Check Point IPS Reviews

Our primary use case is to protect the on-prem infrastructure. The IPS blade is integrated into our Check Point environment. The product is the core of our security infrastructure that we use to filter and block attempts for connection into resources.

Due to the pandemic, the company needed to improve its compliance with traffic risk management since all employees went full WFH.

This has turned into more efficient operational control of internal traffic, where numerous threats have been identified while working in the office as most malware is somehow admitted by someone with access to the company network, either unintentionally or not. This drove revenue growth as fewer resources had to be spent by the IT department to fight cyber threats.

We've seen how this firewall has operated on real-time threats to infrastructure by detecting, neutralizing, eliminating, and then patching against malware.

We can test these patches post-deployment in less than one day. We generate reports that include the activity for the time we desire and gauge the performance of the software.

The IPS module offers protection against malicious inbound Internet traffic to our DMZ network and inspects and blocks outbound Internet traffic to sites that could be a danger to our internal users.

IPS definitions are quick & simple. It is a robust system to fortify the digital perimeter. It can prevent DDOS attacks by analyzing traffic patterns. 

Another valuable feature of the solution is that the product's stability has been very good. The product's uptime has been massive, and there has not been any downtime, making it a very good product.

The product has allowed us to proactively mitigate any network access misconfiguration resulting from delegation. It enables us to define our own rules for detection.

It has false positives.

There is no option to have automatic exceptions from a rule.

The initial deployment can be a challenge.

The upgrade process or the maintenance of the devices for each firmware upgrade requires one to break the cluster and run a specific moment at a time, a single node concept. 

The firmware upgrade process is quite cumbersome.

There is room for improvement in the pricing model. It can be more competitive.

Moreover, another area of improvement is in the maintenance of the solution because it requires a lot of people to maintain the solution. Some tasks can be automated, and I would like to see a feature where we can automate the tasks.

I have been using Check Point IPS for more than 15 years.

I use it on a perimeter with the internet-facing services, so the traffic will pass through Check Point IPS, which will secure connectivity and communication.

The most valuable feature of the solution is called tunneling. Tunneling is one of the major security features that hackers cannot penetrate through. The hashing and SSL are also some of the valuable features of the solution.

The area with certain shortcomings where improvements are required consist of support availability. The tool's complete operating system architecture is being designed in such a way that it looks a little complicated compared to the tool offered by its competitors. The tool's complete operating system architecture needs to be simplified for the users, especially from an administrative and troubleshooting perspective, so that it can be used quickly or with speed whenever there is a crisis. If the aforementioned areas are considered, the product will be much stronger. The tool's support is a major issue because it has not been quick in certain areas compared to the ones offered by Check Point's competitors.

The product's scalability has certain shortcomings where improvements are required. The product should be able to handle and compete with competitors and their services as well as updates, which are much faster than Check Point.

Check Point IPS has been used in my organization for two decades. My company has a partnership with Check Point. My company also has customers at Check Point. My company can be described as a direct consumer, and we even deal with Check Point directly.

Stability-wise, I rate the solution a nine out of ten.

Scalability-wise, I rate the solution a seven out of ten.

I rate the technical support a six out of ten.

Neutral

Mainly, in my company's branches, I have Check Point. For my core data center, I use Cisco and some other solutions. Palo Alto is also a product I use in my company. The aforementioned area consists of the IPS tools I use internally in my organization.

The product's initial setup phase was okay.

In terms of ROI, I would say that Check Point IPS is able to meet the purpose for which my company purchased it. I rate the product's ROI a nine out of ten.

I rate the product price an eight on a scale of one to ten, where one means it is very cheap and ten means it is very expensive. The product is expensive.

A few integrations with Check Point IPS are a bit complicated, especially the cloud-based ones. The product's integration part is complicated because its users need a lot of support and HA so that it can work in a high-level architecture while also being integrated mainly with cloud platforms and considered a reliable source.

If I speak about objects in Check Point IPS, specifically in terms of the screening, sometimes it will go into the deepest screening which one may not be able to see the logs and for that we need to enable search specific logs, and it needs to be validated. For the aforementioned process, it should be simplified, and similar to other products. There should not be areas that are invisible and it should be transparent.

I rate the tool an eight out of ten.

The primary use cases include application security control, comprehensive security management, and proactive protection against a wide range of threats. It serves as a crucial component for safeguarding applications and ensuring overall security effectiveness. It contributes to proactive protection and plays a pivotal role in firewall protection strategies.

The focus is on safeguarding the departmental environment, and it is effectively fulfilling its role in environmental protection.

It offers robust protection with features such as Next Generation firewall capabilities, mobile solutions, and proactive threat prevention.

Enhancements are necessary for the proficiency of notifications in the event of a Social Security incident, whether through email or alternative channels such as SMS.

I have been working with it for ten years.

It offers excellent stability. I would rate it ten out of ten.

I would rate its scalability abilities nine out of ten. Currently, 1,800 users within our organization actively use it.

I would rate its customer service and support nine out of ten.

Positive

The initial setup can be somewhat intricate, involving coordination with the OEM and service provider. I would rate it a six out of ten.

For the deployment, we conducted a refresh last year, which took approximately two to three weeks to complete. It is essential to have at least two individuals involved in the process, with one requiring additional expertise. This team typically consists of a Check Point specialist, an expert, and an administrator.

The pricing is quite reasonable.

It is highly efficient and it provides a mobile solution for various devices, including cell phones and iPads, catering to mobile workflows. The system is not only efficient but continually improving. I would certainly recommend it. Overall, I would rate it eight out of ten.

We use the Check Point IPS for intrusion prevention. It was installed inline. This solution enabled us to stop all threats and intrusion activities across the data center. The IPS uses a signature-based approach to control traffic, allowing only authorized traffic to flow outside. However, it can also identify the traffic behavior and enforce the policy based on that behavior, protecting against even new and unknown threats.

The docking of the IPS engine can be improved.

I have been using Check Point IPS for three years.

The product is stable.

I rate the solution’s stability an eight out of ten.

I rate the solution’s scalability a five or six out of ten.

Technical support is awesome.

I’ve used Cisco. It is very hard to configure and manage the day-to-day operation. It was entirely controlled by the CLI, like the command line interface. Compared to Check Point, it was wholly managed using the GUI. We can finetune and customize the signature. This feature is available in the Check Point.

The initial setup is not so difficult. It takes two and a half months to complete.

I rate the initial setup a six out of ten, where one is difficult, and ten is easy.

I recommend using the out-of-path installation of this tool. Then, find the desired signature and fine-tune the exception based on your specific environment, including the port involved. Once done, bring the tool line into the traffic. Finally, enable the signatures one by one instead of relying on a single group containing older signatures.

The solution has the inherent complexity of managing IT infrastructure and configuring Check Point IPS. The Signature Management requires manual customization to adapt to your network traffic conditions. Building and customizing signatures is a complex and demanding task.

Overall, I rate the solution a seven out of ten.

In my company, we use Check Point IPS for its intrusion protection functionalities. The product is the core of our security infrastructure that we use to filter and block attempts for connection into resources, which usually you want to happen only for specific administrative roles.

The most valuable features of the solution are that the product's stability has been very good. The product's uptime has been massive, and there has not been any downtime, making it a very good product. Our company has had a six-year uptime record with Check Point IPS. The firewall has not caused a single second of outage while functioning to protect access to our data center.

Based on what I hear from my full-time firewall administrators, the upgrade process or the maintenance of the devices for each firmware upgrade requires one to break the cluster and run a specific moment at a time, a single node concept. I hear from my admin that the firmware upgrade process is quite cumbersome. Our company has made Check Point very well aware of the cumbersome firmware upgrade process, including the other customers as well. The aforementioned details can be considered for improvement.

The price of the product needs to be improved since it is an expensive solution. All the components of Check Point IPS are expensive, while licenses of the product exceed all its other expenses. If you have a data center without infrastructure, you will suffer from losses on a monthly and yearly basis due to DDoS attacks, which we know about since we have the data for ourselves. It is up to each customer to determine how long he can lose his data center, and then you count if it is possible to lose it for that amount of time, and if you don't, then pay the price for the firewall.

I have experience with Check Point IPS.

Stability-wise, it is a good solution since we haven't faced any outages in our company.

With MCO solution, Check Point IPS is super scalable since we can spawn virtual firewalls and provide additional CPUs to one particular firewall. Check Point IPS is a SUSE firewall solution where you can launch virtual firewalls within the SUSE, making the product very flexible and versatile.

There are thousands of end users of the solution in my company, which is a major airline company.

My company plans to increase the solution's usage since we have thousands of users.

For the deployment and maintenance, there is a need to provide twenty-four hours and seven days a week coverage. Per cluster, you would need three people for maintenance. If you have twelve nodes split across six clusters, you need six persons and one manager for maintenance.

I have contacted the solution's technical support for solutions like Check Point IPS since it provides two ways to make a change in infrastructure, which you can find in its GUI. If it is not there in the GUI and doesn't work from the moment you need CLI, then you create a technical case to have the vendor watch your actions while you do it, which applies to Cisco controller-based networking. It either works via the GUI, and if it does not, you almost always create a tech case in the case of Cisco or a technical support case in the case of Check Point to have somebody from the technical support assist you. Cisco or Check Point products are no longer meant to be run without support.

The initial setup of Check Point IPS was complex. The nature of the product is such that the setup phase is complex since one needs to insert a firewall into all the connections. One cannot implement a firewall partially since that is completely useless. When one implements Check Point IPS, it is necessary to ensure that all of the traffic goes through it, making the implementation complex, but that's not Check Point's fault since it is the nature of the IT landscape.

The deployment process takes at least three months.

Regarding the deployment process, you install the boxes in a lab environment or a DMZ. In the second step, you upgrade the firmware to the last version you want to have the firewall because you wouldn't want to do that after it has been put in your network. From the moment you have the base setup, you separate the cluster again and distribute it across your data centers, after which you can start activating the firewalls. Basically, what you do is that you install them, cluster them, and in the final stage, you implement or migrate from an existing rule set from another firewall onto the new firewalls. The rule set is super crucial because you cannot start with a blank rule set in a production environment, and you cannot build it up from scratch. Either you get a rule set from somewhere else or build it up manually, which will require massive work.

The implementation process is always done with the help of a third party.

If my data center goes down for more than 15 minutes, we lose one million euros in operational costs, meaning our company's return on investment is immediate. If you do not have a firewall infrastructure that protects your data center today, you will suffer outages due to attacks. If you consider one million euros per fifteen minutes, it is clear that my company experiences a clear ROI using the solution.

My company pays for the yearly licensing of Check Point IPS. It is a very expensive tool. Anything that falls under the security-related aspect, including Cisco products, is very expensive.

Our company has been expanding the use of Check Point IPS. We currently have twelve nodes, and we are considering expanding them. We continue to have Check Point IPS in our company, and we even changed from physical devices to virtual devices, including MCO solutions.

Considering how Check Point has evolved as a company, I would definitely recommend the solution to those planning to use it. Now, we are investigating the competitors of Check Point to have a better position when we negotiate prices. We also work with FortiGate in our company. If you look at FortiGate or Check Point, they are the top-line products in the firewall industry at the moment. Check Point is like a top-level provider of firewall solutions.

Overall, I rate the solution a nine out of ten.

Our primary use case is to protect the workstation. The IPS blade is integrated into our Check Point environment. We have many blades in Check Point IPS representation, each with a specific function.

The most valuable feature is very good and easy to use. Configuration is straightforward, and support is fast, usually within one hour. The IPS blade is integrated into our Check Point environment and is used for intrusion prevention.

There is room for improvement in the pricing model, and it can be more competitive.

Moreover, another area of improvement is in the maintenance of the solution because it requires a lot of people to maintain the solution. Some tasks can be automated, and I would like to see a feature where we can automate the tasks.

The company has been using Check Point for around 20 years, and I have been with the company for two years. The IPS blade is integrated with Check Point, and we use R81.20.

The initial setup is straightforward. It is easy to configure.

The solution requires proper maintenance because there are several tasks to check for updates and more. We have five people on the maintenance team. Our company has many firewalls since it is big, and the number of endpoints is more than 5000. Moreover, we have various roles like engineers, system administrators, or network administrators.

I would give Check Point IPS a seven out of ten. We started using this product a year ago, and it has worked well for us.

Initially, the requirement was just to have a stateful inspection firewall to control traffic entering our network. Later, we needed deep packet inspection to look into packets deeply to identify any kind of malicious content. This led us to start using Check Point IPS to have visibility across all the seven layers of traffic entering the network.

The solution is consumed by our SOC to ensure we have visibility into traffic entering our network. With IPS's logs, we began to get a lot of visibility into the type of traffic flowing into our network. It fulfills our SOC's need and has become our standard for deep packet inspection, which is easy to deploy.

Check Point IPS is very easy to configure. It's part of Check Point's blade architecture, where firewall, VPN, and IPS configurations are identical, making the learning curve minimal. The feature can be enabled with a straightforward process, allowing default or customized configurations.

From the product perspective, there have been instances where the signature download caused issues. However, it happened only once, and some QA is needed on signatures. Overall, the product is robust.

I have had experience with Check Point IPS for ten years now.

The stability of the solution is excellent. There haven't been any issues after enabling certain features, and it hasn't caused outages in traffic. During certification, we considered exceptions to avoid IPS inspection for legit traffic.

Scalability depends on hardware platform certification. Check Point's Maestro solution allows up to thirty-four firewalls in a load-sharing configuration. Properly sizing the appliance for IPS makes it a scalable solution.

Customer service is a significant drawback. Support is challenging during weekends, and support personnel often require unnecessary details, slowing resolution processes.

Positive

We use both Check Point and Palo Alto. Palo Alto is more expensive, with a front-end focused design lacking on the CLI. Check Point provides flexibility with Linux commands, reducing deployment hassle.

Setup is straightforward, rated as ten on a scale of one to ten. Configuration involves enabling the IPS feature and publishing changes, identical to setting up a firewall.

Three engineering team members worked on solution certification. The operations team, supported by four to five people, ensured deployment across global firewalls during limited change windows.

The solution fulfills the SOC's need for visibility and easy deployment of deep packet inspection, with no operational impact reported.

As a global customer, we receive decent discounts and expand our infrastructure using the solution. There have been no pricing issues.

We also evaluated Palo Alto and previously worked with Juniper long ago. Palo Alto has a steeper learning curve with proprietary terms not aligned with industry standards. Check Point follows standard conventions, simplifying deployment.

Check Point IPS is a preferable solution for its price, stability, and deployment ease compared to more complex solutions.

We wanted a more robust solution for controlling access to our cloud environments (AWS and Azure). In addition, we wanted our control to be cloud-based. 

Our thought was to find a solution to aid us in being proactive as well as reactive. We have multiple environments in multiple clouds with some areas having delegated administration. The solution we needed was one to reduce the need for administrative headcount to continuously review any misconfiguration. Beyond that we were looking to find a solution for SASE.

The product has allowed us to proactively mitigate any network access misconfiguration resulting from delegation. 

We didn't have to hire an additional network administration resource to focus on detecting any misconfigurations. Dome 9 has assisted through the pre-canned compliance templates. 

We are able to define our own rules for detection. 

In addition to the Harmony Connect Endpoint bundled VPN, the Harmony Connect SASE is continuing to reduce reliance on traditional VPN to the point we will likely discontinue the use of the bundled VPN.

In terms of valuable features, it's hard to choose one. Dome9 and Harmony Connect have both been great in detecting and solving access issues.

As mentioned elsewhere in this review, the Harmony Connect SASE has been extremely valuable in improving our security posture and moving us to a zero-trust mindset (organizationally speaking).

Also, as mentioned, Dome9 has paid for itself through the cost savings of additional headcount. If we didn't have Dome 9, we would keep an additional headcount for the single purpose of detecting network changes within the environment. 

Support is the biggest area for improvement. Check Point is responsive, however, their support agents seem to be very siloed in their ability and/or product knowledge. It takes time and escalation to get through most tickets as they are passed from one group to another and then back again. We are able to navigate our support issues with the aid of our account team, so I want to underscore that support is indeed responsive. However, the processes support techs have to follow seem to be the root cause of the support response issues. 

I've used the solution for two years.

This is where Check Point needs to get operations ironed out. Stable Check Point products are items that haven't been acquired recently. Recent acquisitions seem to lack cohesive functionality.

From what we've encountered, scalability isn't an issue.

Support seems siloed in knowledge, As a result, most support requests require additional management. 

Neutral

We previously used a different solution, however, it was costly and didn't provide the same functionality.

The setup was difficult given the number of products and the lack of a cohesive user experience.  

We implemented the product in-house with the aid of support as part of a POC.

We noted ROI after one year.

It seems, as with other services of this nature, opting-in on the bundled licensing is the best bet. I'd suggest looking at the Infinity Plan. 

We evaluated Cisco, Juniper, and Palo Alto.

Make sure you have a good vibe from your sales team. They tend to support you in the long run.