Check Point IPS Reviews

The company needed to improve its compliance with traffic risk management before all the company employees went full WFH. 

This has turned into a more efficient operational control of internal traffic, where numerous threats had been identified while working in the office as most malware is somehow admitted by someone with access to the company network, either unintentionally or not. This actually drove revenue growth as fewer resources had to be spent from the IT department to fight cyber threats.

We've seen how this firewall has operated on real-time threats to both cloud and physical servers by detecting, neutralizing, eliminating, and then patching against malware. 

We can test these patches post-deployment in less than one day. We'll then generate reports that include the activity for the time we desire and gauge the performance of the software. 

From all this data, the IT department can determine future precautions, what kind of traffic will be blocked, and what users will be restricted.

We've been able to monitor all the devices in the network after activating and configuring the software blades. This shows us who's connected and who's not and how many disconnections there have been. 

The firewall picks up malware traces that may have affected other users and networks and notifies when a particular site has been the source of infection. 

There's less admin burden to detect these threats as Check Point IPS will do it all for you and suggest the best preventive actions to protect the network.

When exceptions need to be done for certain profiles, it is easy to get them done, however, implementation on some general ones may cause some extra work as the IPS is not easy to overwrite. 

There are updates that have been scheduled that have been delayed more than expected, which impacts the performance of the firewall when the traffic is high. This can cause false positives and release alerts for harmless traffic, which results in a deviation of the attention from the security administrator when it's not relevant.

We've used Check Point's complete protection package for our network for more than two years.

We primarily use Check Point to provide visibility into our network. It lets us see the east-west traffic, and it gives us a lot of information to work on as far as what kind of traffic was passing through.

Overall, it give me a lot of insight into my network that I didn't have before.

It lets us know about anomalous behavior and it provides alerts regarding activity on certain ports. It lets me decide, for example, whether something is a valid connection, or causes me to question why a certain port is open.

The pain point that I have with this solution is contacting technical support.

I have been working with Check Point IPS for more than a year.

Stability-wise, this product is great.

The scalability comes from the fact that this is an on-premises device that ties into a cloud service. It's a hybrid application. Once you have it installed, it's collecting information. You put it right there in front of your input into the network, and it picks up all of the traffic.

Sometimes, technical support takes a long time to get back to you.

I used Check Point Endpoint Security, as well as the Network Detect and Response (NDR) appliance.

I am currently using Darktrace and Vectra in addition to Check Point. I've been using all three and I find that Check Point is the one where I get the most information from. I will stop using Vectra this year but I will retain Darktrace, as long as they keep it at a certain price.

Darktrace takes a lot more configuration; unlike Check Point, there are a lot more changes that need to be made. When it's fully integrated, it requires a lot of time and it may end up being as useful as the Check Point.

The reason I keep all three is because they all give me a different kind of view. They all give me different information. If they gave the same information, it'd be useless to keep them.

With respect to similar security products, I have demoed CrowdStrike, worked with Symantec, and am also using Check Point.

Check Point was fairly usable out of the box.

I am using an on-premises appliance that ties into a cloud service.

Pricing for this solution is negotiable and I'm happy with our pricing.

I suggest negotiating either at the end of their fiscal year or at the end of every quarter. At the end of the quarter, they have an incentive to lower the prices to sell as many units as possible in order to meet their end-of-quarter quota.

If I could only keep one of my security solutions, it would be Check Point. To me, it provides the most valuable information.

I would rate this solution a nine out of ten.

We deployed the Check Point 6300 series firewall for protection of our internal and external servers, and various in-out traffic as well. 

We have Windows-based servers, Linux-based servers, and other appliances which are connected through a Check Point firewall. These devices have many vulnerabilities. To secure our infrastructure we activated the IPS Blade on the Check Point firewall.

The IPS has helped us to block many known and zero-day attacks on our network. IPS is one of the best solutions from Check Point firewall

Check Point IPS has helped us to prevent attacks on our servers and user traffic as well. We have many Windows-based servers has many vulnerabilities. After Check Point IPS is implemented, we blocked those signature-based attacks on our network. Many times I found logs, and IPS has blocked many windows-based signature attacks.

We scheduled IPS updates as per our IT policy and new signature updates are set to monitor mode until a particular period to avoid conflicts after checking the behavior we set back to prevent mode.

The switch IPS prevent and monitor mode is a good feature that helps us to avoid any unnecessary impacts on our network.

It is simple to activate, configure, implement and assign profiles and rules to security gateways.

The Check Point IPS database is huge. Signature updates are satisfied. Every two hours, the database receives an automatic update that keeps it current and protects against zero-day vulnerabilities.

IPS logs enable complete visibility and reporting through the smart console. This was a big help to us.

I am pleased with it as it seems to be in order. I don't have much to say, however, there were a few things I noticed about the behavior of the Check Point IPS.

First, sometimes I have issues with scheduled IPS updates.

The impact on performance when opening the IPS blade is challenging while the firewall is operating under severe demand is the second, which is pretty common. I only note it here. 

There is no standalone IPS appliance available. Only the IPS blade needs to be enabled on the security gateway that Check Point provides.

I've used the solution for more than two years.

We first saw that this blade was available to use in our Check Point gateway. Later, we understood that there are advanced threats that are in charge of exposing weaknesses. We did not have our perimeter completely covered, which is why we decided to use this technology.

This technology helps us to detect and prevent attempts at exploiting vulnerabilities. It also helps a lot as the tool poses very few false positives, giving the tool good credibility.

Check Point IPS has helped us to have greater perimeter security through our Check Point Gateway. It offers us an easy implementation and has great protection across our infrastructure.

By means of Smart Events, we can carry out very advanced monitoring of the threats that have tried to enter our infrastructure.

It is a great tool. It is totally recommended by us. It really covers many areas of security, such as anti-malware, data loss, improper use of protocols, and preventing known exploits.                             

One of the characteristics that we liked the most is the functionality and easy implementation via the Check Point Gateway.

The cost is reduced to being a blade. That is a good detail of the product in terms of licensing.

Protection in real-time is very good. It helps us detect things on time and make decisions to improve perimeter security.

Also, a very good feature is the optional mode of putting it only in detection mode. They are ensuring in that sense that they are not so intrusive at the beginning of the implementation in production environments.

Sometimes Check Point documentation is not always updated, which is why when some implementations change, it generates confusion about details. In addition to extending some implementations, it would be good for Check Point to keep its documentation public and updated.

This product, as a blade, does not include the license with the Check Point gateway.

Some errors are generated in the implementation of the Smart Cloud in the Infinity Check Point Portal. When that happens, cases of withdrawal must be carried out without embargo for a long time in response.

We have been using this solution for about two years and have received the expected results. We are satisfied with the product.

Yes

Yes

Great and easy.

Positive

Previously we did not use another brand or tool. This is our primary solution now.

No

We did evaluate other options. It is always important to evaluate various options to see how they adapt to the client's system and infrastructure.

We recommend the product. It is highly safe and easy to use.

The opportunity to use this tool was provided due to its ease of implementation within our NGFW security environment. The solution has been very good and the tool has a low rate of false positives, which makes it safer and more accurate.                                                                                                                                                                                                                                                                                               

This IPS tool is integrated with our gateways and is managed from our management environment. It has been very useful. It has given us protection to find any vulnerability, detect it, and improve it. It also validates threats reliably through its monitoring panel. The reports and logs help us to deal with decision-making to improve security conditions.

The option of security patches has been better protected to manage the servers' updates in a reliable way.

Its monitoring and reports generate extra help to be able to fight against
vulnerabilities.

We have really liked practically all the product's features - from the easy implementation through Check Point's gateway to its reduction in licensing costs. That especially really positively impacts the company's finances.

The low number of false positives for vulnerabilities builds additional confidence in the brand.

The constant updating of vulnerability signatures gives the tool protection against new and old threats.

One area that could benefit from improvement at the vendor level is the responsiveness of the support team. In our experience, resolution times tend to be slower than expected, even when the issue involves newly released tools or features.

Additionally, implementation processes can occasionally be complex, requiring more guidance than what’s currently available.

It would be highly valuable to see updates to Check Point’s public documentation. Enhanced and more detailed resources would help teams adopt best practices more efficiently and drive continuous improvement across deployments.

This is a great security application. We've used it in our Check Point gateways and management environment for more than three years. We've enjoyed excellent performance.

yes

yes

great.

Positive

Previously we did not have a tool that would solve our security problems.

excellent

yes, excellent deploy.

It is essential to validate the costs before implementation and also to test before setting up the environment in production.

We value some tools. However, nevertheless, Check Point met the conditions to implement it correctly and comply with what was necessary.

its a excellent solution by my company

The integration is a valuable feature.

The solution’s deployment could be easier.

I have been using Check Point IPS for three years.

There was no issue with the solution’s stability.

The solution is scalable.

We ask about issues with the technical support.

Positive

The initial setup is not easy. You have to configure the same type of menu for each channel and send it to the portal. You can verify the name from your website.

Check Point IPS is a brand and solution for protection.

Overall, I rate the solution a nine out of ten.

We use this product to control incoming and outgoing traffic to the company and to control the internal traffic between the various company subnets. 

We have many departments and have segregated the traffic via subnets controlled by the Check Point firewall. 

We also have some services exposed on the internet for which it is necessary to have control over intrusions. 

Our reality is made up of a series of Check Point firewalls in which we have activated the intrusion prevention system functionality.

With the introduction of this Check Point solution our company has significantly increased the level of perimeter security, once this was done we proceeded to configure the service also for internal networks where there was a need to control traffic.

With the introduction of Check Point, our company has significantly increased the level of perimeter security, once this was done we proceeded to configure the service for internal networks where there was a need to control traffic.

We are quite satisfied with the product.

The possibility of customizing the rules is great. Sometimes it appears a bit rigid yet it is still easy to use. There is an easy application of policies once the basic configuration has been done with the possibility of copying profiles to make them better meet all the needs of the companies. 

There's also the possibility to set alerts only in order to check whether a signature can cause problems or not before blocking traffic and causing damage to users. 

Overall, it seems like a good product even if sometimes a little unintuitive. That said, it is no worse than others.

The product could be improved in its configuration interface. I have seen that there are more points where exceptions can be made but it is not always intuitive to find the right point where to make them. 

Sometimes we had false positives where packages that were legitimate for us were blocked and we had to unblock them through exceptions. 

I don't see any other big problems and I hope not to find others in the future

I've used the solution for five years.

We did not previously use another solution.

We did not evaluate other options. 

The solution protects against the latest attacks. It is essential because collaborative tools and networks are necessary. The attacks are increasing, and we need protection in real time.

The support could be improved. We need quality information on the new products and solutions. We are implementing new solutions for Check Point, but these solutions are not thoroughly tested, which might lead to problems. If we had a lot of information and knowledge about the solution, it would be easier for us to implement it.

The solution’s scalability is fine. When I escalate an issue, I appreciate their efforts and their support.

The technical support is good. The engineers responsible for this area are expert people. The documentation in the knowledge base allows us to resolve issues. The blocks or columns help me understand what kind of issues they have.

Positive

We have worked only with Check Point. We were a partner of Check Point in my last company. We provided solutions to customers and encountered different challenges because of other solutions. Fortinet was much cheaper than Check Point. The competition is based on price, whereas Check Point is superior in quality and security.

The initial setup is easy and intuitive.

The solution has a high cost, but the relation between price and quality is okay.

Overall, I rate the solution a nine out of ten.