Check Point NGFW Reviews

My main use case for Check Point NGFW is that my organization is using it as a firewall and using it in emails also.

I can walk you through a situation where Check Point NGFW made a difference for my organization by helping in getting or stopping the emails which are unwanted and can be harmful for my organization.

The best features Check Point NGFW offers in my experience are the real-time prevention and the virtualization and reporting capabilities.

These features impact my day-to-day operations by helping in improving the security postures in day-to-day activities.

Monitoring graphs for Check Point NGFW can be made better, and that is something I wish worked better.

I have been using Check Point NGFW for around half a year.

Check Point NGFW is great in terms of functionality. We use it to control the infra outbound/inbound traffic and with it and we can block suspicious IPs directly on our SAM database instead of creating or adding in firewall rules. This not only saves time but also provides immediate protection from malicious traffic without deploying the changes in firewall gateways. 

We used to check who is doing what changes and when. We can now check logs to find why any traffic is blocked, and, if blocked, it gives good details of each error. We can easily organize all firewalls through one smart console.

Its GUI platform is very good. It helps us to divide up the rule base which made it easier to recognize the rules. Its SAM database gives us the amazing ability to block suspicious activity without waiting for the next change window to push the changes. In packet flows, it first checks the SAM database beforehand in order to process the packet further.

The logs give us plenty of detail as to why any packet was blocked or allowed. It really proves the purpose of getting a stateful firewall, showing the context of every packet.

The SAM database, URL/application filtering and IPS, Data Loss prevention, VPN and mobile device connectivity, stateful packet inspection, and unified management console are all useful features. 

It allows us to avoid having to go and log in to each firewall device for creating the rules as it can be done from its central console. We can manage all the firewalls and create rules and deploy them through the smart console which is really good. It helps us avoid creating the same object in each firewall. 

Its auditing features are also good for checking who did what changes and when.

The URL objects take significant time in processing compared to other products like Cisco FTD; it would be better if they could improve it. 

We have seen that whenever we configured URL objects, the CPU percentage went higher. Therefore, we started using IKP-based objects, however, in today's cloud world where every application is in the cloud and they change IPs on a random basis, whenever each new IP change happens, it's too risky to allow the whole cloud subnet (like Google or Azure). They need to therefore fix URL processing times. 

I've used the solution for four years.

What can you do about threats that get past simple packet inspection by a regular firewall? You could have a layer 3 firewall inspect the protocol and block known threats from certain URLs, however, what if it comes from a URL that has not been reported and is a socially engineered exploit designed to hijack your data? This is where a Layer 7 firewall will be able to inspect the application, known as payload inspection.

While this is possible to do with a Layer 3 firewall, it can be difficult due to the number of protocol messages in Layer 7. You would need to create a signature for each application you wanted to protect; however, network signatures tend to block legitimate data and increase your MTTR (mean time to resolve an issue).

Plus, having these signatures makes it hard to manage and keep up with by the IT staff. Relying on the power of AI and the cloud in order to leverage the Layer 7 firewall is key. The advantage of Layer 7 is its protocol awareness, which allows it to differentiate between different network traffic (application knowledge) and not just packets or flows that identify ports and IPs (Layer 3).

Let's say most of the traffic nowadays goes through HTTP, your web browser.

When you browse the web, what do you suspect happens? Your browser sends HTTP requests to servers around the world, and in return, you receive a response. Big data packets originate from business applications as well, such as file transfer protocols (FTP) or web services such as MapReduce or Twitters API. Oftentimes, a breach happens through these protocols, whereby a Layer 3 firewall could potentially let the threat in (such as SQL injection by default) without explicitly denying these requests.

The solution's best features include:

• A packet-filtering firewall that examines packets in isolation and does not know the packet's context.
• A stateful inspection firewall that examines network traffic to determine whether one packet is related to another packet.
• A proxy firewall (aka application-level gateway) that inspects packets at the application layer of the Open Systems Interconnection (OSI) reference model.
• A Next-Generation Firewall (NGFW) that uses a multilayered approach to integrate enterprise firewall capabilities with an intrusion prevention system (IPS) and application control.

One of the main features that need improvement is the rule filter export. All of the other vendors can export the filtered IPS as a PDF or CSV file, however, with the smart dashboard, it’s just not possible. One can only export the whole rule base and then search for the IPS, which is super time-consuming as you can’t send the whole rule base to a customer. You would get weird questions about certain rules such as why they are deployed or configured as they are, and maybe even get unwanted tips on how to change them.

I've used the solution for four years.

We did not previously use a different solution.

The costs involved depend on your needs and budget.

We did not evaluate other options.

Check Point Security Gateway GAIA R80.30 is used as our secure gateway firewall. We have configured two gateways as active-passive in cluster mode. 

We also use R80.30 as our security management server to configure the policies on the firewall. We use it primarily to control traffic and secure our network perimeter against unknown attacks. The rules and policies for the SSL VPN connections are configured on the mobile access blade. We use the policies to segregate and filter the traffic flow.

This is for a bank environment.

A traditional firewall provides a stable inspection of network traffic. It allows or blocks traffic based on state, port, and protocol, and filters traffic based on administrator-defined rules.

A next-generation firewall (NGFW) does this, and so much more. In addition to access control, NGFWs can block modern threats such as advanced malware and application-layer attacks. According to Gartner's definition, a next-generation firewall must include:

• Standard firewall capabilities like stateful inspection
• Integrated intrusion prevention
• Application awareness and control to see and block risky apps
• Threat intelligence sources
• Techniques to address evolving security threats

Check Point Endpoint anti-malware benefits include:

• Improves user productivity and frees up system resources
• The industry’s fastest malware and anti-virus scan and boot time
• The smallest memory and disk footprints
• A single-console centralized management
• Prevention of malware from accessing endpoints with a single scan
• Malware identified using signatures, behavior blockers, heuristic analysis
  
• Protection automatically updated with optional Program Advisor Service
• A knowledge base of more than one million trusted or suspicious programs
• Integrated into Check Point Software Blade Architecture
• Flexible licensing options—annual or perpetual
• Centrally managed and deployed
• Activate anti-malware and application control on any Check Point security gateway

Almost all organizations are using cloud computing, and the vast majority are using a hybrid cloud deployment. Private and public cloud deployments have different security requirements, and it is necessary for an organization to be able to enforce consistent security policies across cloud-based environments hosted by multiple vendors. 

The firewall should be easily deployable and scalable in any major cloud environment and enable an organization’s security team to manage all of its security settings from a single console.

I've used the solution for five years.

Check Point is a very stable solution.

It is good in terms of scalability.

From the start, we have been using Check Point.

We would adivse users to install Check Point NGFW. The setup cost is simple and it is not too much. The license fits most budgets.

We also evaluated Cisco and Fortinet.

I use the NGFW as a Firewalling device, for VPN tunneling, and for virtual patching. My environment is a two-tier network environment. I also use the Check Point NGFW as an IPS.

It really has improved my organization in terms of protecting my network against intrusion and zero days. I have been able to explicitly configure the blocking of certain attack vectors using Check Point NGFW.

The firewalling feature and the VPN functionality are excellent. With the firewalling functionality, I have been able to ward off intrusion from outside the network. With the VPN functionality, I have been able to allow secure remote connections from external customers and staff. 

CheckPoint would do good to add new features such as UEBA(User and Entity Behavior Analytics). 

They should also improve on the effectiveness of their antivirus. It should be more effective than competitors.                                                                                                                                                                                                                                                                                                                                                                                                                                                       

I have been using Check Point NGFW for five years.

The product is very stable with no crashing or configuration corruption.

The solution is highly scalable and responsive.

The vendor is very professional and has the know-how.

Positive

I used to use the Cisco ASA 5500 series firewalling device.

The initial setup was straightforward.

The product was implemented through a third-party vendor.

We saw an ROI within one year.

It is very competitive relative to others on the market.

I was shown the POC and I fell in love with the fact that the Check Point NGFW has a GUI that allows for easy configuration. It also does firewalls very well. Therefore, I did not look at other options.

It is an awesome product!

We use Check Point firewalls as perimeter firewalls which are restricting the organization's incoming and outgoing traffic and taking advantage of the redundancy capacity of internet providers, which provides fault tolerance when an internet provider has a fault. 

In addition, we use it for the publication of services and with an event viewer that allows us to view alerts about behavior and unusual traffic inside and outside the network. URL filtering and application control are perfect complements to the packet filtering that it offers as a firewall solution.

Check Point offers a reliable firewall solution with VPN options that have allowed us to establish secure and stable connections with other companies and users in a very simple way.

Simple and centralized administration has allowed us to manage all the firewall nodes from a single console, facilitating the deployment of firewalls through the network, since a large part of the configurations and access rules, as well as the protection controls, are managed from a single console and via centralized maintenance.

Check Point is a robust and reliable security solution, whose architecture and design allow centralized administration with a graphical interface that facilitates its management. 

The way in which it manages the nodes within a cluster architecture is excellent, offering fault tolerance which is, in my experience, practically imperceptible when one of the nodes fails. This is thanks to the fact that it maintains a table of shared connections between the nodes and the large number of variables that it takes into consideration to validate the health of the nodes.

As a firewall, Check Point is a great solution and in my experience, there is little that I could indicate how to improve.

That said, a point where it could improve is in the redundancy of the ISP. It should allow more than two internet providers in its configuration of "ISP Redundancy". This redundancy could be managed from variables such as the automatic calculation of the load level between internet lines or load distribution between internet lines in periods of pre-established hours, etc. All could be handled from the same graphical interface.

I have been using Check Point for more than 11 years.

Its stability is one of the selling points. It allows us to have great confidence in Check Point solutions.

The performance is excellent in the new appliances. The solution is very scalable and easy to integrate.

They have a good response time and their personnel have a good technical mastery.

I was using ASA, however, we switched to Check Point as it offered a centralized interface for managing all nodes in addition to having an excellent graphical interface that facilitates day-to-day operational activities.

The initial configuration is very simple and intuitive. Check Point offers a graphical configuration interface that makes the process simple and it is complete in just a few steps.

The provider we have used has highly qualified staff and offers excellent and professional services.

It has an acceptable cost considering the stability and the benefits that Check Point solutions offer.

We did not really look at other options. We are very confident with Check Point solutions and we take the stability it offers very seriously.

You must consider Check Point as your first NGFW option. 

In my company, we use the Check Point NG Firewall solution to secure the perimeter and user network. We use IPS/IDS, deep packet inspection, and VPN. We have implemented routing rules based on the destination of the traffic, and the performance of the global solution is satisfactory.

We use the solution, too, as the firewall in a core node, which is very important to the business. It secures the network equipment and service integrity.

We are delighted with the powerful management console and diagnostic tools.

The Check Point Next Generation Firewall has improved the performance of our network, bringing the IT administrator a lot of information and data to make decisions about security, vulnerability, strengths, and weaknesses in our deployed projects.

It provides a lot of information to help better understand our users. Now we feel more confident with our network and know what happens on it, as well as what kind of traffic we have.

In addition, we have many reports that include data to help with decision-making and information about how the solution reduces cost and risk.

The most valuable feature in my opinion is the powerful deep packet inspection engine. This engine provides me with a great capacity to control the traffic generated by my users and provides our company with a very real vision of the use that users make of the network.

The reporting capability is very important as we are able to show the company management the benefits and the return on investment, in terms of securing our network.

The number of physical network ports on the device should be increased to allow for greater capacity.

Another point of improvement would be to continue improving the integration line with our current NAC solution in order to exchange more attributes and increase the granularity of the implemented policies.

We have been using the Check Point NGFW for three years.

Compared to other similar solutions on the market, this product is quite complete.

In my opinion, this solution is already quite complete with respect to our requirements.

We use Check Point's firewall to provide network security to our organization as well as to other, third-party vendors.

The Check Point firewall is providing advanced-level security. Compared to before, our company is more secure now. It is not only securing the users working within the LAN environment, but also to the end-users or remote users in the company.

The most valuable features are its 

• antivirus
• threat detection
• central management system. 

The central management makes it easier, and is a time-saver, when implementing changes. We can do all the changes within Check Point and not use any third-party device.

The antivirus Check Point offers could be better when compared to competitors' firewalls. Updates should be more frequent. With other firewalls, updates are very frequent, but with Check Point updates are not so frequent. That needs to be improved.

Also, the certification as well as learning about this Check Point is much costlier when compared to the other firewalls. I have recently done certifications in various firewalls and Check Point's certification was more costly.

I have been using Check Point's NGFW for the last six years.

The Check Point firewall is very stable. It is one of the oldest firewalls in the market. It has all the advanced features, according to the security features we have. It's quite a stable firewall.

It is very good and scalable. We have recently expanded the usage of Check Point and it was not a very tough process to scale this firewall.

Right now it's protecting around 3,000-plus employees.

It has been a very good experience every time we call Check Point. We usually get them on a phone call and they are very informative people. They always provide us the solution.

We had another solution. We switched because Check Point gave us more advanced features and there was market demand for network security.

The initial setup was a little complex. The training from Check Point should be increased. It was a little complex, but with the help of their TAC and the help of other engineers, we installed it.

The deployment has taken about eight months. We have deployed it in a three-way architecture. We have installed a security gateway, an SMS (security management system) and we have installed the console.

We have a team of four people, all network engineers, for deployment and maintenance of the solution. We take care of all the firewalls for the organization, including Check Point's.

We had help from a Check Point integrator. It was a good experience. They were very helpful.

We are happy with our investment in Check Point's firewall. Per our standards, and for our environment, it is a very good firewall. It is protecting us well.

Pricing is a little high compared to competitive firewalls, but it is easy to go through the licensing steps.

We evaluated other options, including Cisco ASA. The difference was that Check Point provides advanced features, such as threat prevention and antivirus. Apart from those, it also provides us with IPS. Also, for Cisco ASA, we had to take extra services to install it, so we went for Check Point.

Make sure you get good training on Check Point's firewall, and it would be good if you have working experience on the device.

Using Check Point, I have learned that we need to serve our remote users as well, and Check Point is a firewall which is capable of doing that.