Check Point IPS Reviews

We primarily use Check Point IPS for cybersecurity, specifically when there is a need for internal and external connections. We use it to monitor performance and take necessary actions when events occur. We also use it for firewall solutions.

Check Point IPS has helped us maintain cybersecurity through effective monitoring and behavior analytics.

Behavior analytics and monitoring capabilities of Check Point IPS are valuable, especially for cybersecurity purposes.

It's hard to specify areas for improvement without a deeper investigation. However, usually, IPS does its job. Some challenges might exist with integration depending on the environment.

We have been using the solution for five years.

The solution is 99.8% stable.

Flexibility and scalability depend on the solution and the requirements. So far, we haven't faced any requirements that couldn't be submitted.

The customer service and support are satisfactory. I would rate them quite high.

Positive

The initial setup can be complicated if you are not familiar with what you're doing. It usually requires two people for a successful installation.

Check Point IPS usually requires two individuals for installation, depending on their certifications.

Our return on investment is usually based on a three-year period.

Pricing is average. Usually, the price listed isn't adhered to, and negotiations occur.

We compared with solutions from vendors like Fortinet, Cisco, and Palo Alto. Palo Alto is perceived as better in performance and technical aspects, while Fortinet is seen as less robust.

I'd rate the solution eight out of ten.

We use the Check Point IPS module on various firewall gateways.  Specifically, we use the IPS on our DMZ firewall gateway to protect our DMZ servers from the inbound Internet traffic.  

For our user outbound Internet traffic, we use the IPS and the anti-virus anti-bot modules, in addition to the base IPS module to protect the network traffic.  

We also apply the product to our guest firewall gateway to monitor outbound internet traffic, with a focus to avoid any malicious guest users using our guest internet services to launch attacks.

The Check Point IPS module offers protection against malicious inbound Internet traffic to our DMZ network and inspects and blocks outbound Internet traffic to sites that could be a danger to our internal users.  

We have configured the Check Point IPS modules so all the downloaded updates would turn to monitor-only mode.  Once the updates have been in use for a couple of weeks, then we would review the IPS signature, and turn them into prevent mode based on factors such as the severity of the vulnerability, the performance hit to the firewall gateway, the chance of false positives, and the relevance to our environment. This allows us to easily maintain up-to-date network protection with a lower chance of unexpected business interruption.

The mechanism where you can let the system automatically turn the IPS signature to a different mode (prevent / monitor / inactive) is a nice feature that allows us to easily adjust the balance between security protection and the risk of business impact.  

It is also worth noting that many IPS signature comes with detailed background about the vulnerability, and potentially how the vulnerability would affect the network security. 

Also, you can easily search through thousands of IPS signatures using various keywords is another feature worth noting.

Out of the box, the number of built-in reporting and dashboards related to the IPS logs and events has room for improvement. The dashboard reports can be easier to generate and customize.  

It would also be nice if the system would allow some form of alerting when specific signatures have been triggered X number of times within Y amount of time. This would allow us to be better notified when there is a security attack going on, without too much of false-positive alerts. 

Another would-be-nice request is to have more details information about how the signatures would detect the specific security vulnerability. This allows us to make a judgment about how useful a particular signature is in our specific environment.

I've used the product for over ten years.

The stability should be high as we don't have many issues with the IPS solution.  In the last couple of years; we only had one issue due to a bad signature.

We have not observed any major performance hit to the firewall gateway by enabling the IPS module. Of course, some signatures did indicate a high-performance hit to the gateway, in which we typically won't turn on those signatures unless there is a strong need.

Good technical support is by chance/luck. Sometimes you run into good tech support. Other times you may run into someone that doesn't know much more than yourself.

Neutral

We also have extensive experience with the Cisco Firepower solution. We actually use both solutions in our environment.

The initial setup is pretty simple so long you just follow the default steps, without too much worry about going through the thousands of signatures manually.

We did a self-install.

With Check Point, the IPS license could be bundled with the firewall product and so the license cost is not huge. 

It does take time to get familiar with the UI and understand the "workflow" that Check Point has in mind when designing the solution. A good understanding of this would allow an easier adoption.

We use both Check Point's and Firepower's solutions in our data center.

I use it on a perimeter with the internet-facing services, so the traffic will pass through Check Point IPS, which will secure connectivity and communication.

The most valuable feature of the solution is called tunneling. Tunneling is one of the major security features that hackers cannot penetrate through. The hashing and SSL are also some of the valuable features of the solution.

The area with certain shortcomings where improvements are required consist of support availability. The tool's complete operating system architecture is being designed in such a way that it looks a little complicated compared to the tool offered by its competitors. The tool's complete operating system architecture needs to be simplified for the users, especially from an administrative and troubleshooting perspective, so that it can be used quickly or with speed whenever there is a crisis. If the aforementioned areas are considered, the product will be much stronger. The tool's support is a major issue because it has not been quick in certain areas compared to the ones offered by Check Point's competitors.

The product's scalability has certain shortcomings where improvements are required. The product should be able to handle and compete with competitors and their services as well as updates, which are much faster than Check Point.

Check Point IPS has been used in my organization for two decades. My company has a partnership with Check Point. My company also has customers at Check Point. My company can be described as a direct consumer, and we even deal with Check Point directly.

Stability-wise, I rate the solution a nine out of ten.

Scalability-wise, I rate the solution a seven out of ten.

I rate the technical support a six out of ten.

Neutral

Mainly, in my company's branches, I have Check Point. For my core data center, I use Cisco and some other solutions. Palo Alto is also a product I use in my company. The aforementioned area consists of the IPS tools I use internally in my organization.

The product's initial setup phase was okay.

In terms of ROI, I would say that Check Point IPS is able to meet the purpose for which my company purchased it. I rate the product's ROI a nine out of ten.

I rate the product price an eight on a scale of one to ten, where one means it is very cheap and ten means it is very expensive. The product is expensive.

A few integrations with Check Point IPS are a bit complicated, especially the cloud-based ones. The product's integration part is complicated because its users need a lot of support and HA so that it can work in a high-level architecture while also being integrated mainly with cloud platforms and considered a reliable source.

If I speak about objects in Check Point IPS, specifically in terms of the screening, sometimes it will go into the deepest screening which one may not be able to see the logs and for that we need to enable search specific logs, and it needs to be validated. For the aforementioned process, it should be simplified, and similar to other products. There should not be areas that are invisible and it should be transparent.

I rate the tool an eight out of ten.

Initially, the requirement was just to have a stateful inspection firewall to control traffic entering our network. Later, we needed deep packet inspection to look into packets deeply to identify any kind of malicious content. This led us to start using Check Point IPS to have visibility across all the seven layers of traffic entering the network.

The solution is consumed by our SOC to ensure we have visibility into traffic entering our network. With IPS's logs, we began to get a lot of visibility into the type of traffic flowing into our network. It fulfills our SOC's need and has become our standard for deep packet inspection, which is easy to deploy.

Check Point IPS is very easy to configure. It's part of Check Point's blade architecture, where firewall, VPN, and IPS configurations are identical, making the learning curve minimal. The feature can be enabled with a straightforward process, allowing default or customized configurations.

From the product perspective, there have been instances where the signature download caused issues. However, it happened only once, and some QA is needed on signatures. Overall, the product is robust.

I have had experience with Check Point IPS for ten years now.

The stability of the solution is excellent. There haven't been any issues after enabling certain features, and it hasn't caused outages in traffic. During certification, we considered exceptions to avoid IPS inspection for legit traffic.

Scalability depends on hardware platform certification. Check Point's Maestro solution allows up to thirty-four firewalls in a load-sharing configuration. Properly sizing the appliance for IPS makes it a scalable solution.

Customer service is a significant drawback. Support is challenging during weekends, and support personnel often require unnecessary details, slowing resolution processes.

Positive

We use both Check Point and Palo Alto. Palo Alto is more expensive, with a front-end focused design lacking on the CLI. Check Point provides flexibility with Linux commands, reducing deployment hassle.

Setup is straightforward, rated as ten on a scale of one to ten. Configuration involves enabling the IPS feature and publishing changes, identical to setting up a firewall.

Three engineering team members worked on solution certification. The operations team, supported by four to five people, ensured deployment across global firewalls during limited change windows.

The solution fulfills the SOC's need for visibility and easy deployment of deep packet inspection, with no operational impact reported.

As a global customer, we receive decent discounts and expand our infrastructure using the solution. There have been no pricing issues.

We also evaluated Palo Alto and previously worked with Juniper long ago. Palo Alto has a steeper learning curve with proprietary terms not aligned with industry standards. Check Point follows standard conventions, simplifying deployment.

Check Point IPS is a preferable solution for its price, stability, and deployment ease compared to more complex solutions.

This tool seals any loopholes that could be detected by ransomware attackers and may lead to data loss. It has protected the organization from potential vulnerabilities affecting operations and the slowdown of workflows. It ensures that the applications are performing efficiently based on the set objectives. It delivers many signatures that enable teams to ascertain the security situations in various departments. It saves the organization a lot of costs since it is less costly and more powerful than many versions in the market.

Digital transformation has been efficient and productive thanks to the operation of this great product. After the implementation of IPS, there is increased production, and teams can easily focus on more productive tasks without fear of being attacked by cybercriminals. We have accelerated operations with the modern data management models that come with this application. It is easy to detect threats in advance and plan effectively how to eliminate them. Our organization has been secure since we deployed this tool without cases of external attacks.

Most features in this platform have been of great importance in the organization. The unified system controls the security situation in any system, reducing the total cost of ownership. Real-time protection has blocked most threats that could affect system operations. It can detect and prevent the entry of known and unknown data vulnerabilities. 

The customer support services are efficient and have always helped us achieve most goals. The platform provides continuous cyber security reports that enable us to plan and make informed decisions.

The set features have played important roles in transforming the organization to meet the basic security standards. 

The cost is high. That said, depending on the company's size, there can be a mutual agreement for efficient licensing terms. We are satisfied with the set performance parameters that have enhanced the smooth running of workflows. 

The team should focus more on timely updates and configuration processes that sometimes may fail. I like the performance of this product and the achievements we've made so far.

I've used the solution for eight months.

It is stable, and I recommend it.

I am impressed by the performance.

The customer support staff is always supportive.

Positive

I have not used a different solution.

The initial set up was not complex.

Implementation was done through the vendor.

There is increased ROI.

The setup cost is good.

I have not evaluated other options.

The security measures are effective and I'd recommend the product to companies seeking great performance.

The primary use cases include application security control, comprehensive security management, and proactive protection against a wide range of threats. It serves as a crucial component for safeguarding applications and ensuring overall security effectiveness. It contributes to proactive protection and plays a pivotal role in firewall protection strategies.

The focus is on safeguarding the departmental environment, and it is effectively fulfilling its role in environmental protection.

It offers robust protection with features such as Next Generation firewall capabilities, mobile solutions, and proactive threat prevention.

Enhancements are necessary for the proficiency of notifications in the event of a Social Security incident, whether through email or alternative channels such as SMS.

I have been working with it for ten years.

It offers excellent stability. I would rate it ten out of ten.

I would rate its scalability abilities nine out of ten. Currently, 1,800 users within our organization actively use it.

I would rate its customer service and support nine out of ten.

Positive

The initial setup can be somewhat intricate, involving coordination with the OEM and service provider. I would rate it a six out of ten.

For the deployment, we conducted a refresh last year, which took approximately two to three weeks to complete. It is essential to have at least two individuals involved in the process, with one requiring additional expertise. This team typically consists of a Check Point specialist, an expert, and an administrator.

The pricing is quite reasonable.

It is highly efficient and it provides a mobile solution for various devices, including cell phones and iPads, catering to mobile workflows. The system is not only efficient but continually improving. I would certainly recommend it. Overall, I would rate it eight out of ten.

I work in MNC company and we have 6 GEO locations in India and all of our locations are using Check Point as a perimeter firewall. I sit in our HO Office and I am maintaining all the location firewalls with my team, except for 1 location. We regularly monitor the security alerts on our perimeter and based on that we will align our location IT to check and update us. IPS is our core blade for network security, it is provide the details that some suspicious activities happen on our network as per the IPS signature database, and based on that we will work on that.

As our primary use case with IPS blade we are daily receiving non-compliant IKE alert, and we know if we prevented it then what impact will happen, our all site to site tunnel will stop working which is running with noncompliant IKE and we are not forcing our client to update that noncompliant IKE protocol. 

We have configured the IPS daily report on our Check Point Gateway so we get daily reports with details of IPS related alerts. Based on the report we will check whether it is in prevention or detection mode and based on that we will check with the internal team and work on that. This is a very useful blade to prevent unwanted and unknown attacks. We can also create strict policies in the IPS blade to prevent high and critical severity but in our organization, we follow the same but in some cases, we have created exceptions.

Overall with the IPS blade we can say we are secure with unknown attacks. 

The default category (Low, Medium, High, Critical) is the most valuable feature because we don't know what type of attack will happen, but with this category, we can create a policy to prevent any high and critical severity behavior. With this, we can protect our organization from weakness exploit of vulnerable systems.

IPS can protect our organization with any old vulnerabilities or if any vulnerability was detected within a few minutes. IPS can protect us as per our configured policy.

I strongly agree that with IPS blade we can protect our organization vulnerabilities. I would like to have the ability to virtually patch our application or vulnerable machine that is talking ourside our network. If it is there then we can protect our application and systems to any unknown attack if our system or application has a weakness or vulnerability. 

I observed on our management that sometimes IPS does not connect to the threat cloud, we have to check and improve it. Otherwise, all of the features are good.  

I have been using Check Point IPS for the last four years. 

Sometimes it will not connect to the threat cloud.

This is a fully salable blade.

Overall okay.

Straightforward.

Vendor team

Priceless.

Reg. cost and licensing part out procurement team taking care.

The IPS is a very good blade in Check Point NGFW.

One of the needs that we had within our organization was the need to solve and support the prevention of zero-day attacks or vulnerability attacks within the network. We needed to be as proactive as possible to focus on solving any incident or gap that could be opened in the future within our organization. With this product, we were able to implement IPS solutions. IPS gives us the ability to detect and be proactive against many attacks - even if they are very new. The solution can detect old and new signatures. 

Check Point IPS services give our organization peace of mind. We know that the solution will be running and constantly updated thanks to the integrated Check Point services. It ensures stability. We have a solution that covers us all the time, day and night. In the configuration process, the solution has provided us with detection regarding what is stable. It is scalable and will allow us to grow according to the demand and the need. The service is well-maintained and functional.

The solution with the most organizational value is its 360° view, which has allowed us to integrate it well and speed up the view of records. It is dedicated 24/7 to detecting any attack. Vulnerabilities or incidents be flagged. It has the capability to give us alerts and offers good productivity to ensure that the services and data of our organization are always secured. 

Some of the features for views and visualization are already predefined as default files. This helps us to be proactive and not have to define any search or specialty of the services.

The service that we want to see in the future is a capacity to segment the IPS services by equipment. We'd like to see the integration of the communication of the services in the next-generation firewall and the other solutions that it has, such as Harmony. It would be great if they could start creating interoperability with both technologies. Integrating these solutions with the lighthouses could generate more complex and complete interoperability. That said, we'd want the solutions to be acquired and administered as one solution. 

We have been using the service for about two months.