Check Point IPS Reviews

We wanted a more robust solution for controlling access to our cloud environments (AWS and Azure). In addition, we wanted our control to be cloud-based. 

Our thought was to find a solution to aid us in being proactive as well as reactive. We have multiple environments in multiple clouds with some areas having delegated administration. The solution we needed was one to reduce the need for administrative headcount to continuously review any misconfiguration. Beyond that we were looking to find a solution for SASE.

The product has allowed us to proactively mitigate any network access misconfiguration resulting from delegation. 

We didn't have to hire an additional network administration resource to focus on detecting any misconfigurations. Dome 9 has assisted through the pre-canned compliance templates. 

We are able to define our own rules for detection. 

In addition to the Harmony Connect Endpoint bundled VPN, the Harmony Connect SASE is continuing to reduce reliance on traditional VPN to the point we will likely discontinue the use of the bundled VPN.

In terms of valuable features, it's hard to choose one. Dome9 and Harmony Connect have both been great in detecting and solving access issues.

As mentioned elsewhere in this review, the Harmony Connect SASE has been extremely valuable in improving our security posture and moving us to a zero-trust mindset (organizationally speaking).

Also, as mentioned, Dome9 has paid for itself through the cost savings of additional headcount. If we didn't have Dome 9, we would keep an additional headcount for the single purpose of detecting network changes within the environment. 

Support is the biggest area for improvement. Check Point is responsive, however, their support agents seem to be very siloed in their ability and/or product knowledge. It takes time and escalation to get through most tickets as they are passed from one group to another and then back again. We are able to navigate our support issues with the aid of our account team, so I want to underscore that support is indeed responsive. However, the processes support techs have to follow seem to be the root cause of the support response issues. 

I've used the solution for two years.

This is where Check Point needs to get operations ironed out. Stable Check Point products are items that haven't been acquired recently. Recent acquisitions seem to lack cohesive functionality.

From what we've encountered, scalability isn't an issue.

Support seems siloed in knowledge, As a result, most support requests require additional management. 

Neutral

We previously used a different solution, however, it was costly and didn't provide the same functionality.

The setup was difficult given the number of products and the lack of a cohesive user experience.  

We implemented the product in-house with the aid of support as part of a POC.

We noted ROI after one year.

It seems, as with other services of this nature, opting-in on the bundled licensing is the best bet. I'd suggest looking at the Infinity Plan. 

We evaluated Cisco, Juniper, and Palo Alto.

Make sure you have a good vibe from your sales team. They tend to support you in the long run. 

I primarily use Check Point IPS as the second layer of security. The first layer includes routers, DDoS protectors, and access lists on other network devices. Check Point IPS is used for threat prevention in the network, not for web applications. I also rely on other solutions for web application firewalls.

The integration of IPS with the firewall is quite efficient. It's easy to implement, monitor, and prevent certain situations on the same platform, which is very useful for me. Also, the real-time update function is beneficial. Check Point provides new versions of IPS policies and indicators of compromise, which help us maintain an up-to-date security posture.

Currently, the solution is good for my needs, so I don't have any particular improvements to recommend. However, a reduction in price would always be welcome.

I have been using Check Point IPS for over ten years.

The stability of the solution is very high. I would rate it as ten out of ten. It has been consistently reliable.

Scalability can depend on the environment. In my setup, using a hardware version, scaling is not easy. There's a limitation on the power because it's not a modular harmonic system. Others might find it easier to scale if they use the Harmony solution.

Customer support used to be very good, rating at nine or ten out of ten a few years ago. Recently, it's not as strong, more around six or seven out of ten due to the quality of solutions provided and support handling of cases.

Neutral

I have used many platforms for Check Point, including Nokia and Splat, and now I use a dedicated platform for Check Point IPS.

The initial setup was simple, though it was a long time ago.

The price could be lower. It's always better for an end user when prices are reduced. The cost makes it difficult to implement in smaller companies.

I have used many vendors and platforms, such as Nokia and Splat along with Check Point, for various security needs.

Overall, I rate Check Point IPS a nine out of ten. I recommend it to other users for its integration capabilities and stability.

I have been using the product as an antivirus. It acts like a security guard, stopping bad things from getting in and ensuring only the right stuff gets through.

The tool's most valuable feature is its detection panel. Managing and updating policies within Check Point IPS is easy and without issues. It provides a secure network. 

The tool's pricing could be better.

I rate the tool's stability a ten out of ten. 

The solution is 100 percent scalable. My company has 150-200 users, and we plan to add 100 more users in the future. 

The tool's technical support is good. 

The setup process itself is straightforward, but configuring it can be complex due to the complexity of our network. It can be completed in two days. 

The tool's deployment can be done in-house. 

We can get 100 percent ROI from using the product. 

The tool's licensing model is good. The licensing costs are yearly. I rate it an eight out of ten. 

The solution exceeded our expectations. The Check Point IPS works with other security solutions, such as Ubiquiti and Bitdefender. Each product has its role in securing our network, devices, and users. We also use Microsoft Active Directory. I rate the tool a ten out of ten. You need to spend time and understand the product's capabilities. 

Check Point IPS was implemented two years ago to protect our infrastructure from threats.

It began by being implemented in local environments with a reduced staff to carry out the corresponding tests and not cause a total company blockage. Once the tests were over, we gradually extended to different departments. We began to use Check Point IPS to be able to provide security of Internet to users using the IPS and anti-virus anti-bot modules, we also apply them to invite us to enter the company and thus monitor outgoing Internet traffic and thus avoid malicious users. Prevention and detection are one of the most valuable pillars of security.

This tool has allowed us to obtain complete reports of the applications' vulnerabilities, which helps us remedy these vulnerabilities presented by the organization. 

It helped us a lot to monitor the internal traffic keeping monitored each server or user that enters the platform in this way Check Point IPS. It has allowed us to proactively reduce any incorrect configuration of network access that results from delegation. 

One of the points where Check Point needs to improve is in the support they offer, since there we have had a few inconveniences.

The implementation of Check Point IPS brought a lot of value to our organization with all the characteristics that the tool shows, starting with great visibility in a single dashboard, which makes it much better. You don't have to go through different tabs. 

Another feature is that it allows you to create multiple rule profiles. We can block directly from the outside without waiting to look at the logs.

With these and other features, Check Point IPS manages risk categories very well and accordingly helps us protect each of our devices in real-time.

It is always important to be improving the product to be at the forefront of technology. 

One of the improvements that would be good is to improve the latency in the portal. When entering, it always takes a long time to load. Also, when the tool is already running, you feel a slight decrease in performance.

The application has many facilities when using the tool. The configuration of each of the policies should have filters. 

We need to be able to understand and detect each of the vulnerabilities.

This solution has been used for approximately two year in the company.

It's very stable. We never had any issues of it stopping to work. It's been very stable.

We have not observed any significant performance impact on the firewall gateway by enabling the IPS module.

The Check Point engineer we dealt with during setup had a lot of experience. His working knowledge helped us with the implementation.

Positive

It is the first time that we've implemented a tool of this type.

We implemented the product in-house with the aid of support as part of a POC.

A Check Point engineer who had a lot of experience helped us with the implementation.

We implement the product internally with the help of support.

Attacks are prevented and detected based on severity, helping our organization eliminate compromising attacks. When making an investment with these tools, you are taking care of an important aspect that will double your profits.

With Check Point, the IPS license could be included with the firewall product. Therefore the cost of the license is not huge.

Other solutions were not evaluated. We have always worked with Check Point products.

One piece of advice is to have the latest database. You want to be protected against the latest attacks.

Check Point IPS is focused on prevention rather than strictly detection capabilities.

IPS enables us to secure our clients against the latest cyber threats.

Check Point offers DDoS and endpoint protection called EDR or XDR, so it provides a holistic security architecture for any organization.

I have been working with Check Point IPS for around five years.

Check Point IPS is stable.

I rate Check Point IPS seven out of 10 for scalability.

Setting up Check Point IPS isn't easy, but it's not too complex, either. I rate it seven out of 10 for ease of setup. Generally, customers cannot do it themselves. They need an integrator. 

Pre-planning is necessary. You need to clearly define the use case and the specific policies the customer wants. IPS doesn't require any maintenance after deployment.

My customers see a return in about three months' time. 

I rate Check Point IPS seven out of 10. Check Point is doing some ongoing consolidation. They are trying to unify the look and feel of the on-premise and cloud. That's in the roadmap, so that's why I'm giving it a seven. Once that is unified, maybe I will bump it up to 10. 

If you are an SMB customer, Check Point has prepackaged suites that are cost-effective and best for the total cost of ownership.  If a customer is asking for something specific I will probably recommend Palo Alto. It depends on use case scenarios. This was a perfect fit for my current customer's use case scenarios.

One of the needs that we had within our organization was the need to solve and support the prevention of zero-day attacks or vulnerability attacks within the network. We needed to be as proactive as possible to focus on solving any incident or gap that could be opened in the future within our organization. With this product, we were able to implement IPS solutions. IPS gives us the ability to detect and be proactive against many attacks - even if they are very new. The solution can detect old and new signatures. 

Check Point IPS services give our organization peace of mind. We know that the solution will be running and constantly updated thanks to the integrated Check Point services. It ensures stability. We have a solution that covers us all the time, day and night. In the configuration process, the solution has provided us with detection regarding what is stable. It is scalable and will allow us to grow according to the demand and the need. The service is well-maintained and functional.

The solution with the most organizational value is its 360° view, which has allowed us to integrate it well and speed up the view of records. It is dedicated 24/7 to detecting any attack. Vulnerabilities or incidents be flagged. It has the capability to give us alerts and offers good productivity to ensure that the services and data of our organization are always secured. 

Some of the features for views and visualization are already predefined as default files. This helps us to be proactive and not have to define any search or specialty of the services.

The service that we want to see in the future is a capacity to segment the IPS services by equipment. We'd like to see the integration of the communication of the services in the next-generation firewall and the other solutions that it has, such as Harmony. It would be great if they could start creating interoperability with both technologies. Integrating these solutions with the lighthouses could generate more complex and complete interoperability. That said, we'd want the solutions to be acquired and administered as one solution. 

We have been using the service for about two months.

We needed a security tool with features like:

• Exploit detection
• Vulnerable Protocol Validations
• Malware communication blocking
• Easy administration

We found these features in the Check Point Intrusion Prevention System. It's the exact protection required for our infrastructure.

We managed to increase the level of business security thanks to this blade provisioned within our Check Point gateways.

Thanks to the use of this tool, we could avoid malware that might be installed in our infrastructure. It offers prompt detection.

We also needed to be able to have protection against emerging threats during Microsoft updates on our Windows servers.

This tool gave us much more protection for areas that are not covered with the use of the gateways.

One of our great concerns is the patching of servers where Internet access is opened and where we may have vulnerabilities. Thanks to Check Point's Intrusion Prevention System (IPS), we could keep our environment safe.

It provides a centralized environment by being unified with the administration of our gateway environments with management through Check Point Security Management. It is easy to use and has large dashboards that help us make decisions that help us continue to improve security.

Check Point's Intrusion Prevention System (IPS) provides us with many important features such as:

1- A centralized environment, managed by the security management portal.

2- Real-time protection against threats, generating security so that we can act immediately when we have a threat.

3- Protection backed with thousands of signatures of prevention and malicious behavior.

4- The reports are useful in helping to verify the threats where we can see the level of severity in order to be able to take action.

It really is a complete tool.

Check Point's Intrusion Prevention System (IPS) may improve in the following fields:

- They should have a cost improvement. Despite being a blade, this is expensive.

- They do not have a separate console.

- The documentation accessible by the manufacturer is generally for versions R80 or less. Some features or configurations have changed, which makes a more efficient and faster implementation difficult.

- The costs are only visible through a partner who provides you with the details. We would like them to be public so that we do not only have to view the costs through them.

We use this blade for a branch in our cloud environment. We have it in order to be able to support against intrusions for at least three years now.

We have cluster environments and we have found its stability to be quite good.

In cluster and VSS environments in Azure, the scalability is robust.

Previously we did not use an IPS tool. It wasn't until the business need was realized when that we started the validations of which tool to implement.

It is always important to validate the costs and characteristics of the available tools. I recommend finding a partner that can provide that support to correctly deploy what is necessary.

It is very important to always look for documentation, and characteristics and be able to compare them to make an informed decision based on security needs. In our case, we already have tools within our GWs environment, so it was easy to add this product.

It is a good tool. However, you must have a GWs environment in use to be able to add it.

It has allowed us to provide protection that we did not have before. We have tested and reviewed different solutions throughout the year to establish the best solution that would allow us to meet internal demands based on the products our organization sells and makes available from third parties. We need to protect information from those catalogs the database users who are willing to purchase services with us and at the same time we need to keep them protected. We need a safeguard from cyber threats to reduce downtime in costs associated with attacks and a potential loss of communication against our services in the data center.

Check Point helps reduce downtime and costs associated with detected cyberattacks and can block those threats to ensure protection from any significant damage that may be caused within the organization. We get an environment with protected data centers where there is no interruption of services and no significant loss (including reputational loss) to our company. 

By having a solution that allows us to protect systems and data from cyber attacks or unauthorized instructions (including malware and DDoS attacks), we can protect our system from all kinds of threats. Check Point reduces downtime and costs associated with attacks that cause communication losses and guarantees compliance with security. It also ensures the privacy of all the data that we have stored, which helps us maintain a high level of reputation when it comes to careful administration and data segmentation. Now, there is a formalization of data protection. Check Point is really compatible with the internal needs of our organization, and its features offer us a great advantage.

There is an issue with precision. There is room for improvement based on the type of threats that are constantly evolving. They need to ensure they are managing to keep up with threat changes and generate some new approaches. 

Another feature that I would like to see as a substantial improvement is the expansion of support in cloud environments. We need to ensure we can have access to public and private clouds and need to be able to include integrations with different popular providers. 

They need to offer IoT as device support.

I've used the solution for one year.