Check Point Quantum Force (NGFW) Reviews

Check Point NGFW proved to be highly scalable, secure, and stable, among other alternatives of multiple firewalls present in the market.

At an organizational level, the integration and implementation of Check Point NGFW took place on a priority basis due to data and system security concerns against malware and phishing attacks.

Check Point NGFW bifurcates, channels, and segregates the internal network and builds a secure VLAN, and separates it for every department.

Check Point NGFW is highly scalable and provides end-to-end resolution and customized productive service making Check Point NGFW more promising and user-friendly than its alternatives and services like navigation, control, and filtering ensure that all users stay connected to business applications and restrict traffic.

At the organizational level, the integration and implementation of Check Point NGFW took place on a priority basis based on our data and system security concerns about malware and phishing attacks.

Check Point NGFW bifurcates, channels, and segregates internal networks. It builds a secure VLAN and separates it for every department.

It's scalable and provides end-to-end resolution. It offers services like navigation, control, and filtering and ensures that all users stay connected to business applications while restricting traffic.

Check Point NGFW is great for data and system security management against malware and phishing attacks.

Check Point NGFW Firewall requires frequent updates to build more user-friendly dashboards. They need to begin the implementation of more active VPN support.

A few services of Check Point NGFW require immediate improvements, like the customer support portal and the ads management on the platform. These services need to be improved to help ensure mass adoption of Check Point NGFW.

Check Point NGFW Protects from all types of internal and external attacks, and it is easy to use. 

The integration of Check Point NGFW in my organization has taken about 1.5 years or so, and it's still going smoothly.

I haven't gone through any other platforms or solutions. However, these platforms have become a key part of our organization & work management.

Check Point NGFW is a highly scalable and secure solution that is user-friendly. It is up to the mark in terms of data and system security management. Potential users should just go for it. 

I haven't personally evaluated other solutions via reviews from some software review websites.

Go for Check Point NGFW. It's the best among market alternatives and is a must-have solution for professionals.

Currently, we have a need for security when it comes to protecting the company's infrastructure on a perimeter basis. We need to cover many branches that must be protected and require a solution that provides us with technological security solutions that allow us to establish and configure in a simple and centralized way for each of the branches.

As a result, we have searched for solutions that meet these requirements, in addition, we are seeking out solutions with technological innovation capabilities constantly.

Check Point has given us the ability to comply with regulations and with capacities in a way that we never could before. Not only have we managed to secure our network, our infrastructure, and our equipment - we have also managed to gain analysis and additional configurations in each of the complex procedures that are carried out daily.

The Next Generation firewalls are quite flexible in many of their characteristics. These devices have blades or sections or small spaces where they have additional features that we can use. That way, we are not only protecting our organization and other branches that belong to our company - we also have other features if the need arises. These are the features that will always help us to put safety first in our organization.

In the future, some of the features that I would like to see would be the ability to integrate environmental solutions such as the metaverse or blockchain so that we can see them also in applications directly and on mobile devices or natively. 

I've used the solution for three years.

We have deployed this software to provide comprehensive security beyond the Next Generation Firewall (NGFW). 

This software provides advanced analytics on any security measures that can have a great impact on our applications. 

It blocks malware attacks that can destroy data and leak confidential information to unauthorized parties. Check Point NGFW has helped the company to set up security policies that enhance the effective transfer of files and secure browsing strategies. There is improved prevention of external threats to data and increased production across the networking infrastructure.

Check Point NGFW has helped the company in the prevention of cyber attacks that could affect operations and slow down production. 

The intelligence reports from the real-time insights have helped members to avoid risks and plan efficiently for the future. 

Security threats that we used to experience before we deployed this product have been reduced, and the networking channels are ever safe. 

Sharing documents under secure infrastructure has increased the confidence of employees and enhanced faster implementation of tasks and projects.

The software provision of uncompromising security models across all the company applications has stimulated increased production. 

It has given the IT team full control and setup authority to scale down and deploy security to the most demanding platforms. 

The solution is safeguarding our financial databases and always has prevented fraud while giving employees peace of mind. 

The software has enabled us to come up with a unified dashboard that can monitor all accounting operations and investigate when there are security loopholes that can lead to data mismanagement.

The current features have a full set of security models that can protect any organization's information from ransomware attacks. 

When installed on Windows, the system with low storage space slows down. It is not compatible with all mobile devices and this may be unfair to some users. The next release can be more compatible with Windows and mobile devices for increased efficiency. 

I have experienced the best environment while working with this platform. All the data across the transactional records is ever secure under Check Point NGFW and I am proud of that great step ahead.

I've used the solution for nine months.

This platform is stable in the prevention of ransomware attacks.

I have been impressed by the performance of this software since we deployed it.

The customer support team has been always been responsive and interactive with our members.

Positive

I have not used a similar solution.

The setup was straightforward.

The deployment was done through the vendor team.

The current ROI is 35%.

The setup cost is good and the solution is affordable.

I evaluated other options. However, the company settled on Check Point NGFW due to its performance.

This is a great solution for many organizations that require stable data security.

I am using Check Point NGFW in an internet-facing manner thanks to the advanced features and security, like the SAM database.

If anyone wants to use the firewall as internet facing, then Check Point NGFW is the best option.

Our organization gets many attacks on our server, so we have installed Check Point firewall for internet-facing scenarios,

The SAM database and advanced blade are the most valuable aspects of the product.

The Check Point architecture and packet are very good.

We need further protection from future critical cyber attacks, as cyber-attacks are growing day by day, and every day new attack is happening in the real world.

There is a huge amount of revenue lost in the financial/banking sector due to cyber attacks, so we need to have something that can highly concentrate on future cyber attacks.

Check Point should release some new technology that no vendor has ever done before.

Check Point NGFW helps me as a network security engineer as it is easy to troubleshoot the issue and also its easy to clear all vulnerabilities in Check Point after upgrading.

I have been using this solution for five years.

The stability is good. 

The scalability is good.

They are awesome. They offer a high level of support.

Positive

I have used Cisco, however, due to multiple vulnerabilities, I have switched to Check Point.

The initial setup is straightforward.

The ROI is good. 

They offer good quality, therefore, the pricing doesn’t matter.

I have compared many vendors, including Sophos and Fortinet.

I have a relatively small infrastructure, with a VMware Vsphere running all my servers on virtual machines. My network consists of approximately 30 workstations. The Check Point NGFW helps detect attacks against enterprise applications. 

It can enforce application functionality specific controls, monitor application data and content, and monitor HTTP, HTTPS, SMTP and other application protocols for better protection. I can audit applications running on my network, monitor their content and data, identify hosts on which applications are running, and identify users of the applications.

I have been using the Check Point NGFW as a primary firewall with all policies and rules configured on it. It helps as an Intrusion Detection System. This has improved my network performance as it illuminates suspicious activities before they reach the network. 

The network monitoring tool allows me to know who and what is hogging all the bandwidth and therefore apply it to remediate action and hence improve network performance. The Check Point NGFW helps me with QOS, during these times of work from home and virtual meetings, I can easily allocate required bandwidth to MS Teams, Zoom, and WebEx.

The most valuable features are the application and user control. This allows me to allow applications that encourage productivity and limit those that hinder productivity. The Network Address Translation (NAT) will always be a valuable feature as it allows me to turn my private cloud to the public at the click of a button and have secure control over the accessible servers/applications. sandboxing is also a valuable feature that allows the NGFW to act as an anti-malware, this would be largely helpful to prevent or minimize ransomware attacks.

Although very efficient, the product could be developed in a way that does not take a lot more system resources. It would be very useful if the Check Point NGFW was able to learn the environment and its user's real-time activities and automatically send only logs of interest to the security admin to actually force the security admin to review these logs since the logs are useless if not reviewed. Implementation and setup should be made as easy as possible. At times a misconfigured NGFW because of its complexity will be more of a vulnerability than protection.

I've used the solution for four years.

The stability is very good.

The scalability is very good.

Technical support is always on point.

Positive

We did use a different product. The previous solution was actually more complex to set up and had a high price.

The individual setup was complex. However, with the support of an expert on the solution, it became straightforward.

We used a vendor team. Their level of expertise was acceptable.

The ROI is on the positive side.

I'd advise users to find a local vendor of the solution they are looking into and compare all middleman pricing.

We also looked at Cisco Firepower.

I have been using this solution as a perimeter firewall. 

Our organization has ISP-based DDoS protection on the outer attack surface. Then, we have Check Point Next Generation Firewall with an IPS module as a second layer of protection. And then, we have Check Point Access Control, Application, and URL filtering, anti-virus, and anti-bot modules enabled. We also have the cloud-based Check Point Threat Emulation solution and different segmentations on Check Point Firewall as a DMZ zone, internal zone, and external zone. Our internal zones have different segments to improve our security level. We apply it by dividing our network into different VLANs by using the Check Point solution.

Check Point is the first vendor in which we found the stateful firewall terminology. It is always on the top of the list of best firewall solutions. 

Financially, the benefit of Check Point is very high when I compare it with an average firewall solution. At the end of the day, the benefits it provides are already higher than I paid. 

Our business performance is already doubled by the help of Check Point. If we need to talk about efficiency of administrators while managing a security  solution, I consider it as one of the most important item. 

Thanks to Check Point, our security team can easily handle different problems in time.

Check Point gateway and management installation are very easy. After the console-based installation steps, you can continue on the web GUI interface. This is very valuable. It doesn't let you make a simple mistake, which might be a reason to install all the systems from the beginning. It has been designed to give you flexibility as much as needed; not more, not less. It prevents human mistakes, basically.

If I have to say just one thing as the most valuable; I will say it is the most reliable firewall solution in the world. It is easy to prove that when I compare the number of CVEs which are published in a year among firewall vendors.

The routing rules and some more network settings should be listed on the Check Point Smart Console instead of GAIA Web GUI. It might be a little bit confusing when an administrator remembers the location of the settings. Also, it is hard to manage the settings by always jumping from GAIA Web-based graphical user interface to Java based Smart Console dashboard. Also, Check Point Next Generation Firewall has a very detailed and well-organized CP view on the console on both CLISH and expert (/bin/bash) shells; which gives an administrator a real-time monitoring option on the console.

I have been using it for more than six years.

On a heavy load, I haven't experienced packet loss or inconsistent behaviors.

In the beginning, I would consider Check Point solution as not scalable enough. However, after Maestro architecture, it is extremely scalable now. The organizations does not have to pay a lot of money to plan for the next 2-3 years. They are flexible enough to allow for the extension of their systems by adding another module like a blade.

The customer service and support team respond in minutes. If it is a critical issue, you can reach them in seconds via chat.

Positive

I used Palo Alto and Fortinet firewalls before. From Fortinet to Palo Alto it was a big change. 

Fortinet was not a good enough solution as compared to PA. Then, due to finances and some other reasons, I switched to the Check Point and it was one of the best decisions in my life.

The initial setup is straightforward. You just need to define disk allocation for logs and system files and backup files as an amount. Then you can continue with Web GUI to set up network, DNS, etc. settings. Then you complete your setup by installing the Smart Console interface.

The Check Point support team is one of the best. When I need them, they can escalate the ticket to an appropriate level of engineer to fix the problem.

As a security solution in this kind of market, prestige and being reliable cannot be measured with money. It costs more than a million dollars to have a defacement attack. The costs to prevent this kind of attack cannot be measured with money, in my opinion.

I'd advise others to worry about changing their firewall habits from any vendor to Check Point. It will be one of the best decisions of their life. If you have time and money to take care of other vendors, go ahead. However, if you are smart enough to manage your money and time, don't be afraid to give a chance to Check Point solution.

I did get some PoCs from other vendors such as Sophos and some other firewall vendors which are focused on small-size organizations mostly.

I recommend to all system managers and security administrators to try all the enterprise firewall solutions. Then, most likely the final decision will be to use the Check Point Next Generation firewall.

The solution is primarily used as an edge firewall safeguarding any organization or company which are really considering it as their number firewall of choice. In addition, there were also companies that are only using the specific blades, for example, IPS or IPsec, only as their primary solution. It is mostly used as an edge firewall. Sometimes, all security blades are utilized. As a significant part of the whole network infrastructure, Check Point delivers high detection and prevention rates when talking about suspicious and cyberattack types of activities.

Primarily, Check Point played a very vital role in protecting our whole network infrastructure. Having been able to implement such a solution will keep one's organization's security posture well guarded. The best part of Check Point NGFW's operational mechanisms were the Threat Extraction and Threat Emulation blades respectively. The former delivers documents with zero malware in zero seconds and the latter analyzes the original document in an isolated sandbox, identifying unknown threats. 

I'd recommend this kind of firewall for companies considering it since the detection rate for any cyberattacks/suspicious activity is very high (more than 90%).

Check Point NGFW has all the security blades a certain company would want to implement for a network firewall facing the public internet. The upsides of choosing this kind of firewall are traffic acceleration, core acceleration, and interface acceleration which would help in maintaining smooth sailing activity, giving administrators less dilemma. 

Administrators always find it hard and disturbing when such a network bottleneck occurs spontaneously out of nowhere. With that said, Check Point still ranks first among other vendors.

It would be best if the security management server console access is simpler for ease of management. System administrators find it really difficult for the management settings to incorporate easily. Most administrators nowadays are looking into something that offers easy access to a management console or GUI. 

I could not think of other areas for improvement. This is the firewall that I liked the most among other vendors in the market. It's by far the best firewall in the security industry.

I've used the solution for three years already - since the start of my Network Security Engineer career.

Stability-wise, it is perfect! 

When you perform sizing, make sure that the necessary scalability is considered. There's no going back when things like this are compromised.

Lately, Check Point support is nowhere to be found.  We are always attending other customer sessions when, in fact, support is needed for a P1.

Neutral

Mostly, they are the Gartner leaders for NGFW. A switch was made when customers found the solution more secure per doing the proof of concept.

I could say that it is complex even though they are already CCSE and Check Point Expert. There is no way I could find its management easy to use.

We handled the setup in-house.

That there is a money-back guarantee for their business. A business being secured is a business of high return.

There are a lot of evaluations to be done prior to choosing the solution. It caught the customer's attention when the threat extraction/emulation blade really did well during the proof of concept activity.

So far I have mentioned all the things needed to be given importance with regard to an NGFW solution.

We use Check Point on a daily basis. It is our primary gateway to the internet, with an extensive rule base that's used to block unwanted connections and protect our internal networks. 

Multiple gateways are used in a VPN community to build a secure homogenous company network over the Internet. 

We also use the two-factor authentication with RSA-Tokens to authenticate users that are away at conferences or in the home office to the firewall. 

RSA is also used on a portal (called mobile access) on the gateway, where users can easily check their e-mails and access company resources. 

Check Point NGFW has proven to be a reliable firewall. We have been using it for over 15 years now. 

It's offering great security while also being rather easy to manage. 

We evaluated a couple of other firewall solutions over the years, yet always came back for Check Point for a couple of reasons. First, they are the market leader and there are just very many resources online for installing, configuring, debugging, and so on. Second, other firewall solutions may initially be cheaper (especially for basic firewalling), but when you need more features Check Point has a surprisingly good price point. 

I personally like the SmartDashboard client best, which is the rule base management solution. You have a nice overview of the existing rules, and new rules are easily implemented. You can filter by IP, application, rule number, port, or hostname, so you easily find what you are looking for. Rules can be grouped by topic (internal, external, Internet, DMZ, etc.). It all can be well arranged to suit your needs. 

It also offers a dashboard to see recent threats, errors, or other issues with your gateways, as well as Logs for debugging.

Unfortunately, as is the case with many big companies, new features seem to always be more important than fixing the last little bugs that affect only a minor customer base. 

The command line, for instance, is still needed regularly if you want to dive deeper into debugging certain issues. 

While it certainly has improved over the years, it still doesn't feel like a polished product. Some features (e.g. super netting VPN connections) need to be enabled by editing a configuration file, which is sometimes lost upon upgrading to a new version. I'd really like to see more easily manageable debugging solutions. 

I've used the solution for 15 years.

We did have stability issues by using a not officially supported Check Point setup, running it in a virtualization environment, so the Firewall gateway was running on a Xen cluster. In the beginning this was running fine, buter after a couple of months the Checkpoint services kept freezing and needed to be restarted manually. As this started to occur more regularly (a couple of times per week) we migrated the firewall to dedicated hardware.

So I'd recommend always using supported setups.

The biggest enterprises in the world use Check Point products. Scalability is not an issue.

We used Microsoft ISA Server, which is a discontinued product before Check Point. 

Check Point has a pretty competitive price point if you use the features it has to offer. If you need only basic firewalling other solutions may be better suited to your needs. 

We evaluated Palo Alto, Fortinet, and Barracuda. 

We use the NGFW to give security and protection to our local network and internet user from internet threats like viruses, worms, bots, and intrusion. 

We also use it to control the internet URLs accessed by the user. We subscribe to two internet service providers with total bandwidth available of 450 Mbps and we have more than 700 internet users connected. 

Check Point's firewall does a good job of protecting the user from malicious threats. It is able to run smoothly without being a bottleneck in the network. 

Check Point NGFW helps us to secure our user's computer and our server and therefore helps us to maintain business operations. It has important features like an intrusion prevention system, anti-virus, and anti-bot capabilities. 

It also helps us manage bandwidth efficiently by managing what website is allowed to access by users. 

We're limiting user access to websites with high bandwidth demand like video streaming and social media, of forbidden websites like adult websites. 

We can manage which users have access to certain websites.

The antivirus, antibot, and intrusion prevention systems are great. It's very important due to the fact that to prevent is better than to recover. The features play a critical role in preventing any security incidents from happening and minimalizing them before they become bigger problems. 

Its URL filtering feature is great. We can manage which users are allowed access to which websites at a certain time. We can also manage which application is allowed and forbidden for the users. 

Check Point has a vast list of applications it is able to manage - from torrents to games, social media, etc. 

The product could provide an easier user interface and management, by combining all functions (network and policy configuration) into one single application rather than splitting it into different applications. 

Users will also really appreciate it if Check Point provides a free management and logfile analysis module. In the existing setup, a user must pay an extra subscription fee to have access to the firewall management module. It makes the user without a subscription unable to fully gain insight from the firewall log file so they are unable to fully utilize the device

I've used the solution for four years.

It's stable. The system runs with minimal problems. I said minimal because yes there were problems. In 4 years using checkpoint, we have maybe 2 major problem. One was hardware modul failure, that replaced as soon as possible by support team, and the other was software/configuration problem, that get solved also with the help of support team

It has the ability to scale depending on the product model.

They provide good support, depending on your troubles. For more complicated requests, maybe you will have to pay.

Neutral

Check Point is the company's first NGFW.

The initial setup is simple, however, customizing it could be complex.

We implemented the solution through a vendor team. The score I'd give for their expertise is seven out of ten.

if you pay for the setup cost, make sure you get it set up exactly as you need it to be.

We looked into Sophos, Sangfor, and Palo Alto.

I planned to block traffic from foreign countries, however, Check Point does not have the intelligence to determine VPN connections from foreign countries coming through the local VPN.

I also wish Check Point could be more effective by collaborating with Microsoft to establish a different connection for Outlook cellphones or devices not on the domain. I wish to hide my devices like cellphones only allowing them to connect via capsule, however, it applies to all devices. It works well.

It is an excellent, easy-to-acquire system to protect midsize businesses with up to 100+ users that require a security solution that can scale across corporate networks and give us protections against GenV cyberattacks as the business grows. 

What I recommend the most is its central administration. With the smart controller, you can manage all your firewalls from one location. 

Being able to access almost everything in one location manage all your gateways and get all your logs is great. For me, it's the best feature to work with.

The solution is great for cyber attack prevention, data bridges, and other threats. You need intelligent and effective solutions to minimize cyber attacks and Check Point gave me peace in December when they had an unidentified log4j vulnerability.

Our main benefit was the elimination of a server/VM from our data center and the usage of a cloud solution.

Having all the features on the cloud was also a benefit since some products when migrated to cloud solutions lose some features  - but not his one.

The setup is a little bit rough and requires some technical expertise, however, this is expected with a solution as complete as a firewall and especially a Check Point one.

Sometimes debugging is a hassle. We've had issues with VPN debugging in the past. In the more recent versions, later than R80.10, this seems not to be an issue anymore. 

This year we tried to debug performance issues of the gateways, which was cumbersome. When we finally found the performance bottleneck, it was a licensing issue. 

Check Point uses CPU-based licensing for OpenServer, and buying more licenses helped. However, this is the reason we're upgrading to Check Point appliances next year, as OpenServer becomes pricier every year, and Check Point pushes their customers to use their appliances.

I've used the solution for three years.