Check Point Quantum Force (NGFW) Reviews

I do not use them, I just sell them, but customers are using them to protect on the edge and at the core.

It brings value to their clients as everybody is concerned with security. Firewalls are the first line of defense. Check Point's support is probably the best of the major players in that space. Check Point is more complex than the other players, but it is also more powerful.

A lot of the other players have a more robust best-of-suite offering versus the best-of-breed offering. Check Point's capabilities are limited from a firewall perspective. Other players are acquiring companies and offering add-ons like CASB or VPN-type capabilities.

I have had experience with Check Point Next Generation Firewall for seven or eight years.

Their code is a little bit finicky as of late, but that's just because they just released this product line.

It depends on what you're deploying. Maestro is more scalable than standalone firewalls.

The support depends on what support model you buy. Customers that have dedicated support teams get more attention than the traditional support, however, a lot of other companies are offshoring their support.

Cisco is not a true security company, but Check Point is where they grew up, so I think they are a little more mature.

The initial setup depends on the environment and can take weeks. It is not different than the rest of the players in terms of maintenance.

It's basic engineers, usually one to two people.

It is pretty difficult to determine ROI with firewalls because they are more of an insurance policy. However, it helps with security. The cost of a breach versus having some of these measures in place is the real comparison.

There is a lot of price parity between all the players. Everybody is within plus or minus ten percent. Check Point is probably more expensive than some of the other players out there, but it is incremental.

I evaluated Palo Alto and Fortinet.

I would recommend Check Point Next Generation Firewall to others. I would put them in the upper echelon.

I'd rate the solution nine out of ten.

We use Check Point NGFW as our data center and branch location firewalls.

The solution is robust and can handle heavy workloads and user traffic well. The product is good. 

The tool's support is lacking. We find almost all its features useful, except for some challenges with VPN.

I have been working with the product for ten years. 

I rate the product's stability an eight out of ten. 

I rate the tool's scalability an eight out of ten. My company has 5000 users. 

The initial setup can be complex, especially for BGP configurations. I'd rate it a five out of ten for ease of setup. It's neither too hard nor too easy - it depends on your requirements. We deployed it on-premises. The initial deployment of our enterprise-grade device took about three months. We need about two people for maintenance, mainly for operational changes when needed.

We mostly did the deployment ourselves, with some professional services support from Check Point. Three to four people were involved in the deployment, including one from Check Point to validate our work.

The Harmony bundle is interesting, with many new features, but we're not evaluating it much as we're moving to FortiGate. We're not planning to increase the usage of Check Point NGFW. We're looking into SD-WAN and moving towards FortiGate.

I rate the overall solution an eight out of ten. 

We primarily use Check Point NGFW for network segmentation and traffic control. It effectively segments our network into zones, allowing us to manage and secure traffic flows between different segments.

The platform's technical support services need enhancement. 

The product is highly scalable and crucial for our large-scale deployment needs. Its scalability is a ten out of ten.

The technical support is generally responsive, although there have been occasional delays in accessing specialized assistance tailored to our needs.

Positive

The deployment was handled by dedicated experts within our organization, ensuring a smooth setup. While I didn't oversee the technical aspects directly, our team found the process straightforward, minimizing operational disruptions.

The product is on the higher end of the cost spectrum, but the investment is justified by its high-quality performance and reliability, which are paramount for our security infrastructure.

Check Point NGFW has consistently provided stable operation which is critical for our organization's security needs.

Managing firewall rules and policies is intuitive and efficient. The interface allows us to quickly adapt to new security requirements and maintain compliance with organizational policies.

I highly recommend it for organizations seeking robust network security.

Overall, I rate it an eight. 

Primarily, it's used for customers who want to add their network security.

The IPS protection is the most useful feature that I found from Check Point. It has a feature called WatchTower, which helps you manage the device using a mobile. That's the most used feature. 

Other than that, it's quite simple. All the other features are what you find in all other firewalls. So the best feature that I find from Check Point is WatchTower.

The setup is a little complex compared to its competitors. That's what makes it stand out. Other than that, it could always be done by another product, but they have a lot of IoT products. This is definitely something like a Check Point Quantum device.

I have been using it for two years. The version I use is R8x series. I'm not exactly sure, but it's the latest version.

It is a stable product. 

It is a very scalable solution. 

The customer service and support have been good.

Positive

I used Sophos XG. We (my company) still use Sophos, Check Point, and FortiGate. We use all three firewalls in our environment.

Check Point has a really good feature where they give us a subscription for IoT device protection, which other vendors don't have. Sophos, I don't think they have it. 

Fortinet charges for it separately, so that's an additional cost, but with Check Point, the feature is built in. It's not an additional license.

Moreover, Check Point has started promoting a lot. It's well known here in our region.

The initial setup is complex. It's pretty easy to maintain.

We deployed it for customers. So maybe if we do a big deployment, it could be difficult.

The pricing is reasonable compared to the features that you get.

I highly recommend it to users who have a lot of IoT devices.

It all comes down to one simple thing:

"If you have IoT devices, I highly recommend Check Point NGFW. If you don't, it's a bit complex compared to Fortinet and Sophos."

But once you get the hang of it, you can quite easily configure the device.

Moreover, Check Point has a certification program if you want, and you can learn with that. They also have a separate certification program that you can take, a paid certification program.

I am satisfied with the documentation by Check Point. 

Overall, I would rate the solution a nine out of ten. 

We use it for safeguarding our office network on a routine basis. These firewalls protect against external threats, manage VPN access for remote users, and address various security scenarios. Our primary focus involves malware prevention, intrusion detection, and ensuring robust security measures to shield our office network from potential cyber threats originating from the internet. It serves as a traditional yet effective security system, providing comprehensive protection against hackers and potential risks associated with internet usage.

It provides a comprehensive and scalable security solution. With features like nanosecurity, cloud integration, and multi-domain management, they address the diverse security needs of businesses, from small enterprises to large corporations. It excels in malware prevention, utilizing features like fan black pattern and vulnerability-driven detection, ensuring comprehensive security against evolving threats.  It boasts an Infinity architecture, offering a multitude of features tailored to enterprise needs. The integration with AWS and Google Cloud, safeguarding cloud servers and networks. The Multi-Domain Management feature enables centralized control across on-premises and cloud environments, streamlining security management.

There is room for enhancement in the support system in India. Given the burgeoning market and the growing reliance on security solutions, focusing on strengthening support and implementation infrastructure would be beneficial. This could involve increased training programs to equip professionals with the necessary skills to understand and effectively implement Check Point technologies. Its scalability capabilities should be improved.

It's an exceptionally stable tool. I would rate it nine out of ten.

Scaling up is quite restricted, and the scalability needs improvement. It should be a multi-tiered and robust solution. Currently, there is a gap in the ability to seamlessly scale within the same series. I would rate it seven out of ten.

Technical support in India is lacking, and there's a clear need for improvement. There's a high reliance on third-party support, which needs to be addressed. The current rating would be around five on a scale of one to ten.

Neutral

The implementation process is generally straightforward and basic, taking around one to one and a half hours. However, if there's a need for the creation of numerous VLANs and policies, it might extend over several days.

It comes with a significant price. The cost of the six thousand six hundred models was approximately thirty-eight lakhs. Although the cost may be higher, the reliability and functionality it offers are well worth the investment. I would rate it ten out of ten.

I consider it a top leader in security, and I highly recommend it. Overall, I would rate it eight out of ten.

The customer purchased Check Point 6200 Firewalls to replace their aging Cisco ASA firewalls on the perimeter of their sites. The Cisco Firewalls must be replaced due to insufficient capacity.

It is envisioned that the initial migration will be a direct replica of the ASA configuration, with the client expanding the solution post-migration, with Check Point NGFW features.

This project consisted of the following deliverables:
• Rule base is migrated like for like, in which ASA Firewall zone-based rules will be converted to Check Point Parent/Child layered rules.
• Firewall zones to be imported and reviewed post migration by client.
• NAT rules will be migrated “as-is”.
• Geo-location rules from FTD will be honored and mapped into Check Point.
• Client-based blacklisting will be migrated into the solution, using external feeds via URL.
• A single IPS profile consisting of a clone of the vendor's “out-of-box” balanced profile (optimized).
• 1X site-to-site VPN.
• Integration into Client’s Cisco ISE solution for RADIUS-based admin authentication.
• NGFW licensing and blades to be installed on firewall devices, to allow features to be enabled in the future and expand the solution.

The Client wishes for the ASA firewalls to be replaced with a Check Point systems solution, which consists of 6200 Plus Appliances. 

The initial requirement was to migrate the configuration in an “as-is” state, with the necessary licensing purchased and installed to enable expansion of the solution with next-generation feature sets in the future.

The solution was able to meet and exceed the client's requirements thereby improving the client's environment.

The management server is software-based.

Firewalls and licensing include:
• FW
• IPS

The solution provides a single pane of glass management of rules/logging.

The solution supports IPsec tunnels FOR 1X IPsec VPNs.

The solution integrates with the client’s Cisco ISE RADIUS solution for administrative access.

The compute power of the appliance is great. The Check Point appliances are considered NGFW devices and can process both the ASA and FTD requirements on a single instance, removing the requirement for an expansion SSD module and/or additional hardware.

We'd like an option that can convert other vendors' NGFW configurations to supported Check Point NGFW config for ease of migration.

Check Point configuration options can be very enormous and overwhelming.
Check Point comes with a very lean learning curve even though they offer a robust knowledge base. 

A lot of configuration cannot be accomplished via the web interface or the smart dashboard software and must be done manually via the command line interface.

I'd like to see some built-in automation for the firewall alerts/events to trigger an automated response or recovery.

I've used the solution for three years.

The solution is stable with frequent version and management updates.

The solution is highly scalable and expandable.

The solution offers great customer support.

Positive

We used a different solution and needed more processing power and functionality which this had compared to industry competitors.

The setup was straightforward yet third-party device migration contained a lot of manual configuration conversions.

I implemented this myself.

Pricing can be relatively more expensive when compared to industry peers, however, the functionality makes up for the price difference.

We also evaluated:

• Cisco NGFW
• Fortigate NGFW
• Palo Alto NGFW

This is a great overall solution.

The implementation of Check Point firewalls has been a transformative experience for our organization. It has significantly improved our cybersecurity posture, enabling us to detect and prevent threats more effectively, streamline management, and stay agile in the face of evolving security challenges. 

With Check Point, we are not just securing our data, we are also protecting our brand and reputation. The value they bring to our organization is immeasurable, making them an essential component of our overall cybersecurity strategy.

In today's ever-evolving digital landscape, cybersecurity is paramount for any organization. For our company, the implementation of Check Point firewalls has proven to be a pivotal moment in our ongoing quest to bolster our cybersecurity defenses. These firewalls have not only improved our security measures but have also positively impacted our overall business operations.

In our industry, adhering to stringent compliance regulations is paramount. Check Point firewalls help us ensure compliance with industry-specific regulations and standards, such as HIPAA, GDPR, or PCI DSS. This compliance assurance has eased the audit process and instilled trust among our clients.

Check Point firewalls have significantly improved our ability to detect and prevent threats. The robust threat intelligence capabilities, coupled with real-time monitoring, have allowed us to swiftly respond to potential security breaches. As a result, we have experienced a noticeable decrease in security incidents and data breaches, which ultimately translates into cost savings and a bolstered reputation.

As our organization grows, so does the volume of data we need to protect. Check Point firewalls have proved scalable and can handle increased traffic and the addition of new services without compromising performance. This scalability ensures that our security measures are always aligned with our business growth.

One of the standout features of Check Point firewalls is their user-friendly management interface. This intuitive platform has streamlined firewall management, making it accessible to both our in-house IT team and non-technical staff. This has resulted in a more efficient use of resources and time, allowing our IT personnel to focus on other critical tasks.

The product needs comprehensive reporting and analytics capabilities to help organizations gain insights into their security posture and demonstrate compliance to stakeholders.

It requires enhanced automation tools for regulatory compliance to ease the burden of compliance reporting and auditing.

The solution needs to tighten security by facilitating easy integration with MFA solutions to enhance user authentication.

It needs to integrate automation and orchestration capabilities to streamline incident response and automate routine security tasks, reducing the workload on security teams.

As containerization and microservices become more prevalent, it needs to provide security solutions that protect these modern application architectures effectively. Features like runtime protection and security scanning for containers can be beneficial.

I've used the solution for almost five years now.

Check Point firewalls are quite robust and resilient.

Check Point firewalls have proved scalable and can handle increased traffic and the addition of new services without compromising performance.

The technical support is recommended. I'd give them an A++++.

Positive

I did not previously use a different solution. 

The initial setup was straightforward.

We deployed the solution using Check Point's PS Support. Their team is highly experienced and professional.

It's worth the cost.

Initially, the cost of the investment might seem high compared to other vendors. However, in the long run, it might prove to be economical and cost-efficient.

I also evaluated Fortinet and Cisco ASA.

The solution is our main firewall. It protects our perimeter.

The tool has solid firmware with very few vulnerabilities. We don't need to upgrade it for vulnerabilities. It is rare when compared to the competitors. The product’s performance is good. My organization chose the product because it is stable and provides a very good Software Blade.

The tool must improve its support. The support provided by partners gets expensive.

I have been using the solution for around six years.

The product is stable.

The solution protects the entire perimeter. Every user passes through the firewall. It is used daily. We have around eight administrators. The solution requires very little maintenance.

The initial setup was easy.

The solution is expensive. A medium data center would cost around $17,000 per year for a medium enterprise.

Except for Palo Alto, Check Point is good compared to its competitors. Cisco ASA lacks features.

It is a good product. There are other competitors. Check Point NGFW is easy to deploy, manage, implement, and troubleshoot. The operation is pretty simple. Even a few operations people can run it very well. It is pretty much stable. We need to safeguard the data of our organization very well. Check Point NGFW is a leading solution provider. Security products must not have many vulnerabilities. Overall, I rate the product a nine out of ten.