Check Point IPS Reviews

The main use case for Check Point IPS is to protect against malicious attacks and cyber threats, whether they are known or unknown. It stops malicious traffic from entering the network or being executed, keeping the network safe. Check Point IPS provides protection against malware that should not execute in my client network, ensuring the network remains secure. With its intrusion prevention system, it matches signatures based on the database Check Point IPS has and acts accordingly to block both known and unknown threats. This way, the solution stays ahead of cyber threats.

Check Point IPS offers granular policy control, allowing administrators to customize IPS policies based on severity, protocols, or the source and destination. This provides flexibility and minimizes false positives. The integration with Check Point Threat Cloud ensures the IPS engine is updated with the latest attack signatures. Additionally, the solution employs behavioral heuristic analysis to block zero-day attacks using AI-powered engines. Another feature is the integration with SmartEvent for centralized monitoring, logging, and reporting, enabling security teams to analyze attack patterns. High-powered processing hardware optimizes resource use, allowing all features including inspection, antivirus, and firewall security to be utilized efficiently.

Improvements could include more attractive dashboards, visual analytics, and automated attack path correlation in SmartEvent to enhance situational awareness and attack identification.

I have been using Check Point IPS for more than two years for operational purposes, including troubleshooting cases. I have extensive hands-on experience with IPS.

Check Point IPS requires powerful processing hardware to handle the traffic load and inspection efficiently. Hardware resource optimization is crucial, and Check Point excels in this regard. Additionally, the customization of IPS signatures allows granular control, letting organizations decide on the handling of traffic based on their specific severity requirements. Exception and exemption policies can also be set to exclude certain traffic from IPS inspection. I rate the overall solution 8 out of 10.

Our primary use case is to protect the on-prem infrastructure. The IPS blade is integrated into our Check Point environment. The product is the core of our security infrastructure that we use to filter and block attempts for connection into resources.

Due to the pandemic, the company needed to improve its compliance with traffic risk management since all employees went full WFH.

This has turned into more efficient operational control of internal traffic, where numerous threats have been identified while working in the office as most malware is somehow admitted by someone with access to the company network, either unintentionally or not. This drove revenue growth as fewer resources had to be spent by the IT department to fight cyber threats.

We've seen how this firewall has operated on real-time threats to infrastructure by detecting, neutralizing, eliminating, and then patching against malware.

We can test these patches post-deployment in less than one day. We generate reports that include the activity for the time we desire and gauge the performance of the software.

The IPS module offers protection against malicious inbound Internet traffic to our DMZ network and inspects and blocks outbound Internet traffic to sites that could be a danger to our internal users.

IPS definitions are quick & simple. It is a robust system to fortify the digital perimeter. It can prevent DDOS attacks by analyzing traffic patterns. 

Another valuable feature of the solution is that the product's stability has been very good. The product's uptime has been massive, and there has not been any downtime, making it a very good product.

The product has allowed us to proactively mitigate any network access misconfiguration resulting from delegation. It enables us to define our own rules for detection.

It has false positives.

There is no option to have automatic exceptions from a rule.

The initial deployment can be a challenge.

The upgrade process or the maintenance of the devices for each firmware upgrade requires one to break the cluster and run a specific moment at a time, a single node concept. 

The firmware upgrade process is quite cumbersome.

There is room for improvement in the pricing model. It can be more competitive.

Moreover, another area of improvement is in the maintenance of the solution because it requires a lot of people to maintain the solution. Some tasks can be automated, and I would like to see a feature where we can automate the tasks.

I have been using Check Point IPS for more than 15 years.

On-premises

We are a government company providing services to our revenue department. We started out doing services for the tax administration and customs department, and later expanded beyond that. We use Check Point IPS primarily in these roles.

Check Point IPS is very useful in providing access control at the network level and preventing access from suspicious sources. Our organization benefits from Identity Awareness, firewall functionality combined with IPS, and in some cases, URL filtering. The granularity of controls has improved over time, providing better security posture even though I am not the one handling the hands-on configuration.

We have probably been using Check Point IPS from around 2002.

There were no specific issues faced during deployment; it was straightforward.

Check Point IPS provides a very stable and reliable environment.

Check Point IPS is very scalable. We have moved to a hyper-scale master environment, allowing us to scale by adding additional gateways to the clusters.

The customer service is highly rated. Our technical teams have personal relationships with our account executives and direct support people. I rate their support eight or nine out of ten.

Positive

There is a comparison mentioned with Fortinet. We have found it would be cheaper for us to keep Check Point IPS rather than migrate to Fortinet.

The initial setup is straightforward.

We have not measured any return on investment directly.

Comparisons with Fortinet show that Check Point IPS is relatively more expensive, but we found it cheaper to retain it rather than switch.

When compared to Fortinet, Check Point IPS was found to have fewer vulnerability announcements, reinforcing its stability.

We rate Check Point IPS at eight out of ten. We recommend it to others and have relationships with local partners and Check Point Latin America directly. The overall solution is rated an eight out of ten.

My main use case for Check Point IPS is to monitor and update various rules and prevent any possible attack.

In a situation where Check Point IPS helped me prevent a specific attack, prevention is key; we monitor and update the rules once a week for our client, and keeping everything monitored and updated prevents any problem.

I do not have anything else to add about my use case or how I rely on Check Point IPS.

The best features Check Point IPS offers are how easy and how reliable it is; it can prevent a lot of signatures, which is very nice, and it's actually essential in this year.

The real-time protection for our client is what makes my day-to-day work easier.

Check Point IPS has positively impacted my organization by making the infrastructure actually more protected now.

I measure that increased protection by seeing fewer incidents because we update every week, so there is no time to wait and create a breach.

For the product itself, there is nothing that I wish worked better or was easier, but it can become complex to manage all the rules if the infrastructure is very big.

I do not want to add more about the needed improvements.

I have been using Check Point IPS for two years.

Check Point IPS is very much stable.

The scalability of Check Point IPS is on point, while the customer support is sometimes a bit slow.

I would rate the customer support an eight.

Positive

I did not previously use a different solution before Check Point IPS.

I have seen a return on investment since using Check Point IPS, as evidenced by fewer incidents.

I am not in charge of pricing, setup cost, and licensing.

Before choosing Check Point IPS, I did not evaluate other options.

The advice I would give to others looking into using Check Point IPS is that it's not for not-advanced users; a new administrator can be overwhelmed.

My company has a business relationship with this vendor as a partner.

I was offered a gift card or incentive for this review.

I do not have any additional thoughts about Check Point IPS before we wrap up.

On a scale of one to ten, I rate Check Point IPS a nine.

Hybrid Cloud

Microsoft Azure

We primarily use Check Point IPS for cybersecurity, specifically when there is a need for internal and external connections. We use it to monitor performance and take necessary actions when events occur. We also use it for firewall solutions.

Check Point IPS has helped us maintain cybersecurity through effective monitoring and behavior analytics.

Behavior analytics and monitoring capabilities of Check Point IPS are valuable, especially for cybersecurity purposes.

It's hard to specify areas for improvement without a deeper investigation. However, usually, IPS does its job. Some challenges might exist with integration depending on the environment.

We have been using the solution for five years.

The solution is 99.8% stable.

Flexibility and scalability depend on the solution and the requirements. So far, we haven't faced any requirements that couldn't be submitted.

The customer service and support are satisfactory. I would rate them quite high.

Positive

The initial setup can be complicated if you are not familiar with what you're doing. It usually requires two people for a successful installation.

Check Point IPS usually requires two individuals for installation, depending on their certifications.

Our return on investment is usually based on a three-year period.

Pricing is average. Usually, the price listed isn't adhered to, and negotiations occur.

We compared with solutions from vendors like Fortinet, Cisco, and Palo Alto. Palo Alto is perceived as better in performance and technical aspects, while Fortinet is seen as less robust.

I'd rate the solution eight out of ten.

Check Point IPS is a signature-based protection tool. As such, it is better than a cloud database. Check Point IPS is useful for anomaly detection and user behavior monitoring. In our company, we check our daily logs in Check Point IPS. My company has customized the settings of Check Point IPS as per our requirements.

To overcome the tool's shortcomings, the signature-based protection that the product offers needs to be more effective and regularly updated. Some of the configurations and management should be easy in the product. Signature tuning should be more user-friendly in the tool because, as per my experience, signature tuning is tough in Check Point IPS.

I have been using Check Point IPS for seven to eight years. I am a user of the solution.

It is a stable solution. Stability-wise, I rate the solution a ten out of ten.

Scalability-wise, I rate the solution a nine out of ten.

Around 6,000 people in my company use the tool.

The solution's technical support is very effective. I rate the technical support a ten out of ten.

Positive

I rate the product's initial setup phase a ten on a scale of one to ten, where ten means it was a very easy process.

The solution is deployed on a hybrid cloud model.

If any of the products from Check Point, like any of the firewall or any other components are already deployed in our company, then we can basically integrate Check Point IPS with such existing components, a process which may take upto a week to be completed. If a new deployment process has to be carried out for Check Point IPS, then it will take a longer time period to be completed.

Rack mounting will be used during the deployment process. The deployment phase will consist of two scenarios, one of which consists of software deployment and the other one is hardware deployment. During hardware deployment, one needs to find the rack and mount the devices, as well as perform many other physical activities. Once the product is up and running, one needs to go for the software deployment part, which will definitely take some time because of the configurations needed.

The security offered by Check Point IPS is a very crucial and important part of any organization. Whatever investment is needed, has to be made to secure the assets.

My company is willing to invest in the product for returns, especially so that we can reap the benefits from its cost-saving and time-saving capabilities.

It is a reasonably priced product.

Check Point IPS is useful for our company's cybersecurity framework since the product acts as a threat prevention system. My company uses the product's prevention mode over its detection mode.

There is a different IT security team in my company, which is basically like an information security team, who actually analyze reports on a day-to-day basis while checking for any middleware attacks or DDoS attacks. The tool is very useful, and the IT security team can prevent attacks with the help of Check Point IPS. Check Point IPS can also be used to detect malware.

I don't have any idea whether the product has improved the security part. The internal response time to any attacks is something that depends on how critical the situation is in our company. If any attacks are at the beginning stage, then it acts very quickly, and otherwise, it takes time depending on the severity of the incident or task. If there are any urgent requirements, then my company can make a call and reach out to Check Point IPS.

In terms of the product's integration capabilities with our company's existing infrastructure, I would say that my company has been using the tool since 2017 and has not faced any challenges. My company needs to upgrade our devices.

I definitely recommend that others use the product because it is easy to configure, offers proven IT security services, and is very effective against zero-day attacks or middleware attacks.

I rate the solution a ten out of ten.

Hybrid Cloud

I use it on a perimeter with the internet-facing services, so the traffic will pass through Check Point IPS, which will secure connectivity and communication.

The most valuable feature of the solution is called tunneling. Tunneling is one of the major security features that hackers cannot penetrate through. The hashing and SSL are also some of the valuable features of the solution.

The area with certain shortcomings where improvements are required consist of support availability. The tool's complete operating system architecture is being designed in such a way that it looks a little complicated compared to the tool offered by its competitors. The tool's complete operating system architecture needs to be simplified for the users, especially from an administrative and troubleshooting perspective, so that it can be used quickly or with speed whenever there is a crisis. If the aforementioned areas are considered, the product will be much stronger. The tool's support is a major issue because it has not been quick in certain areas compared to the ones offered by Check Point's competitors.

The product's scalability has certain shortcomings where improvements are required. The product should be able to handle and compete with competitors and their services as well as updates, which are much faster than Check Point.

Check Point IPS has been used in my organization for two decades. My company has a partnership with Check Point. My company also has customers at Check Point. My company can be described as a direct consumer, and we even deal with Check Point directly.

Stability-wise, I rate the solution a nine out of ten.

Scalability-wise, I rate the solution a seven out of ten.

I rate the technical support a six out of ten.

Neutral

Mainly, in my company's branches, I have Check Point. For my core data center, I use Cisco and some other solutions. Palo Alto is also a product I use in my company. The aforementioned area consists of the IPS tools I use internally in my organization.

The product's initial setup phase was okay.

In terms of ROI, I would say that Check Point IPS is able to meet the purpose for which my company purchased it. I rate the product's ROI a nine out of ten.

I rate the product price an eight on a scale of one to ten, where one means it is very cheap and ten means it is very expensive. The product is expensive.

A few integrations with Check Point IPS are a bit complicated, especially the cloud-based ones. The product's integration part is complicated because its users need a lot of support and HA so that it can work in a high-level architecture while also being integrated mainly with cloud platforms and considered a reliable source.

If I speak about objects in Check Point IPS, specifically in terms of the screening, sometimes it will go into the deepest screening which one may not be able to see the logs and for that we need to enable search specific logs, and it needs to be validated. For the aforementioned process, it should be simplified, and similar to other products. There should not be areas that are invisible and it should be transparent.

I rate the tool an eight out of ten.

In my company, we use Check Point IPS for its intrusion protection functionalities. The product is the core of our security infrastructure that we use to filter and block attempts for connection into resources, which usually you want to happen only for specific administrative roles.

The most valuable features of the solution are that the product's stability has been very good. The product's uptime has been massive, and there has not been any downtime, making it a very good product. Our company has had a six-year uptime record with Check Point IPS. The firewall has not caused a single second of outage while functioning to protect access to our data center.

Based on what I hear from my full-time firewall administrators, the upgrade process or the maintenance of the devices for each firmware upgrade requires one to break the cluster and run a specific moment at a time, a single node concept. I hear from my admin that the firmware upgrade process is quite cumbersome. Our company has made Check Point very well aware of the cumbersome firmware upgrade process, including the other customers as well. The aforementioned details can be considered for improvement.

The price of the product needs to be improved since it is an expensive solution. All the components of Check Point IPS are expensive, while licenses of the product exceed all its other expenses. If you have a data center without infrastructure, you will suffer from losses on a monthly and yearly basis due to DDoS attacks, which we know about since we have the data for ourselves. It is up to each customer to determine how long he can lose his data center, and then you count if it is possible to lose it for that amount of time, and if you don't, then pay the price for the firewall.

I have experience with Check Point IPS.

Stability-wise, it is a good solution since we haven't faced any outages in our company.

With MCO solution, Check Point IPS is super scalable since we can spawn virtual firewalls and provide additional CPUs to one particular firewall. Check Point IPS is a SUSE firewall solution where you can launch virtual firewalls within the SUSE, making the product very flexible and versatile.

There are thousands of end users of the solution in my company, which is a major airline company.

My company plans to increase the solution's usage since we have thousands of users.

For the deployment and maintenance, there is a need to provide twenty-four hours and seven days a week coverage. Per cluster, you would need three people for maintenance. If you have twelve nodes split across six clusters, you need six persons and one manager for maintenance.

I have contacted the solution's technical support for solutions like Check Point IPS since it provides two ways to make a change in infrastructure, which you can find in its GUI. If it is not there in the GUI and doesn't work from the moment you need CLI, then you create a technical case to have the vendor watch your actions while you do it, which applies to Cisco controller-based networking. It either works via the GUI, and if it does not, you almost always create a tech case in the case of Cisco or a technical support case in the case of Check Point to have somebody from the technical support assist you. Cisco or Check Point products are no longer meant to be run without support.

The initial setup of Check Point IPS was complex. The nature of the product is such that the setup phase is complex since one needs to insert a firewall into all the connections. One cannot implement a firewall partially since that is completely useless. When one implements Check Point IPS, it is necessary to ensure that all of the traffic goes through it, making the implementation complex, but that's not Check Point's fault since it is the nature of the IT landscape.

The deployment process takes at least three months.

Regarding the deployment process, you install the boxes in a lab environment or a DMZ. In the second step, you upgrade the firmware to the last version you want to have the firewall because you wouldn't want to do that after it has been put in your network. From the moment you have the base setup, you separate the cluster again and distribute it across your data centers, after which you can start activating the firewalls. Basically, what you do is that you install them, cluster them, and in the final stage, you implement or migrate from an existing rule set from another firewall onto the new firewalls. The rule set is super crucial because you cannot start with a blank rule set in a production environment, and you cannot build it up from scratch. Either you get a rule set from somewhere else or build it up manually, which will require massive work.

The implementation process is always done with the help of a third party.

If my data center goes down for more than 15 minutes, we lose one million euros in operational costs, meaning our company's return on investment is immediate. If you do not have a firewall infrastructure that protects your data center today, you will suffer outages due to attacks. If you consider one million euros per fifteen minutes, it is clear that my company experiences a clear ROI using the solution.

My company pays for the yearly licensing of Check Point IPS. It is a very expensive tool. Anything that falls under the security-related aspect, including Cisco products, is very expensive.

Our company has been expanding the use of Check Point IPS. We currently have twelve nodes, and we are considering expanding them. We continue to have Check Point IPS in our company, and we even changed from physical devices to virtual devices, including MCO solutions.

Considering how Check Point has evolved as a company, I would definitely recommend the solution to those planning to use it. Now, we are investigating the competitors of Check Point to have a better position when we negotiate prices. We also work with FortiGate in our company. If you look at FortiGate or Check Point, they are the top-line products in the firewall industry at the moment. Check Point is like a top-level provider of firewall solutions.

Overall, I rate the solution a nine out of ten.