Check Point Quantum Force (NGFW) Reviews

We are Check Point's Authorized partners, and Check Point NGFW is used for our Client's network security. These Next Generation Firewalls are excellent. All of our customers are happy. Check Point gateways provide superior security compared to any competitors in the Indian market. 

Our clients have networking solutions that range from 50 to 200 routers and hubs. Also, their endpoints range from 100 to 2,000 endpoints. Check Point's unique solution helps us to cater to all sizes of companies, from SMEs to large enterprises without compromising on any security vulnerabilities.

Check Point NGFW gateways provide superior security compared to any Indian market competitors. It delivers the highest-caliber threat prevention with excellent SandBlast Zero Day protection out of the box. 

Also, its on-demand hyper-scale threat prevention performance provides our customer with cloud-level expansion and resiliency on-premises. By integrating the most advanced threat prevention and consolidated management, Check Point's security gateway appliances are designed to prevent any cyber attack, reduce complexity, and lower our clients' costs.

The features which are most valuable include:

1] Uncompromising Security

2] Security at Hyperscale

3] Unified Security

4] Check Point's Quantum helps our clients in their overall cybersecurity practice

5] Protects network, data center, endpoints, and IoT

6] Ultra-scalable protection against Gen-V cyber attacks

7] Best Protection with SandBlast Threat Prevention

8] Maestro Hyper-scale Networking

9] Remote Access VPN protects your Remote Users

10] Highest level of security with Autonomous Threat Prevention

11] Modular Hardware and high-performance CPUs

We would like to see the following improvements:

1] Check Point can improve a little better in their technical services, especially in the Indian market. 

2] Check point can add features like log management which would be very useful to get compliant with CERTin standards. 

3] Check Point should look into SIEM solutions as today's Indian market is going towards SOC capability, and SIEM is the backbone of any SOC solution.

4] Automation is the crux of today's digital transformation era, and Check Point should include automation in its products.

5] Incident forensics like UBA or CASB is the next challenge in the security domain, and these features should be included if possible.

Its been three years since I strated using the product.

The solution is highly stable.

This solution is highly scalable.

The technical support is nice.

Positive

We are currently working with Sophos, however, we started recommending Check Point to our clients due to the excellent capabilities that they carry.

The setup is straightforward.

The setup, pricing or licensing cost of other products is on-par or a little higher than Check Point.

We have evaluated Sophos and Palo Alto.

Primarily, it's used for customers who want to add their network security.

The IPS protection is the most useful feature that I found from Check Point. It has a feature called WatchTower, which helps you manage the device using a mobile. That's the most used feature. 

Other than that, it's quite simple. All the other features are what you find in all other firewalls. So the best feature that I find from Check Point is WatchTower.

The setup is a little complex compared to its competitors. That's what makes it stand out. Other than that, it could always be done by another product, but they have a lot of IoT products. This is definitely something like a Check Point Quantum device.

I have been using it for two years. The version I use is R8x series. I'm not exactly sure, but it's the latest version.

It is a stable product. 

It is a very scalable solution. 

The customer service and support have been good.

Positive

I used Sophos XG. We (my company) still use Sophos, Check Point, and FortiGate. We use all three firewalls in our environment.

Check Point has a really good feature where they give us a subscription for IoT device protection, which other vendors don't have. Sophos, I don't think they have it. 

Fortinet charges for it separately, so that's an additional cost, but with Check Point, the feature is built in. It's not an additional license.

Moreover, Check Point has started promoting a lot. It's well known here in our region.

The initial setup is complex. It's pretty easy to maintain.

We deployed it for customers. So maybe if we do a big deployment, it could be difficult.

The pricing is reasonable compared to the features that you get.

I highly recommend it to users who have a lot of IoT devices.

It all comes down to one simple thing:

"If you have IoT devices, I highly recommend Check Point NGFW. If you don't, it's a bit complex compared to Fortinet and Sophos."

But once you get the hang of it, you can quite easily configure the device.

Moreover, Check Point has a certification program if you want, and you can learn with that. They also have a separate certification program that you can take, a paid certification program.

I am satisfied with the documentation by Check Point. 

Overall, I would rate the solution a nine out of ten. 

We have deployed this product for the protection of our MPLS connection between 20 geographic distinct sites, two data centers, and an internet connection.

We are also using the product to establish IPsec tunnels with 5 external entities totally transparent to our users.

We're a new company that started to invest in cybersecurity and protection products and chose Check Point for their cloud solutions that protect a vast majority of our devices. 

We are happy with the deployment of the product and the ease of use.

Since the deployment and go-live of the solution, we noted a rise in productivity of some people, we think it has to do with the deployment of the application control and web filtering capabilities of the product.

We're also happy with the deployment process and the help that the Check Point partner provided in the initial configuration of the product. 

Our users also noted more speed on the internet connection, as I said probably because of the block rules implemented with the features mentioned above.

I have to say that it was Application Control and web filtering are excellent. We knew we had users watching videos and using not approved apps yet didn't have a way to centrally block them. With NGFW we do and we can set up profiles/groups of users with different permissions which allow for example IT to have media streaming access and "regular" users don't.

Also having a VPN concentrator on the same device is a plus since made our user management with Active Directory connection a lot easier and faster.

We're a new company so regarding additional features we can name only a few, for example, a better API for extracting data so that we can integrate with our monitoring solution, at the moment we use Nagios/Icinga.

It would be nice if there is a mobile-friendly console for our techs so that they can help users when not at their desks since they do frequent external work.

Better connection between the legacy console and the new one since we have a company that still uses an on-prem device and we have to use two consoles.

We've been using this product for one year.

We didn't use a previous solution. 

I'd advise others to read the license differences and features.

We've evaluated Fortinet and Forscout products.

Check Point NGFW is a critical component of our security infrastructure. It provides comprehensive next-generation firewall (NGFW) security for our perimeter and DMZs, protecting us from a wide range of cyber threats, including malware, viruses, ransomware, phishing attacks, and zero-day threats.

Check Point NGFW uses a variety of advanced technologies to protect our network, including intrusion prevention, application control, and threat intelligence. It is also able to detect and block sophisticated cyberattacks that traditional firewalls cannot.

Check Point NGFW has helped us to significantly reduce our risk of cyberattacks by providing comprehensive protection against a wide range of threats, including malware, viruses, ransomware, phishing attacks, and zero-day threats. 

It has also improved our network performance and reliability by optimizing traffic flow and reducing latency. 

We are confident that Check Point NGFW will continue to protect our network from the latest cyber threats due to its advanced security features and its team of experts who are constantly monitoring and updating the product.

As a security professional with over ten years of experience, I've seen firsthand the devastating impact that cyberattacks can have on organizations of all sizes. That's why I'm so passionate about using the best possible security solutions to protect my clients.

One of my favorite security solutions is Check Point NGFW. It provides comprehensive protection against a wide range of cyber threats, including malware, viruses, ransomware, phishing attacks, and zero-day threats. It is also designed to deliver high performance even in the most demanding environments, and it can be scaled to meet the needs of organizations of all sizes.

I've also found Check Point NGFW to be very easy to use and manage, even for users with limited IT expertise. This is important to me because I want to make sure that my clients can focus on their business without having to worry about complex security solutions.

Overall, I highly recommend Check Point NGFW to any organization that is looking for a comprehensive and effective security solution.

There are a few areas where Check Point NGFW could be improved. First, it can be expensive, especially for small businesses. Second, it can be complex to configure and manage, especially for users with limited IT expertise. Finally, its licensing model can be complex and confusing.

Despite these areas for improvement, I still highly recommend Check Point NGFW to any organization that is looking for a comprehensive and effective security solution. I am confident that Check Point will continue to improve its products in the future, and I am excited to see what new features and capabilities they come up with next.  

One thing I would like to see in the next release is an AI-powered threat detection and prevention system that can automatically identify and block new and emerging threats.

We've been a Check Point customer for over 21 years, and we've always felt that they are a trusted partner in our cybersecurity efforts.

Overall, I'm very impressed with the stability of Check Point NGFW. It's a powerful security solution that can meet the needs of organizations of all sizes.

One of the things that I appreciate most about Check Point NGFW is its flexibility. It can be deployed in a variety of ways, including physical appliances, virtual machines, and cloud-based instances. This makes it easy to scale your security infrastructure up or down as needed.

I've always been impressed with the responsiveness and expertise of Checkpoint's customer service and support team.

Positive

We have never used a different solution. We have been using Check Point NGFW since we first launched our network 21 years ago, and we have been very satisfied with its performance and reliability.

The complexity of the initial setup of Check Point NGFW depends on the size and complexity of your network, as well as the features and capabilities that you need.  

If you have a large enterprise with a complex network or need to configure all of the features and capabilities of Check Point NGFW, I would highly recommend that you engage Check Point Professional Services to help you with the setup process.

We have always used Check Point Professional Services to assist with our implementation.  They are very knowledgeable and can save you a lot of time and frustration.

To maximize the ROI of Check Point NGFW, it is important to choose the right deployment model, use Check Point's security services, and keep the software up to date.

There are a few areas where Check Point NGFW could be improved. First, it can be expensive, especially for small businesses. Second, it can be complex to configure and manage, especially for users with limited IT expertise. Finally, its licensing model can be complex and confusing.

Despite these areas for improvement, I still highly recommend Check Point NGFW to any organization that is looking for a comprehensive and effective security solution. I am confident that Check Point will continue to improve its products in the future, and I am excited to see what new features and capabilities they come up with next.

We evaluated Cisco ASA Firewall before choosing Check Point NGFW.

A few months ago, one of my clients was targeted by a sophisticated ransomware attack. Check Point NGFW was able to detect and block the attack before it could cause any damage. My client was very grateful for Check Point NGFW's protection, and I was relieved that I was able to help them avoid a costly and disruptive attack.

We use the solution to configure sandboxing features for enterprises. We also use it for policy-level configurations and VPNs.

Sandboxing is the most valuable feature. A majority of the configurations are very accurate. We can find what an organization's user is downloading from the internet.

The support team should be faster.

I have been using the solution since 2016.

All products have some bugs. However, we had a minimum bug experience with Check Point. I rate the tool’s stability an eight out of ten.

The product is scalable. Everyone in our company uses the product. We are 100 users. We have an on-premise firewall. We use it every day.

I have contacted the support team. I have had good conversations with the engineers. Sometimes, it takes a little bit of time to solve some issues. If it's a complex issue, we need to start from scratch and escalate to a bigger tier of support.

Positive

The initial setup is very easy.

The product is not that expensive for what it is offering, but it could be cheaper. Nowadays, all the vendors are increasing their prices. Suggesting the product to the customers will be easier if it is a little cheaper. The tool offers good attributes.

Palo Alto is also a good vendor. We chose to go with Check Point as well for our enterprise solution as distributors, and we suggest it to our customers.

I was an engineer for AT&T. I helped customers with configurations. The vendor is taking care of the user side of security with Check Point Harmony. It is a very good product. Check Point Harmony must provide administrators the ability to manage external programs remotely. Some customers want such features, and other vendors provide them. I would recommend the solution to others. The vendor has been investing a lot of money and effort to prevent zero-day attacks. Overall, I rate the tool a nine out of ten.

The Check Point firewalls are used to protect both the edge and datacenter firewall environment.

The firewalls have been deployed in a high availability design and are virtualized using Check Point VSX VSLS. This means we have multiple virtual firewalls protecting different parts of the data center (e.g., DB, Edge, WAN, pre-production.)

We have activated multiple software blades, including firewall, VPN, URL filtering, Application Control, compliance, reporting, and threat emulation, to name a few.

A similar design has been deployed at the DR with a similar set of firewalls.

The following has been improved:

1) The edge security posture has greatly improved. We are now able to detect and prevent threats coming from the public internet. The firewall is able to block know threats using the inbuild Intrusion Prevention blades.

2) We can connect with other organizations using site-to-site VPNs to enable inter-organization communication.

3) Check Point comes with a strong management solution that allows us to monitor and track threats that are detected and prevented. It also helps us be in compliance with industry standards.

The following features have been valuable:

1) IPS - The edge security posture has dramatically improved as we can now detect and prevent threats from the public internet. The firewall can block know threats using the inbuild Intrusion Prevention blades.

2) VPN - We can connect with other organizations using site-to-site VPNs for inter-organization communication.

3) Management Blades - Check Point comes with a strong management solution that allows us to monitor and track detected and prevented threats. It also helps us be in compliance with industry standards.

The following can be improved:

1) The management solution is currently using a desktop client for administration purposes. This should be improved by ensuring configuration on the firewalls can be done 100% using a web-based approach. This is currently a work in progress in R81.X, yet should be fast-tracked.

2) The Check Point TAC support has, in recent years, deteriorated. Getting support is usually a pain as the TAC engineers don't seem to understand our issues fast enough and are not readily available. This is in contrast to the amount of money paid for the support.

I've used the solution for five years.

A lot of improvement is required in how checkpoint TAC engineers handle their assigned cases. Tickets can be opened for very long without clear solutions.

Neutral

We previously used Cisco ASA 5585 Firewall.

The setup was fairly easy as the team is well trained.

We worked with Check Point professional services.

This is a premium enterprise product, hence the price is very high.

We looked at FortiGate Firewalls.

Check Point should review their pricing models especially for the African market.

We use the solution for threat protection in the banking and finance sectors.

Check Point NGFW is popular because of the protection it offers. 

The pricing and UI need to be improved. 

The enterprise is quite expensive. There are small boxes that are competitive enough.

I have been using Check Point NGFW for a year.

The product is stable.

I rate the solution’s stability a nine-point five out of ten.

The solution can scale up to enterprises.

I rate the solution’s scalability a nine-point five out of ten.

The initial setup is easy, but maintenance is very difficult. Deployment and fine-tuning take a day.

There were no glitches or issues. We were able to achieve a positive ROI for our business. It saved them a significant amount of money that would otherwise have been spent on dealing with ransomware activities.

The product is expensive and costs around one-point-five million.

I rate the product’s pricing an eight out of ten, where one is cheap, and ten is expensive.

Thorough planning is essential when implementing a Check Point NGFW. You need a checklist outlining what policies to establish. While the installation is straightforward and does not require much effort beyond obtaining a license, creating and configuring policies can be time-consuming. Therefore, allocating sufficient time and resources to policy creation is crucial to ensure effective security management.

Overall, I rate the solution a nine out of ten.

We primarily use Check Point NGFW for network segmentation and traffic control. It effectively segments our network into zones, allowing us to manage and secure traffic flows between different segments.

The platform's technical support services need enhancement. 

The product is highly scalable and crucial for our large-scale deployment needs. Its scalability is a ten out of ten.

The technical support is generally responsive, although there have been occasional delays in accessing specialized assistance tailored to our needs.

Positive

The deployment was handled by dedicated experts within our organization, ensuring a smooth setup. While I didn't oversee the technical aspects directly, our team found the process straightforward, minimizing operational disruptions.

The product is on the higher end of the cost spectrum, but the investment is justified by its high-quality performance and reliability, which are paramount for our security infrastructure.

Check Point NGFW has consistently provided stable operation which is critical for our organization's security needs.

Managing firewall rules and policies is intuitive and efficient. The interface allows us to quickly adapt to new security requirements and maintain compliance with organizational policies.

I highly recommend it for organizations seeking robust network security.

Overall, I rate it an eight.