Check Point IPS Reviews

We use this product to control incoming and outgoing traffic to the company and to control the internal traffic between the various company subnets. 

We have many departments and have segregated the traffic via subnets controlled by the Check Point firewall. 

We also have some services exposed on the internet for which it is necessary to have control over intrusions. 

Our reality is made up of a series of Check Point firewalls in which we have activated the intrusion prevention system functionality.

With the introduction of this Check Point solution our company has significantly increased the level of perimeter security, once this was done we proceeded to configure the service also for internal networks where there was a need to control traffic.

With the introduction of Check Point, our company has significantly increased the level of perimeter security, once this was done we proceeded to configure the service for internal networks where there was a need to control traffic.

We are quite satisfied with the product.

The possibility of customizing the rules is great. Sometimes it appears a bit rigid yet it is still easy to use. There is an easy application of policies once the basic configuration has been done with the possibility of copying profiles to make them better meet all the needs of the companies. 

There's also the possibility to set alerts only in order to check whether a signature can cause problems or not before blocking traffic and causing damage to users. 

Overall, it seems like a good product even if sometimes a little unintuitive. That said, it is no worse than others.

The product could be improved in its configuration interface. I have seen that there are more points where exceptions can be made but it is not always intuitive to find the right point where to make them. 

Sometimes we had false positives where packages that were legitimate for us were blocked and we had to unblock them through exceptions. 

I don't see any other big problems and I hope not to find others in the future

I've used the solution for five years.

We did not previously use another solution.

We did not evaluate other options. 

The solution protects against the latest attacks. It is essential because collaborative tools and networks are necessary. The attacks are increasing, and we need protection in real time.

The support could be improved. We need quality information on the new products and solutions. We are implementing new solutions for Check Point, but these solutions are not thoroughly tested, which might lead to problems. If we had a lot of information and knowledge about the solution, it would be easier for us to implement it.

The solution’s scalability is fine. When I escalate an issue, I appreciate their efforts and their support.

The technical support is good. The engineers responsible for this area are expert people. The documentation in the knowledge base allows us to resolve issues. The blocks or columns help me understand what kind of issues they have.

Positive

We have worked only with Check Point. We were a partner of Check Point in my last company. We provided solutions to customers and encountered different challenges because of other solutions. Fortinet was much cheaper than Check Point. The competition is based on price, whereas Check Point is superior in quality and security.

The initial setup is easy and intuitive.

The solution has a high cost, but the relation between price and quality is okay.

Overall, I rate the solution a nine out of ten.

I would like the product to provide us with intelligence to understand what we really have in our environment. 

The solution helps us to detect attacks and prevent them. 

The solution does not scale well. 

We have had problems with the management. 

Neutral

The product's initial setup is easy. 

I would rate the product an eight out of ten. 

Check Point IPS is an IT security solution that offers insight into potential attacks and helps to prevent them from occurring. This solution gathers various signatures and receives new updates when a new vulnerability is identified, thus safeguarding us from potential threats.

The solution has helped improve our security by blocking threats.

The solution is user-friendly and the interface is easy to configure.

The price has room for improvement. The solution's firewalls are quite expensive.

I have been using the solution for five years.

The solution is stable.

The scaling of our system depends on the type of hardware we are using. If we are using a virtual environment, it is easier to scale as we can just add more virtual machines. However, if we are using a hardware appliance, we will need to purchase additional hardware to scale it.

Previously we used an IBM solution but it was expensive and hard to configure compared to Check Point IPS which was a common sense model, and easy to implement with our firewall.

The initial setup is straightforward. I give the ease of setup an eight out of ten.

We first deployed the license and configured the rules in test mode. After making sure there were no false positives, we switched the rules to prevent mode to block any incoming attacks. The last part of the process was to configure a certificate for HTTPS inspection.

The deployment took one month to complete.

The implementation was completed with the help of consultants. Two people were required to complete the work.

Calculating a return on investment for cybersecurity products can be difficult. However, we have not experienced any concerning cyber incidents in the past five years; this is likely due to our strong firewall and comprehensive production system. All in all, this is a positive outcome.

We pay for a bundle subscription that includes additional solutions.

I give the price of the solution a five out of ten.

I give the solution a nine out of ten.

For maintenance, we need to review the log, identify any new signatures, and configure them accordingly.

The solution is used to protect 250 users.

We could potentially cause disruptions to our infrastructure if we do not use a good consultant to guide us through the implementation process.

I use Check Point IPS to prevent attacks, such as malware, spyware, and any other malicious activity.

What I like best about Check Point IPS is that it can prevent attacks. I also like that it has a log feature.

The hardware-based version of Check Point IPS could be more scalable. Right now, it's not scalable.

I've been working with Check Point IPS for two to three years.

Stability-wise, Check Point IPS is eight out of ten.

Check Point IPS is a scalable solution if it's cloud-based, but if it's hardware-based, it isn't scalable. Scalability-wise, it's a six out of ten.

The Check Point IPS technical support is excellent portal-wise and callback-wise, so it's a nine out of ten.

Positive

Setting up Check Point IPS is straightforward.

Before I deploy Check Point IPS, I'll put it on IDS mode, and then I'll see the current user activity, any malicious activity, and the logs. I then switch to the IPS mode.

You can pay for Check Point IPS yearly, or you can go with a three-year license. There's no extra cost apart from the standard licensing fee.

My company has two hundred users of Check Point IPS.

I recommend Check Point IPS to others because it's scalable, reliable, and easily managed by all users.

My rating for Check Point IPS is eight out of ten.

My primary use case for Check Point IPS is very simple: I first identify some signature behaviors and secure levels and then I apply some signatures. I usually do not deploy IPS from CheckPoint. Overall, I manage signatures.

The Check Point IPS feature I find the most valuable is the firewall. It is great and easy to work with. 

I'm not sure what I really like in IPS because it's automated. You read the permit and you try to apply the signature and read the behavior of the solution and find how to fix it. So I don't think Check Point IPS is a great solution. 

I don't I like working with it very much because there's other stuff you can do to have more information. However, Check Point IPS does prevent important attacks easily.

What I would like to improve in IPS would be the capacity of the hardware. I would also like to be able to sort signatures by severity. This would greatly impact how well I can manage my environment. 

In the next release, I would like to see automatic signature deployment. 

I have been using Check Point IPS for nearly a year now. 

On a scale of one to ten, with one being the worst and ten being the best, I would rate Check Point IPS an eight. 

The product protects our environment from specific threats; we 'approve' signatures manually (or automatically) based on the applications/appliances in use in our company. We are a logistics company hosting several websites/order management. The company is about 1000 FTE across several locations (in the Netherlands & Belgium). We have been using this for the last 10 years at least (since I have worked at the company). It's easy to use. The reporting is good. Usually, when threats emerge on the internet, there are signatures for this within a few hours.  

We manually approve the signatures daily, for the software/appliances that we use. Based on the experience of the administrator, we prevent threats if they are present in our network; and we sometimes use the signatures in detect mode to gather intelligence (for instance to detect TLS1.0/TLS1.1 usage through the firewall). 

This has helped us to identify several key webservers that would be vulnerable to 'downgrade attacks'. We could easily identify the vulnerable servers and remediate the issue based on the information we got from the reports we can generate. 

The quick updates of the signatures when a new threat is identified are great. For instance, when Microsoft releases patches, we usually see new signatures for those issues that have to be patched in a day. This gives us time to test/deploy the patches while already being protected from the threats. 

Also, it's very good with reporting. I can generate reports for management automatically based on the threats of the last day/week/whatever is needed. 

It also clearly states the performance impact of a signature and the 'confidence' of a signature so you can quickly evaluate if you need to start panicking or not.

Sometimes protections are 'aggregated' into a single threat name when you look at the logs. I would prefer to see all protections named individually (for example, right now, 'web enforcement' is a category that contains several signatures). 

I also wish there was an option to run reports of the individual signature 'usage'; it's not easy to generate views based on the number of 'hits' a signature has generated. (it is possible, however, there could be an easier option). For example, if you have a signature activated, for instance, a MS issue then patch your environment, it's 'hard' to identify if the individual signature has been 'hit'.

I personally have used the solution since December 2012 - almost 10 years.

It's very stable. I haven't seen issues with signatures, downloading, or implementing the signatures, or the 'hits' that it generates. 

The product is very scalable; if you size your requirements properly when buying and don't 'prevent all signatures' and customize it for your environment. 

Customer support is fine. We have a vendor we use, and, if needed, can fall back on Check Point (I had a few very good remote sessions when we had issues with our firewall; no issues were seen with IDS/IPS). 

Positive

The company I work for has used it since I've worked there; no switching was needed. We are happy with the solution. 

When implementing the solution, you must activate the blade on your firewall and decide if you want to do it manually or automatically and then (when doing it manually) approve/detect/ignore the relevant signatures. It is pretty straightforward. 

We had a vendor team install the firewall and handle the basic configuration, then we went on training. In terms of implementation, I can do it myself now. The vendor team was very good and had a high level of expertise. 

I'm a network admin; not involved in the money.

I'd advise users to bundle the things they want; so they get a cheaper offer. 

We've had the same solution since I've worked there.

I am happy with the solution and have been using it since i started working for the company (10 years now). I dont want to be without it.

The Check Point Intrusion Prevention System can block traffic from any source workstation inside our local network and facilitates the analysis of outbound traffic to check if there is any risk in the internal network in order to protect our clients and servers. With this product, we're creating a secure zone. We currently are using this blade in our hybrid environment and it's integrated with our secure gateway. Most of the time, our NOC team continuously monitors traffic in order to find any suspicious activity.

Now that the Check Point Intrusion Prevention System has improved our environment, we feel that we are more protected in our network. By implementing the recommendations that Check Point has given us, we have an optimal security environment now that provides almost real-time detection and prevention. We are protected by the Intrusion Prevention System and can go back and select any period or severity in order to display the latest statistics.

Check Point Intrusion Prevention System has great profiles, and we can continuously create, modify, activate, deactivate or configure any specific setting to allow the profile to focus on just one thing or for certain attacks. I also like that profiles can be applied to groups of workstations that need to be more protected from possible attacks. Each profile that we create has activated protections and some instructions of what the IPS should do with the traffic.

At the moment, I do not see what else can be added to this service. In my experience, I've seen that it has what we need without something additional being required. 

It is easy to use, easy to configure, and practically updates itself without the need to intervene as an administrator of the appliance. We are happy with this platform since it allows us to have security and control over the connections almost in real-time. There are many different services that Check Point Intrusion Prevention System has that are quite useful.

I've been using the solution for about four years.

I've found the stability to be good.

The scalability is great.

Technical support has been great,

Positive

I did not previously use a different solution.

The initial setup was not complex. 

We handled the implementation process in-house.

I've witnessed a 40% ROI.

The cost is a bit high but it is worth it.

I did evaluate other options before choosing Check Point.

So far, I have no regrets about choosing this solution.