific teams that require it, i.e., IT Helpdesk and Technical Support teams.

Application Control has improved our organization by enabling other network administrators and me to restrict non-corporate applications for specific departments. 

Combined with Check Points URL filtering, this blade provides more granular restriction as if the firewall engine does not detect the application, administrators have the ability to use regular expressions to block URLs that are critical for the application to function. For example, the Windows Quick Assist tool needed URL filtering as it was not being detected and categorized as "Remote Assistance"

The ability to be able to do dynamic rate limiting on specific applications has been a valuable feature. 

This has allowed us to prevent our graphics team from saturating our link to the internet by rate-limiting their uploads to third-party cloud providers (i.e., Dropbox, OneDrive, Google Drive, etc.). 

The fact that application control also can stop browser-based extensions/widgets has also been very valuable as it has provided insight to employees installing VPN extensions on their browsers. 

This blade is very valuable to any organization, and it is great that it is included in the base firewall licensing bundle. 

It is very easy to set up and configure. The one feature that could be improved would be the ability to see implicit rules that are defaulted on the policy. For example, if the cleanup rule is removed, there is still another toggle in the settings that (in the event the traffic does not match any of the rules) you can either choose to block the traffic or allow it. By default, this setting is configured to drop, which caused issues the first time we configured the policy as this was not shown.

I've used the solution for five years.

The solution is stable and hasn't increased the load drastically.

Scalability is excellent and is easy to add new sites.

Technical support is hit or miss. L1 and L2 never seem to be able to solve my issues. We always need to go to L3 support.

Positive

We did not previously use a different solution.

The solution should be configured by default with an allow rule that can be changed to drop once implemented to avoid massive disruptions to users.

We handled the solution in-house.

The ROI we see is in the added security to block specific applications or categories.

The setup is easy. However if first implemented, it's a good idea to add a "clean up" rule at the bottom rather than denying. This will allow the traffic and you can further tweak rules without impacting users.

We did not evaluate other options. 

The product is great.

We needed a solution that would allow us to protect the applications that we were constantly developing. Those applications needed to be classified by categories, including integrity, risk level, and productivity issues, as well as identity per user. We needed all these characteristics to safeguard a library, repository, or platform that could allow us to manage it in a secure, fast, and scalable way. We tried more than one solution that would allow us the required granularity in the teams and management so that we could implement it according to the regulations that we had internally.

At the time of implementation, we had a great feeling of satisfaction with the solution as it allowed us to have granularity across types of applications - by the network, identity, social networks, the function of the application, et cetera. We were able to do more than what we really needed, and this gave us that feeling that we now had the internal compliance that we did not have before. The libraries are much larger and grouped by application in categories to protect us from attacks or threats.

The most outstanding feature is the Check Point APK wiki, which is a product that is incorporated into the solution that allows us to naturally and dynamically apply internal applications to the application database. It is continuously updated, which allows us to have constant detection capabilities and more than 8000 different applications at different sites. It allows us to be more dynamic and have greater control. Additionally, it has blocking via content filtering or HTTPS inspection, which we can combine with identity. That gives us a more centralized correlation and management for more granular policies and more expeditious control over each activity from the users.

The blocking characteristics for filtering content currently are not so customizable. I would like to be able to modify them a bit. I hope that customization will be incorporated in the future. Right now, we must educate the users who are constantly violating or in fear of violating an issue. We would like to be able to incorporate filtering with notifications in a learning portal so users can be educated and will no longer have a lack of experience. A portal will help make better, more educated, and knowledgeable users. 

I've used the solution for two years.

We had the need to control and be able to manage rules in a granular way for maintaining the security and control of the data, management by teams, identity, and applications grouping them by category and thus being able to defend ourselves from threats and malware that wants to enter our infrastructure while  reducing the operating cost.

Something that we need and want is an inspection of the data. We must see what the different users and applications of our network are sharing, and that is where the control solution brings us that administration value.

As our need is great, and we not only have a single organization yet also have several subsidiaries. It is there where we are integrating a centralization under well-managed control. It is where application control gives us the possibility of generating rules, and policies that are adjusted and flexible. We need the solution to be able to be adapted to the business and to be modified and scalable according to the need and evolution of our organization. It offers a powerful administration and a great catalog.

The best value we have is their actionable reports on user analytics, events, and activity that are extracted from their database. This technology allows us to present reports on the control and management of event policies against applications, locations, IoT, and Identity. Having all this data available generates a control layer that strengthens a security posture. Its best feature will forever be the generation of tangible reports of every actionable activity found and stopped by the solution.

I would like this layer to be faster to install in the future. The evolution of its equipment and appliances where the solution is executed has improved a lot, however, it is necessary to increase that capacity. Some competitors do it just as well and in that layer, are faster to apply their changes. These would give greater value and would be a differentiator. Among other things, I would like this integrated solution to manage from mobile devices in an optimized way and be able to administer from anywhere in the world.

I've used the solution for two years.

The solution is very stable and has regular updates.

It is fast and easy to scale and manage.

Their cost is based on their appliances, and they offer equipment with the highest licensing.

Check Point Application Control is a one-stop shop for providing the strongest security to an organization's business verticals in the most efficient and effective manner. 

It eases the business working as it enables smooth flow of information and helps businesses to create micro-managed accurate, granular policies, and helps in strengthening the organization's security by blocking and restricting the unknown and unsecured phishing widgets and applications across multiple integrations. 

It limits the usage and utilization of any unknown malware attempts from any application

Check Point Application Control improved the productivity of our workforce by reducing the coordination time and efforts involved in strengthening the system's security through a traditional manual way or path. 

It improved the performance outcome for all our verticals due to more automation in system security, which helped in the identification and blockage of malware-affected applications and widgets.

It helps in categorizing the basis of the application, its types, security level, the usability of resources, and its implications on productivity as a whole.

The solution is great at blocking and stopping unidentified and malware-affected applications.

The next-gen firewall system is inbuilt and is highly efficient in restricting terminated and unsecure applications.

It ensures smooth and secure API integrations with other system firewalls and applications due to advanced next-gen identification of malware-affected applications. 

Unauthorized and unsecured applications would not pose any risk to the organization's effectiveness if carried out efficiently by application control security.

In my view, more efforts are required with the business development and customer service team to create more and more awareness across businesses of all sizes on the benefits of deploying the Check Point application control security across all business verticals and improving the performance outcomes for the organization.

More and more product specifications should be infused with new incumbent features in the market to stay relevant and concurrent with the organization's needs.

They need more and more secure integration features should be included with less cost so that the adoption rate can be increased multifold amongst new business users.

I've been using the solution for over six months now.

The product is stable and highly recommended.

The solution is highly scalable and replicable across multiple platforms and systems.

We get great support and services from business and corporate customer service teams.

Positive

An in-house solution was utilized for application security previously.

The product is easy to comprehend and deploy.

We implemented the product through the vendor only.

We've seen an ROI of over 80%.

To every business out there, I strongly recommend trying Check Point Application Security and analyzing the utilities independently. It's one of the best security application software with advanced features to strengthen security with integrated applications and other platforms.

We evaluated McAfee and Trend security applications before making a final selection.

I'd advise users to go for its mandatory trial and explore the gamut of facilities on their own.

Our primary use case of Check Point Application Control is to filter which application categories we want to allow our organization members to have access to so that they are secured. 

For example, we don't allow access to malicious applications and some categories that could be threats. We only allow organization members to access secure applications and applications that are aligned with the company's strategy. 

The user interface is easy and dynamic. You can drag objects around the screen to facilitate their use. Besides, it is quite easy to understand and apply changes.

It also enables us to save internet bandwidth by filtering applications that are not work-related and helps us to easily create granular policies based on users to identify the usage of applications.

We can easily switch from a classical firewall to a next-gen firewall using application security. 

We implemented application control at MDM global security policies, which helps us set general security standards for all managed devices. 

Identity awareness module integration is to be used for user/group-based controls.

Application control and having features like completeness and validity, identification, authentication, and granularity with unified layers is awesome. The most important aspect is that it allows users to define policies based on source IP and user role, quickly identifying traffic flow with SAML.

You can allow or block traffic coming or going out to the internet for specific applications or websites.

It offers user notifications for blocked access, time-defined policies, and bulk categorization of malicious applications.

Sometimes, documentation is not accurate and with the support issue we have to wait a long time for an engineer to understand the errors. I would like to see if they can help with the issue of service and more qualified staff. They need to have good service with Check Point products.

The load balancer functionality for application traffic might be a better option.

Configuration and deployment are a little bit difficult. 

This product works only when the user is in traffic flow through NGFW. 

Sometimes there are more than one category tag to an application which can be tricky.

We have been using the product for more than 12.5 years.

We are satisfied with the stability.

We are satisfied with the scalability.

The product provides the largest database about application control and we can create granular policies to identify the usage. Overall it's been a very good experience, working with this product.

Positive

We didn't use any solutions previously. Check Point Application Control is easy and user-friendly. We're able to control and manage all applications with it.

The initial setup is straightforward.

The help we had was excellent.

The pricing has to be more economical.

Not all of the company's web traffic goes through Check Point, however, on the significant web traffic side, we solve security needs with Check Point. 

Especially if you are going to give broad permissions, you need to block dangerous applications at the very beginning of your rule set. In this context, we use Check Point to block on an application basis. Sometimes there are general accesses. Like Azure, we can only give access by selecting the relevant applications. Check Point is a very good solution because these applications are constantly updating the IP lists on the backend.

It does not require a lot of work to be activated and used. It is quite simple to open the application layer blade and activating it means you are ready to use it. 

The concept of NGFW is actually used exactly for this feature and I can say that it does justice. Once you are ready to use it, you can optimize your rule set by selecting the desired application name in the rule. Since the objects used are updatable, the need for you to return and update is very rare. This structure really saves you time.

First of all, to use this layer, you don't need to struggle and make changes to your structure. It is enough to have a firewall with NGFW support and turn on the application layer filtering blade. Apart from that, the objects in the rules you wrote have very little margin of error. In other words, the accesses of the application you put are passed or blocked as necessary. In fact, some applications have separate objects for download and installation, so you can write the rule set you have in mind more easily.

The objects found now have large applications or general category definitions that are completely determined and organized by Check Point. It would be nice if there was a platform and small application owners could come and send their own applications' name and IP information from there. If we could use application objects directly in our rule sets in Check Point in those small companies, that would be ideal. A few more layered objects could be created for Azure in large applications. It would be nice if firewall administrators could see parser information such as IP behind these objects.

I've been using it for the past six years in different companies.