Check Point IPS Reviews

They are one of the blades that we get to try or use more when we start using Check Point Firewall products. They give us the power of protection and security accompanied by other characteristics and solutions that together become the best in the market. It's uniting all that computing power with the cloud and thus giving organizations greater peace of mind and closing our security gaps in applications or services. Something that we love is that it can be enabled in any gateway, and therefore that saves us implementation time. 

It came to help us in many ways. The most outstanding was being able to have broad visibility and being able to make threats visible in real time. We are able to integrate it with smart events, which allows us at the SOC level to have a complete and reliable panel that saves time for security in visualizing and responding to events of this nature. 

Among its great features is the ability to detect outgoing malware or extraction of compromised data and stop it, thus safeguarding us by isolating the network, the equipment, or the identity of the affected users. 

The IPS feature is available in all appliances that we are going to use as a firewall, and that is how we have a blade that helps at all times. We have both a firewall and also a complete solution with multiple new-generation features that can be physical or virtual and where more advanced analytics can be integrated, for example, in the Infinity Check Point cloud. Among those characteristics is its coverage of updates in real-time and constantly. This is done without an administrator's intervention. 

What I want as a new feature is to be able to bring these solutions to public clouds. However, today, we can do this. We are taking our datacenters, these next-generation places. These technologies evolve at an unparalleled pace. This solution will soon be in mobile services, and it is here that the new equipment management lines will be managed in the future. We want the solution to continue to move towards cloud-based and portability focused for telecommuting users. 

I've used the solution for about two years.

We are using Check Point IPS for the detection and prevention of threats for our PCI firewalls where it's mandatory to use it.

The most valuable feature of Check Point IPS is the management of devices and policies.

Check Point IPS' main problem is it is mostly software based. The performance is dependent on the CPU power, and the limited number of patterns.

I have been using Check Point IPS for over five years.

Check Point IPS is stable.

The stability of Check Point IPS depends on too many factors. It always depends on the usage and the traffic. However, we did not have any issues with scalability.

We have approximately 40 to 50 people involved in using Check Point IPS, such as the firewall and IPS managing teams.

We have onsite engineers from the Check Point IPS directly on our site.

I rate the support from Check Point IPS a four out of five.

Positive

The initial setup of Check Point IPS is straightforward because there are security profiles with default recommended configuration. However, these were beneficial at the time when produced but they are not that helpful anymore. 

It can take some time to do verification because there are some protocols where you know that there could be problems. For example, for some of the sharing features, you have to be careful. Those there are the profiles you can use for the setup, you do have to do a lot of manual work to have everything work correctly.

I rate the setup of Check Point IPS a two out of five.

We did the implementation of Check Point IPS in-house.

There is a license needed to use the Check Point IPS which is not expensive. However, the Check Point IPS device is expensive.

We are replacing the IPS from Check Point with a different solution, which is related to the IPS functionality. The reason for the replacement is because Check Point IPS are at their end of life and are not creating or not using the security policy for the traffic, it mostly acts as an IPS.

We are planning on using Trend Micro. It will be better because there will be a dedicated device that is doing only the IPS. The performance will be better and it has a larger number of patterns updated weekly.

I have a very long and extensive experience with the Check Point ISP. It is a good solution, but sometimes it's causing issues, but it's a general problem for all the networks and security devices.

I rate Check Point IPS a nine out of ten.

The company needed to improve its compliance with traffic risk management before all the company employees went full WFH. 

This has turned into a more efficient operational control of internal traffic, where numerous threats had been identified while working in the office as most malware is somehow admitted by someone with access to the company network, either unintentionally or not. This actually drove revenue growth as fewer resources had to be spent from the IT department to fight cyber threats.

We've seen how this firewall has operated on real-time threats to both cloud and physical servers by detecting, neutralizing, eliminating, and then patching against malware. 

We can test these patches post-deployment in less than one day. We'll then generate reports that include the activity for the time we desire and gauge the performance of the software. 

From all this data, the IT department can determine future precautions, what kind of traffic will be blocked, and what users will be restricted.

We've been able to monitor all the devices in the network after activating and configuring the software blades. This shows us who's connected and who's not and how many disconnections there have been. 

The firewall picks up malware traces that may have affected other users and networks and notifies when a particular site has been the source of infection. 

There's less admin burden to detect these threats as Check Point IPS will do it all for you and suggest the best preventive actions to protect the network.

When exceptions need to be done for certain profiles, it is easy to get them done, however, implementation on some general ones may cause some extra work as the IPS is not easy to overwrite. 

There are updates that have been scheduled that have been delayed more than expected, which impacts the performance of the firewall when the traffic is high. This can cause false positives and release alerts for harmless traffic, which results in a deviation of the attention from the security administrator when it's not relevant.

We've used Check Point's complete protection package for our network for more than two years.

We primarily use Check Point to provide visibility into our network. It lets us see the east-west traffic, and it gives us a lot of information to work on as far as what kind of traffic was passing through.

Overall, it give me a lot of insight into my network that I didn't have before.

It lets us know about anomalous behavior and it provides alerts regarding activity on certain ports. It lets me decide, for example, whether something is a valid connection, or causes me to question why a certain port is open.

The pain point that I have with this solution is contacting technical support.

I have been working with Check Point IPS for more than a year.

Stability-wise, this product is great.

The scalability comes from the fact that this is an on-premises device that ties into a cloud service. It's a hybrid application. Once you have it installed, it's collecting information. You put it right there in front of your input into the network, and it picks up all of the traffic.

Sometimes, technical support takes a long time to get back to you.

I used Check Point Endpoint Security, as well as the Network Detect and Response (NDR) appliance.

I am currently using Darktrace and Vectra in addition to Check Point. I've been using all three and I find that Check Point is the one where I get the most information from. I will stop using Vectra this year but I will retain Darktrace, as long as they keep it at a certain price.

Darktrace takes a lot more configuration; unlike Check Point, there are a lot more changes that need to be made. When it's fully integrated, it requires a lot of time and it may end up being as useful as the Check Point.

The reason I keep all three is because they all give me a different kind of view. They all give me different information. If they gave the same information, it'd be useless to keep them.

With respect to similar security products, I have demoed CrowdStrike, worked with Symantec, and am also using Check Point.

Check Point was fairly usable out of the box.

I am using an on-premises appliance that ties into a cloud service.

Pricing for this solution is negotiable and I'm happy with our pricing.

I suggest negotiating either at the end of their fiscal year or at the end of every quarter. At the end of the quarter, they have an incentive to lower the prices to sell as many units as possible in order to meet their end-of-quarter quota.

If I could only keep one of my security solutions, it would be Check Point. To me, it provides the most valuable information.

I would rate this solution a nine out of ten.

We deployed the Check Point 6300 series firewall for protection of our internal and external servers, and various in-out traffic as well. 

We have Windows-based servers, Linux-based servers, and other appliances which are connected through a Check Point firewall. These devices have many vulnerabilities. To secure our infrastructure we activated the IPS Blade on the Check Point firewall.

The IPS has helped us to block many known and zero-day attacks on our network. IPS is one of the best solutions from Check Point firewall

Check Point IPS has helped us to prevent attacks on our servers and user traffic as well. We have many Windows-based servers has many vulnerabilities. After Check Point IPS is implemented, we blocked those signature-based attacks on our network. Many times I found logs, and IPS has blocked many windows-based signature attacks.

We scheduled IPS updates as per our IT policy and new signature updates are set to monitor mode until a particular period to avoid conflicts after checking the behavior we set back to prevent mode.

The switch IPS prevent and monitor mode is a good feature that helps us to avoid any unnecessary impacts on our network.

It is simple to activate, configure, implement and assign profiles and rules to security gateways.

The Check Point IPS database is huge. Signature updates are satisfied. Every two hours, the database receives an automatic update that keeps it current and protects against zero-day vulnerabilities.

IPS logs enable complete visibility and reporting through the smart console. This was a big help to us.

I am pleased with it as it seems to be in order. I don't have much to say, however, there were a few things I noticed about the behavior of the Check Point IPS.

First, sometimes I have issues with scheduled IPS updates.

The impact on performance when opening the IPS blade is challenging while the firewall is operating under severe demand is the second, which is pretty common. I only note it here. 

There is no standalone IPS appliance available. Only the IPS blade needs to be enabled on the security gateway that Check Point provides.

I've used the solution for more than two years.

We use this solution to secure the organization against any attack coming into the network via the internet, a third party, or any other connected network. It is used to detect and prevent identified threats at the perimeter level so attacks do not penetrate the network.

With so many access points present on a typical business network, it is essential that we have a way to monitor for signs of potential violations, incidents, and imminent threats.

We also use it to provide flexibility for the SOC admin to identify any suspicious activity and either detect and allow (IDS) or prevent (IPS) the threat. It logs and reports any such incident to the centralized logger so the required action can be taken by the SOC team.

This IPS device is protecting the organization's assets from any know vulnerability or threats that are coming from the network and vice versa.

It protects against specific known exploits but also, with SandBlast integration, it is able to protect against unknown or zero-day attacks at the perimeter level. An example of this is C&C communication, which is getting trigger by compromised systems.

It's able to detect and prevent any tunneling attempt that is happening via compromised systems, thereby avoiding data leakage.

It provides the capability to enable security policy based on templates, which can be enabled by the organization, depending upon their need. For example, enabling the highest security with the lowest performance impact is a matter of selecting templates accordingly.

IPS can be enabled on the same security gateway and does not require any additional hardware purchase or additional network connectivity.

It provides complete visibility and reporting on a single dashboard for the entire NG firewall, including the IPS blade on the Smart Console.

Signatures are constantly updated and it also provides virtual patching protection up to a certain extent. 

It provides a detect-only mode for IPS Security policy that the admin can enable on a required segment for monitoring, giving an opportunity to observe prior to blocking.

There is a performance impact on the NGFW post-enabling the IPS blade/Module, which can even lead to downtime if IPS starts to monitor or block high-volume traffic. 

There is no separate, dedicated appliance for IPS.

In the case of the IPS blade enabled on the NG firewall, it does not provide flexibility to monitor specific segments as easily as the IPS policies that are applied on the security gateway. There is lots of configuration and exclusion policy that need to be configured to bypass traffic from IPS Policy. 

IPS gets bypass in case performance goes above certain limit. This is the default setting that is provided.

I have been using Check Point IPS for more than six years.

This is a stable product.

Most of the organization is deployed on the NGFW and it has scaled accordingly, with most devices in HA mode.

Technical support is excellent.

We did not use another solution prior to this one.

This is a blade/module that needs to be enabled, selected, and applied across the security gateway.

Our in-house team was responsible for deployment.

Enabling IPS does not require any additional license purchase from OEM, as it comes by default with the NGFW bundle. This blade/module can be enabled based on the requirement and can be pushed to the security gateway.

We did not evaluate other options.

The opportunity to use this tool was provided due to its ease of implementation within our NGFW security environment. The solution has been very good and the tool has a low rate of false positives, which makes it safer and more accurate.                                                                                                                                                                                                                                                                                               

This IPS tool is integrated with our gateways and is managed from our management environment. It has been very useful. It has given us protection to find any vulnerability, detect it, and improve it. It also validates threats reliably through its monitoring panel. The reports and logs help us to deal with decision-making to improve security conditions.

The option of security patches has been better protected to manage the servers' updates in a reliable way.

Its monitoring and reports generate extra help to be able to fight against
vulnerabilities.

We have really liked practically all the product's features - from the easy implementation through Check Point's gateway to its reduction in licensing costs. That especially really positively impacts the company's finances.

The low number of false positives for vulnerabilities builds additional confidence in the brand.

The constant updating of vulnerability signatures gives the tool protection against new and old threats.

One area that could benefit from improvement at the vendor level is the responsiveness of the support team. In our experience, resolution times tend to be slower than expected, even when the issue involves newly released tools or features.

Additionally, implementation processes can occasionally be complex, requiring more guidance than what’s currently available.

It would be highly valuable to see updates to Check Point’s public documentation. Enhanced and more detailed resources would help teams adopt best practices more efficiently and drive continuous improvement across deployments.

This is a great security application. We've used it in our Check Point gateways and management environment for more than three years. We've enjoyed excellent performance.

yes

yes

great.

Positive

Previously we did not have a tool that would solve our security problems.

excellent

yes, excellent deploy.

It is essential to validate the costs before implementation and also to test before setting up the environment in production.

We value some tools. However, nevertheless, Check Point met the conditions to implement it correctly and comply with what was necessary.

its a excellent solution by my company

The integration is a valuable feature.

The solution’s deployment could be easier.

I have been using Check Point IPS for three years.

There was no issue with the solution’s stability.

The solution is scalable.

We ask about issues with the technical support.

Positive

The initial setup is not easy. You have to configure the same type of menu for each channel and send it to the portal. You can verify the name from your website.

Check Point IPS is a brand and solution for protection.

Overall, I rate the solution a nine out of ten.