Check Point Quantum Force (NGFW) Reviews

I am currently using Check Point Quantum Force (NGFW) as a perimeter firewall and it protects my internal traffic from the internet.

The best feature that Check Point Quantum Force (NGFW) offers in my experience is its robust nature because it is one of the stable products that I have used. I have not had any issue with it since I started using it. With the release of R82, there is a feature called Elastic Axel where you can use the firewall in active-active mode so that it can incorporate up to three firewalls.

Since implementing Check Point Quantum Force (NGFW), I have seen fewer incidents and a lot of malicious traffic that has been blocked. We do not have to keep looking at the logs, and it provides a compliance report.

Check Point can improve in the VPN sector because I still have a problem using VPN in active-active with its R82 feature since it can only incorporate with active tunnel route mode to route mode and policy-based to policy-based. This is what is suggested by the Check Point TAC engineers as well.

I have been using Check Point Quantum Force (NGFW) for about three years.

Check Point Quantum Force (NGFW) is a very stable product and I have not had any issues with it.

Check Point Quantum Force (NGFW) is very scalable with its R82 Elastic feature, and with a different solution, for example, MHO where you can scale up to 52 gateways.

The customer support for Check Point Quantum Force (NGFW) has been on point. We have not had any issues till now, and they have been providing support within half an hour.

Negative

I had used Palo Alto Networks before Check Point Quantum Force (NGFW) and I switched because I heard from one of my colleagues saying that Check Point is more robust than Palo Alto.

My experience with pricing and setup cost for Check Point Quantum Force (NGFW) showed that the pricing came neck and neck with its competitor. The setup was a little bit difficult at first, but once you get your hang of its architecture, it is very easy.

I have seen that fewer incidents are reported, not just fewer employees needed, but fewer incidents reported is what I think the return on investment is since implementing Check Point Quantum Force (NGFW).

We did not evaluate any other options before choosing Check Point Quantum Force (NGFW).

I am currently utilizing all its security blades including anti-spam, URL filtering, threat emulation and extraction, and IPS to protect my internet traffic. I have also enabled HTTPS inspection so that every SSL traffic can be inspected.

Using active-active mode and the ability to incorporate up to three firewalls has helped my day-to-day operations by allowing load sharing during the peak season, and it does not give high CPU resources on only one firewall. You can get the ROI from both the firewalls at the same time if you are using active-active mode.

Check Point Quantum Force (NGFW) is one of the best solution firewalls you can have, and if you use its whole features, then your internal networks and servers will be secured from any malicious website, phishing links, and it even provides you with compliance reports as well. I think it is really handy. I rate this product a nine out of ten.

On-premises

We use Check Point NGFW for separating the IT networks from the OT networks. It provides advanced threat prevention, access control, IP policy, zoning, virtual interfaces, and NAT capabilities. While it also provides VPN, we are currently not using it but are exploring the option.

The best features offered by Check Point NGFW include threat prevention and application and identity awareness. Identity awareness is utilized to enforce policies that help identify systems based on users and groups, which is especially useful in enforcing access control in our OT environments. The ability to add policies for granular network segmentation using virtual interfaces for VLANs is beneficial. Check Point firewall has protocol awareness, aiding in anomaly detection in traffic packets. Centralized management using SmartConsole is valuable as it allows both IT and OT network administrators to manage the same firewall with varied permissions. Compliance and audit support for certain frameworks, along with logging and policy enforcement report generation, are additional strengths. Check Point in the OT DMZ assists with improved OT network visibility and faster incident response with its built-in logging, reducing incident response time.

Check Point NGFW could improve by continuing innovation and enhancing integration with popular SIEMs. More granularity and control for threat prevention, especially on the OT side, would be beneficial.

I have been using Check Point NGFW for over five years now.

The use of Check Point firewalls has helped improve our security posture without any downtime, thanks to the high availability architecture.

The solution is scalable because additional Check Point blades can be added to grow the network. It offers virtual and cloud options, making it suitable for expanding dynamic OT networks that span edge, remote locations, or hybrid clouds.

I rate customer support a nine. While it is exceptional, I believe there is always room for improvement.

Positive

The initial setup was complex, particularly with understanding different cloud infrastructures.

Incident response time has reduced significantly, and downtime due to network issues has been minimized, leading to an improved return on investment.

We briefly looked at Fortinet and Cisco options but chose Check Point because we are a Check Point shop.

I advise thoroughly planning ahead, understanding your environment, and ensuring a good network segmentation standard is set up. Pre-plan deployment using automated scripting. Familiarize yourself with SmartConsole and SmartEvent, especially in a multi-site setup. Begin enabling threat prevention gradually and plan for high availability using HA clustering with dual power supplies. On a scale of one to ten, I rate Check Point NGFW as ten.

Hybrid Cloud

Other

My main use case for Check Point NGFW is that it was deployed at the network edge to protect and manage incoming and outgoing traffic from the corporate network, which is controlled by Check Point firewall. We have implemented application control, URL filtering, content filtering, and similar features. This enables us to manage the traffic by creating granular policies, IP space, or user-based policies. The main use case is to control the inward traffic and stop cyber threats at the network edge only.

Check Point NGFW offers excellent features such as implementation of content awareness, application filtering, URL filtering, HTTPS inspection, IPS, and identity-based integration with LDAP, which we were able to implement. The user-based policies we have configured help us avoid unwanted malicious sites and ensure there is no malware being downloaded into the network, meaning there are no disruptions in network production. All users are focusing on their desired tasks, which has a positive impact by avoiding business disruptions. That's the main impact I can say, as it indirectly helps the organization keep their users focused and stay away from any kind of cyber threats.

Check Point NGFW has positively impacted my organization as the incidents have reduced, resulting in no disruptions in the network. Everything is running smoothly and the organization is protected by Check Point firewall. The users are doing their desired tasks very efficiently, and everything is live in the network or applications, providing excellent security. Therefore, there is no business disruption so far.

To improve Check Point NGFW, I would suggest that AI features, such as Auto AI autopilot, would be greatly appreciated because they can automate most of the tedious tasks that take a lot of time. Having features such as AI can make the process easier.

A specific task I'd like to automate with AI in Check Point NGFW is adding multiple users, users and address group configuration of address groups and addresses, along with exporting firewall addresses in a certain format. That kind of feature should be there, or if we try to export the data from the Check Point firewall, we get only group address group names without seeing whatever members of the address are included.

Check Point should provide the feature of exporting group data with address groups, so when I export address books, only the group name is visible in the Excel file. Instead, it should show the actual members of the groups getting exported. That kind of feature would be appreciated.

I've been using Check Point NGFW for more than one and a half years as an admin.

In my experience, Check Point NGFW is stable.

The scalability of Check Point NGFW is good, and we can integrate it with third-party solutions, such as Nexus 2FA. I have seen this kind of setup in one of the client environments.

Customer support for Check Point NGFW is quite good. I would rate the customer support an eight on a scale of one to ten.

I did not previously use a different solution before Check Point NGFW.

The initial setup with Check Point NGFW is straightforward.

I have seen a return on investment with Check Point NGFW as it helps reduce business disruptions, indirectly allowing the organization to focus on their desired tasks and get things done properly while saving time and avoiding unexpected disruptions. This time savings has contributed to company growth happening at the backend.

My experience with pricing, setup cost, and licensing for Check Point NGFW indicates that the pricing is comparatively higher compared to other vendors, but it is worth it when considering the features. It is justifiable.

I don't have knowledge about evaluating other options before choosing Check Point NGFW.

When using application control and URL filtering, I would share my experience where the organization used these features to block unwanted applications and allow only legitimate specific applications such as LinkedIn, Dropbox, and OneDrive, which should be accessible to all employees. Rest applications such as Facebook, YouTube, WhatsApp, WeChat, and other file-sharing applications should be blocked in the networks, and no one should access those applications. For web filtering, users can only visit legitimate websites; they should not visit any hacking or malicious websites, only financial, government websites, and internal applications should be accessible to users. We have configured these types of policies for the organization.

My advice for others looking into using Check Point NGFW is to utilize multiple features of the Check Point firewall. There is a huge list of features in the SmartConsole, so implementing most of the features such as application control and HTTPS inspection can be beneficial.

I would rate Check Point NGFW a nine out of ten because I am expecting a few features that are missing in the Check Point firewall, which I already mentioned.

On-premises

My main use case for Check Point NGFW is to protect my corporate network.The protection from Check Point NGFW is used for all application traffic.

The best features Check Point NGFW offers are often considered to be the AI-powered threat intelligence, which I find valuable.The AI-powered intelligence from Check Point NGFW has helped my organization to detect faster threats and requires less manual intervention, but I don't have numbers as it is private to my company.Check Point NGFW has positively impacted my organization by improving the security posture over our network and over the organizations.The improvement in my security posture with Check Point NGFW means that the operating system is patched and hardened.

Check Point NGFW is good so far with that process, but there is always room for improvement.It would be beneficial for Check Point NGFW to integrate more advanced AI and machine learning algorithms for better threat detection and response.

I have been using Check Point NGFW for five years.

I did not purchase Check Point NGFW through the AWS Marketplace.Deploying Check Point NGFW in my environment is easy.The configuration process for Check Point NGFW requires some experience, but it is straightforward.

In my experience, Check Point NGFW has no downtime.

Check Point NGFW's scalability for my organization is good as it has been able to keep up as our needs have grown.

The customer support for Check Point NGFW is good, and I have not had to reach out often.I would rate the customer support for Check Point NGFW a seven on a scale of one to ten.

Neutral

I did not previously use a different solution before Check Point NGFW.

The initial setup with Check Point NGFW for me is straightforward.

My experience with the procurement process for Check Point NGFW is that it was easy.

I don't have specific metrics or examples in my mind, but it is good to have Check Point NGFW as a security device to protect the platform.

My thoughts about the metering and billing experience with Check Point NGFW are that it may be a bit pricey.Regarding pricing, setup cost, and licensing overall, it is considered more expensive compared with other providers.

Before choosing Check Point NGFW, I did not evaluate other options.

Check Point NGFW is deployed in my organization in a hybrid model, as it is both on-premise and cloud.For the hybrid deployment, we use AWS.I don't have any examples of how Check Point NGFW integrates with other AWS services I use because I don't use it much on the cloud.My advice for others looking into using Check Point NGFW is that it is good and offers security for companies.I rate Check Point NGFW an eight out of ten because it has good capabilities.My company does not have a business relationship with Check Point NGFW other than being a customer.I was offered a gift card for this review.I only use Check Point NGFW and no other tech products.I found this interview too long with too many questions, and I suggest reducing the number of questions.

Hybrid Cloud

Amazon Web Services (AWS)

My main use case for Check Point NGFW is using it as a next gen firewall for perimeter security, for branch connectivity, VPN access, and deep packet inspection of north south traffic. That is the main use case.

Check Point NGFW has positively impacted my organization, which has around two thousand employees, by keeping us protected from cyber threats. It's challenging nowadays, but with Check Point NGFW deployed for perimeter security, we effectively block unwanted or malicious intrusions, allowing all organizational users to stay safe while performing their tasks without disruption. The positive impact is evident as users remain focused on their work, which contributes to improving our organizational economic growth.

The best features Check Point NGFW offers include application control, which makes it granular control for managing applications. There are thousands of applications in the Check Point repository, making it easy to write a policy according to requirements based on application needs. Another feature such as URL filtering works efficiently, allowing us to categorize websites for user access. We can create allow and deny policies based on organizational needs. Additionally, there is IPS for preventing threats, which can take action against malware or unwanted traffic trying to enter the network. This keeps us safe and protected against cyber threats.

Check Point NGFW also has an antivirus capability and allows identity-based policies with easy integration of LDAP or two-factor authentication methods. HTTPS inspection stands out as Check Point NGFW excels in identifying threats because it inspects all traffic, including encrypted traffic, for malicious activities. Check Point has good hardware capabilities to accelerate and manage overall traffic load, accommodating heavy loads easily. SmartConsole centralizes firewall management for better control over multiple firewalls and policies.

For improvements, I believe integrating AI-driven features for bulk operations or complicated tasks would be beneficial for Check Point NGFW. A feature that allows users to prompt the AI for backend tasks would save operational teams time and streamline processes. Additionally, improving the dashboards for better visibility and metrics regarding attack traffic would also benefit the monitoring team.

I have been using Check Point NGFW for two and a half years.

I rate the overall stability of Check Point NGFW at a ten out of nine because, while it performs exceptionally, SmartConsole needs improvement regarding performance. Sometimes it takes time to install policies, but I believe future enhancements will improve this aspect.

Overall, I would rate Check Point NGFW as a nine for its good performance, leaving one point for future improvements, particularly in SmartConsole performance.

The scalability of Check Point NGFW is good. We can utilize its entire feature set, including URL filtering, application control, IPS, and threat intelligence. Integrations with LDAP and other two-factor authentication solutions are easily accomplished, adding to its good integration perspective.

Check Point NGFW's customer support is very good. Occasionally, responses can be delayed, but I understand there are circumstances on their side, which is acceptable. I hope their support will improve in the future.

Positive

My experience with Check Point NGFW's pricing reveals it is a bit higher than other vendors. However, considering the security and features Check Point NGFW offers, it's justified. Licensing can be complex and requires careful planning due to add-on licenses, so it's essential to plan what licenses our organization needs accordingly. The initial learning curve for new administrators can be challenging since it is not very user-friendly. However, for those who understand the product, handling all tasks becomes easier. For beginners, it can be complicated to grasp the Check Point NGFW architecture, and advanced reporting could be improved with better visuals or dashboards.

I recommend others looking into using Check Point NGFW to utilize all available licensing for application control, URL filtering, and IPS. It's essential to enable HTTPS inspection to understand its impact on firewall performance and plan accordingly. If the hardware is sufficient, higher models should handle heavy loads effortlessly. I suggest exploring SmartConsole features, as there are many available. Although not everything can be utilized, maximizing its capabilities is beneficial. Additionally, the inspection settings for IPS and TCP/UDP protocols should be adjusted according to best practices to ensure smooth operations without blocking legitimate traffic due to strict configurations. Overall, I rate Check Point NGFW a 9 out of 10.

On-premises

We use Check Point NGFW to secure the perimeter of our customers. It is a great solution that enables us to prevent any type of attack from external threats by securing our infrastructure up to level seven of the ISO OSI stack. We implement blades like IPS, anti-bot, and antivirus. We deploy different solutions such as physical Check Point or VSX, and we have also deployed on VMware and on physical appliances. The deployment is very easy, and after deploying the firewall and enabling all the blades, we just need to manage it.

The best feature of Check Point NGFW is the Threat Prevention blade, specifically EPS. In recent months, Check Point has offered automation to automate threat prevention, making it a very strong blade to secure our perimeter. This blade has blocked many external attacks that could have led to data loss or server compromise for our customers. Additionally, Check Point NGFW can be used in cloud environments like Azure and AWS. It's a great solution, easy to deploy due to templates in cloud environments. Other valuable features include Identity Awareness, which allows us to manage access to resources by user rather than by IP address.

It's not easy to say what needs improvement because it is a very strong solution. I think the VSX technology could be made easier to manage with elastic scalability and evolving technology. However, overall, Check Point is a strong solution that works very well, and I'm satisfied with it as is.

I have been using the solution for about seven years.

Scalability is very good. For example, if you have a VSX cluster, you can add a new member and use the VSX configure feature to push all the configurations to the new gateway. This makes it equal to the other members. Also, the scale set on cloud environments is the best concept of scalability because you can have templates that create new instances in case of high CPU utilization and decrease when it goes down.

The customer support is very, very good. We have premium direct support with all our solutions, and within a few minutes, we can be in contact with the TAC of Check Point. Also, the R&D provides us with custom fixes when needed.

Neutral

We also use a Fortinet solution, which is a competitive vendor. Fortinet offers vDOMs that allow for the creation of logically separate firewalls. However, Check Point is better. In the last three years, Fortinet has had a lot of CVEs that impacted security, whereas Check Point hasn't. Check Point is very secure.

The setup is not complex. We just need to install the operational system Gaia with an ISO file and perform a first-time wizard to set the initial configuration like DNS, NTP, and network interfaces. After that, we connect the firewall to the management server, which can be a Security Management Server or a Multi-Domain Management Server. Then, we can start creating new policy packages, new rules, and install them on the gateway.

In terms of time savings, Check Point NGFW saves time. By using NGFW with VSX, we can deploy many virtual firewalls using the same hardware. This is a time-saving measure because we don't need to deploy a cluster or a firewall each time; we just create a virtual system on the management server using the same appliance.

We evaluated Fortinet and Palo Alto. When we need to do a cost estimation for our customers, we consider these vendors. However, my team's experience is very strong with Check Point, so we try to buy a Check Point solution whenever possible.

I advise others to use Check Point NGFW because it is a great solution. I rate Check Point NGFW a nine. Considering the time of deployment, the quality of support, and the features and blades the vendor offers, it is on top of the world in this field. A nine is the right number.

Hybrid Cloud

Other

The checkpoint firewall is used as perimeter security for HO Location of the organisation.

It is deployed at edge to use it as next gen firewall including features like, Antivirus, IPS, Application control, URL Filtering etc.

Check Point Firewall offers strong NGFW (Next-Generation Firewall) features with smart security blades like IPS, Application Control, URL Filtering, Antivirus, Anti-Bot, Threat Emulation, and more—all in one device. It’s easy to integrate with other systems like Active Directory, SIEMs, and cloud platforms. I like how well it scales—whether it's a small office or a big enterprise, it works smoothly. The SmartConsole gives one place to manage everything. Tech support is knowledgeable and helpful, especially if you have a support plan. What makes Check Point unique is its ThreatCloud intelligence and the ability to create very detailed, identity-based rules. It also lets you handle complex networks with great control and visibility. Overall, it’s secure, flexible, and built for professionals who want full control over their network.

If you know checkpoint product well its easy to use and implement

Check Point NGFW helps solve key security problems like advanced threats, malware, phishing, and unauthorized access. With security blades like IPS, Anti-Bot, Threat Emulation, and Application Control, it protects both internal and internet-facing systems. One big issue it solves is hidden threats inside encrypted traffic—thanks to HTTPS inspection, it can scan encrypted data without slowing down performance.

What makes it even better is Check Point’s high-performance hardware, which is built to handle heavy traffic loads smoothly—even when features like HTTPS inspection and deep packet inspection are active. It also gives great visibility and control through SmartConsole and lets us manage users with identity-based policies.

Benefit : Faster detection, better protection, smooth performance, and easier management—all in one trusted platform.

Check Point Next-Generation Firewall (NGFW) offers robust security features that are highly beneficial for organizations when deployed as perimeter security. It combines traditional firewall capabilities with advanced threat prevention features such as Intrusion Prevention System (IPS), Application Control, Anti-Bot, URL Filtering, and Threat Emulation. These features help protect the organization from known and unknown threats, including zero-day attacks. With centralized management and real-time threat intelligence from ThreatCloud, it provides clear visibility and efficient policy enforcement. Its granular control over applications and users ensures secure access while maintaining network performance. This makes it a strong first line of defense at the network perimeter.

The product could benefit from improvements in simplifying policy management and minimizing false positives in threat prevention. Future releases would be enhanced by the addition of advanced reporting dashboards and deeper integration with third-party security solutions. AI-driven features would be highly valuable—particularly those that enable bulk operations and efficient handling of large numbers of objects or object groups. These capabilities would significantly reduce manual effort and save time for operational teams. Additionally, the inclusion of an AI-powered co-pilot mode to assist with configuration optimization and support prompt-based configuration would be greatly appreciated.

I have been using checkpoint firewall since 2 years.

Stability is good. Overall performance is good if you have higher end device then will work smothy.

Performance is good but sometimes smart console takes lil bit time to install policies. But thats not a major concern. Overall is good and faster.

TAC support is good , sometimes we get delay response but there are situations also from their side but in most cases its on time and good.

Positive

No

Initial setup is simple and straightforward. Complex for those who are just starting working with checkpoint but not much complex. If you learn the product well it will be easy to use and setup.

Through vendor team.

It saved time from business disruptions. Time gets utilised wisely that a positive impact of implementing Checkpoint NGFW firewall. 

Check Point NGFW offered a good balance of features and price. The licensing model was relatively straightforward.

I advise potential buyers to definitely take advantage of the trial period to test it in your environment, as it helped us solidify our decision. Ensure that your team gets proper training because, while it is easy to use, training maximizes its potential. I would rate the overall solution a 9 out of 10.

On-premises

Check Point Quantum Force (NGFW) is our primary firewall. As our primary firewall, it serves as our perimeter firewall in which all the user policies are made for traffic control. I do not have another main use case for Check Point Quantum Force (NGFW).

Check Point Quantum Force (NGFW) offers our global expertise and certification in Check Point, making it easy for us to use. Additionally, I love the application visibility and control part in Check Point, which I think is more visible and better than other OEMs. The application visibility and control in Check Point Quantum Force (NGFW) helps us in our day-to-day work by providing a micro-level understanding of who has been using unwanted applications, how the bandwidth is consumed, what applications users are using, and how much it impacts our business, giving us higher visibility. Check Point Quantum Force (NGFW) has positively impacted our organization by making it easy for us to handle due to our good expertise, although I haven't noticed major changes. The ease of use of Check Point Quantum Force (NGFW) leads to faster resolutions and a lower time of implementation.

I think Check Point Quantum Force (NGFW) should have something like FortiGate's free tokens for VPN; there should be some kind of free tokens to use the other blades. The rest of Check Point Quantum Force (NGFW) is all good.

I've been using Check Point Quantum Force (NGFW) for the last two to two and a half years.

Check Point Quantum Force (NGFW) is stable.

The scalability of Check Point Quantum Force (NGFW) is good.

I have not yet needed to reach out to customer support for Check Point Quantum Force (NGFW).

Neutral

I was using FTD previously before switching to Check Point Quantum Force (NGFW).

The company purchased Check Point Quantum Force (NGFW) because of the expertise we have in it; they bought a new firewall from the same OEM.

I can say I've saved time since using Check Point Quantum Force (NGFW), although I cannot guarantee the money saved because the company paid for it. Around five hours a week are saved since using Check Point Quantum Force (NGFW).

The pricing of Check Point Quantum Force (NGFW) is a little bit on the higher side compared to other OEMs.

For others looking into using Check Point Quantum Force (NGFW), I advise that it's a must-try because you get a very good level of security compared to other OEMs, especially if you are in a BSF segment. I would rate Check Point Quantum Force (NGFW) an 8 out of 10.

Hybrid Cloud

Amazon Web Services (AWS)